Sophos Central Admin: Sophos Central Engineering will be performing routine maintenance to Sophos Central on Saturday February 1, 2020 starting at 13:00 (UTC). For more info please see KBA 133402.
This article provides instructions on how to configure Web Protection to block access to malicious websites and enable download scanning.
The following sections are covered:
Applies to the following Sophos product(s) and version(s) Enterprise Console
Web Protection provides enhanced protection against web threats. It includes the following features:
Web Protection is supported on the following web browsers: Internet Explorer, Firefox, Google Chrome, Safari, Opera and Microsoft Edge. Web content accessed via an unsupported browser is not filtered and will not be blocked. When access to a malicious website is blocked, an event is logged that can be viewed in the Web Event Viewer and in the Computer details of the endpoint computer where the event occurred. If you use the Web Control feature, both Web Protection and Web Control events are displayed in the Web Event Viewer and Computer details. Note: To have more control over which websites users are allowed to access, for example, to protect users from visiting websites for which an organization could be legally liable, use the Web Control feature.
Note: If you use role-based administration* then before you start the procedure described below be aware that:
For more information, see Designing sub-estates and role-based administration.
Note: If on-access scanning is turned off on a server, Sophos recommends to set up scheduled scans on the relevant computers. For instructions on how to set up scheduled scans, see Anti-Virus and HIPS settings: guide to scheduled scan settings.
By default, Sophos Endpoint Security and Control scans files as the user attempts to access them, and denies access unless the file is clean.
Decide to turn off on-access scanning on Exchange servers or other servers where performance might be affected. In this case, put the servers in a special group and change the anti-virus and HIPS policy used for that group as shown below.
Web Protection is now configured.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.