https://community.sophos.com/on-premise-endpoint/f/sophos-endpoint-software/95667/how-to-avoid-risky-download-exe-warning-on-specific-website-in-sophos-central-endpoint-protectionUsing Sophos Central Endpoint Protection I have configured Policies &gt; Web Control &gt; Additional Security Options &gt; Block Risky Downloads &gt; Risky Filetypes &gt; Windows Executable as &quot;Warn&quot; in order to make users think twice before downloading executable filesen-USTelligent Community 12https://community.sophos.com/thread/384940?ContentTypeID=1Fri, 28 Sep 2018 10:19:25 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:1ad04703-d260-4a0a-b14c-12ff02fd2b4fCasey Moore<p>THANK YOU!!!!</p> <p>It was one of the first things I tried but I did it by hostname, which didn&#39;t work.</p><div style="clear:both;"></div>https://community.sophos.com/thread/384666?ContentTypeID=1Wed, 26 Sep 2018 08:31:44 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:dd7e3046-dfad-41a5-b0ce-e8ece3f4ae38Paul Warren<p>Thanks Jak - that seems to work.&nbsp; (Just over a year to get a working answer!)</p> <p>Paul</p><div style="clear:both;"></div>https://community.sophos.com/thread/384661?ContentTypeID=1Wed, 26 Sep 2018 07:28:37 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:0f3e42c3-dd35-4a0c-a989-11142a017218jak<p>You can exclude the server by IP and it will not block/warn or anything which seems OK at least for Intranet sites.<br /><br /><a href="https://central.sophos.com/manage/config/settings/scanning-exclusions">https://central.sophos.com/manage/config/settings/scanning-exclusions</a><br />Add the IP as a website.<br /><br />You can also make the exclusion in a threat protection policy rather than globally if needed.<br /><br />Regards,</p> <p>Jak</p><div style="clear:both;"></div>https://community.sophos.com/thread/384659?ContentTypeID=1Wed, 26 Sep 2018 07:03:08 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:78375a01-e3bf-4519-bbf4-ee91697c0bfcAlguth Gogekl<p>Thank&#39;s Paul!</p> <p>We&#39;ll do the same then and report back. But anyhow - this is not a real solution @Sophos!&nbsp;<br />Would be nice to add a exception list inside the policy...</p><div style="clear:both;"></div>https://community.sophos.com/thread/384645?ContentTypeID=1Wed, 26 Sep 2018 04:17:01 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:cf608266-a419-4310-9441-ada631c24f97Paul Warren<p>I moved my deployment website to https which is not checked/blocked.</p> <p>Paul</p><div style="clear:both;"></div>https://community.sophos.com/thread/384643?ContentTypeID=1Wed, 26 Sep 2018 04:07:00 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:7fc60af2-5cee-4ad4-8ef7-4df73f39ab73Alguth Gogekl<p>Hello!</p> <p>&nbsp;</p> <p>Was there any solution for this?</p> <p>We are looking at the exact same situation - our users are warned when downloading content from the Intranet... (e.g. finished exes from the build server)</p> <p>&nbsp;</p> <p>Thank you!</p><div style="clear:both;"></div>https://community.sophos.com/thread/380463?ContentTypeID=1Sat, 04 Aug 2018 06:52:15 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:4e2b78d9-be4d-4fb6-ac85-7f7991d8754fGowtham Mani<p>Hi&nbsp;Casey Moore,</p> <p>If possible, Can you please PM the site and the files that you are trying to access from the website? We would try&nbsp;recreating it in my lab environment and see what exactly is happening here.</p><div style="clear:both;"></div>https://community.sophos.com/thread/379690?ContentTypeID=1Wed, 25 Jul 2018 13:08:56 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:e6f7927d-f287-4d68-b198-1357312b1833Casey Moore<p>Hi Barb,</p> <p>Currently I am using a web control policy configured with the Additional Security Options, to block/warn for exe,msi,and pdfs.</p> <p>However despite specifying a tagged website within the policy as &quot;allow&quot; documents accessed from the site are still blocked/warned.</p> <p>The Additional Security Options appear to be separate from the Web tagging.</p> <p>&nbsp;</p> <p>Edit: Also after some testing the first web control policy a user hits that has the Additional Security Options configured is the settings that apply to a user.</p> <p>regardless of what sites are configured in website management. Essentially that setting does not &quot;Waterfall&quot;&nbsp;</p><div style="clear:both;"></div>https://community.sophos.com/thread/379489?ContentTypeID=1Mon, 23 Jul 2018 14:46:36 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:ada6e4bc-da33-4f85-bdc6-d626d6251491Barb@Sophos<p>Hello Casey Moore,</p> <p>Could you please provide more information regarding your Central settings for the Web Control policy? <br />Also, can you please provide some examples of what is&nbsp;being affected?</p> <p>Here&#39;s some documentation that might help:</p> <p><a title="ConfigureWebControl" href="https://docs.sophos.com/central/Customer/help/en-us/central/Customer/concepts/ConfigureWebControl.html" target="_blank">ConfigureWebControl<br /></a></p> <p><a title="How to exempt a website" href="/kb/en-us/121797#Why%20are%20some%20files%20blocked%20based%20on%20the%20Additional%20security%20options%20settings%20and%20others%20are%20allowed" target="_blank">How to exempt a website</a></p> <p>Regards,</p><div style="clear:both;"></div>https://community.sophos.com/thread/379483?ContentTypeID=1Mon, 23 Jul 2018 13:41:47 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:f4a3848d-4d7f-48d2-a97e-892dbb136842Casey Moore<p>So its been nearly 10 months since this question was asked, did any resolution come of it?</p> <p>&nbsp;</p> <p>This would be really nice, cause warning my users about ever document they pull off the company intranet is just making it to where they are ignoring the message all together.</p> <p>Which is not what I want.</p><div style="clear:both;"></div>