This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to avoid risky download exe warning on specific website in Sophos Central Endpoint Protection

Using Sophos Central Endpoint Protection I have configured Policies > Web Control > Additional Security Options > Block Risky Downloads > Risky Filetypes > Windows Executable  as "Warn"  in order to make users think twice before  downloading executable files.

I am now trying to implement an exception for a specific website/url where I actively want users to be able to download an exe without a warning (plus the warning is not displaying properly anyway due to framing on that webpage?)

I have tried setting a custom control for the specific website by Global Settings > Website Management and adding the website domain, selecting category as Download (?) and a creating a custom tag,  and then going back to Policies > Web Control > Control Sites Tagging in Web Management to set the custom tag as Allowed. 

However after applying the updated Web Control policy the print client exe is still triggering a warning.

How can I implement an exception to my Risky Filetypes Executable Warning policy?

Paul

 



This thread was automatically locked due to age.
Parents
  • So its been nearly 10 months since this question was asked, did any resolution come of it?

     

    This would be really nice, cause warning my users about ever document they pull off the company intranet is just making it to where they are ignoring the message all together.

    Which is not what I want.

  • Hello Casey Moore,

    Could you please provide more information regarding your Central settings for the Web Control policy?
    Also, can you please provide some examples of what is being affected?

    Here's some documentation that might help:

    ConfigureWebControl

    How to exempt a website

    Regards,

    Barb@Sophos
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

     

  • Hi Barb,

    Currently I am using a web control policy configured with the Additional Security Options, to block/warn for exe,msi,and pdfs.

    However despite specifying a tagged website within the policy as "allow" documents accessed from the site are still blocked/warned.

    The Additional Security Options appear to be separate from the Web tagging.

     

    Edit: Also after some testing the first web control policy a user hits that has the Additional Security Options configured is the settings that apply to a user.

    regardless of what sites are configured in website management. Essentially that setting does not "Waterfall" 

Reply
  • Hi Barb,

    Currently I am using a web control policy configured with the Additional Security Options, to block/warn for exe,msi,and pdfs.

    However despite specifying a tagged website within the policy as "allow" documents accessed from the site are still blocked/warned.

    The Additional Security Options appear to be separate from the Web tagging.

     

    Edit: Also after some testing the first web control policy a user hits that has the Additional Security Options configured is the settings that apply to a user.

    regardless of what sites are configured in website management. Essentially that setting does not "Waterfall" 

Children