This article provides a list of frequently asked questions regarding Web control in Sophos Central.
Applies to the following Sophos product(s) and version(s) Sophos Central Admin
The following list of bullet points will help you to differentiate between the two features:
Depending on the policy you have configured in Sophos Central, the tests you may need to perform may differ. This answer provides the most common way to test Web control functionality is working.
SophosLabs have provided the following webpage: http://sophostest.com/ to test category classification.
In addition to checking the 'Events' report in Sophos Central for Web control events, on the endpoint logs or behaviors can also be checked or observed to see evidence of Web control being operational:
com.sophos.webintelligence: [Date] [Time] Policy action 'block' on 'https://www.facebook.com'
The following article provides information on what to check: 121426.
On Windows, blocked resources obtained using HTTPS will display popup messages. These balloon or 'Toast' messages can be suppressed if required by following article 120971.
It is possible to obtain trace logging for both Web protection and the Web control components on the endpoint. Please contact Support quoting article 116769 and they will best guide you with the appropriate level of logging.
This may be correct based on the Web control policy configured for the user. The following steps should be followed to determine the correct behavior.
Not at this time. Web control is only available on Windows and Mac.
Under the 'Additional security options' of the web control policy it is possible to control access to individual file types. For example you can block executable files. These checks are also subject to SXL lookups to see if they are from a trusted source. For example an executable file from Microsoft or Apple is not subject to the same checks as that from a unknown source.
One way to exempt a website is to use tags. For example. If you wanted to allow the site: 'uk.video.search.yahoo.com', that was previously blocked you could do as follows:
Note: it is also possible to override the category of a site in a similar way using the 'Web Control Customizations' page.
There are a few reasons which may explain why a site doesn't behave as expected.
Note: See the question 'How can I check the client has the latest policy from Sophos Central?' to check the client has the updated policy if in any doubt.
As a first test, try adding the IP address of the webcam to the malware scanning exclusions in Sophos Central for the policy applied to the computer. The IP or IPs can be added as a 'Website' type exclusion. Note: This is not a Web control customization but a Web protection exclusion as found under the malware section of the policy.
Once the computer has received the policy and the exclusion is in place, try again to access the web cam using the web browser.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.