Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 68802 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I may have found a massive hole in Data Control which is slightly worring?

nerohero

It would appear that if you create a Data Control Policy which prevent users from emailing file types to unauthorised email destinations like gmail, webmail, hotmail and attach any document from a network directory it allows the email to be sent (Shocking).

If you attach a file from your local machine it blocks the file fine, it would seem that the Sophos agent has difficulties understanding mapped drives which it pretty shocking for a security product.

Note:

I have sent this information to Sophos to review and I may have missed something so don't take this as gospel.  This maybe an isolated issue which is happening in my environment.

Server 2003 R2 x64 SEC 4.7.0.13

Client Win7 x86 9.5

:15489


This thread was automatically locked due to age.
Parents
  • 0

    You are quite correct and if I do uncheck "Exclude remote files" it does work however not many people would uncheck this because of the realtime scan being run on the remote server. (Sophos are aware of this issue)

    Back to the "Bug"

    I have been toying with the problem all morning and here are my results:

    If you attach a file from your desktop and the root if you c:\ drive then this is fine everything is logged and rules are enforced.

    The issue becomes apparent when you access your %USERPROFILE% it seems all locations within your userprofile with the exception of the desktop do not get enforced.

    c:\Users\%username%\Desktop\test.txt = okay

    c:\Users\%username%\test.txt = fail and all locations from here.

    I think I may have an understanding of why this is happening a:\ we use roaming profiles and b:\folder redirects on " My Documents" to a remote server however the "My Documents" I can userstand but not the roaming proflies.

    :15519
Reply
  • 0

    You are quite correct and if I do uncheck "Exclude remote files" it does work however not many people would uncheck this because of the realtime scan being run on the remote server. (Sophos are aware of this issue)

    Back to the "Bug"

    I have been toying with the problem all morning and here are my results:

    If you attach a file from your desktop and the root if you c:\ drive then this is fine everything is logged and rules are enforced.

    The issue becomes apparent when you access your %USERPROFILE% it seems all locations within your userprofile with the exception of the desktop do not get enforced.

    c:\Users\%username%\Desktop\test.txt = okay

    c:\Users\%username%\test.txt = fail and all locations from here.

    I think I may have an understanding of why this is happening a:\ we use roaming profiles and b:\folder redirects on " My Documents" to a remote server however the "My Documents" I can userstand but not the roaming proflies.

    :15519
Children
No Data
Unfiltered HTML