Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 0 subscribers
  • Views 11032 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Restricting External Websites down to three or four

goffley

Hi all,

This is my first thread on here. I am using the Sophos Enterprise Console to restrict website usage to like two websites (specifically login.microsoftonline.com, https://cdf.zendesk.com). I have created rules to allow these websites through and I have also created rules for our internal sites as well. My issue is that when the firewall is enabled it restricts all website usage with external websites. Internal websites work. I've looked into the logs on the endpoints and they seem to be blocking the urls that I made rules to allow through. What I've had to do is to go through these logs and add the IP addresses to the rules since they seem to keep changing. My issue is why do the IP addresses matter when I have designated the urls? I have a mix of OSs but most of them are Windows 7 x64 and x86 units. I am using Enterprise console 2.1.0.1839 and the endpoint version is 10.3.

Any help would be appreciated.

:55242


This thread was automatically locked due to age.
Parents
  • 0

    Good morning,

    When you configure your firewall policy you have two options for web control.

    The first is Inappropriate website control, which allows you to control access to websites in the classifications listed. Any websites not in these classes will not be controlled by the policy. I suspect this is the one you are using.

    The second is Full Web Control. For this you need to have a Sophos Web Filter. This allows you full control over endpoint web browsing and also allows you to ensure that any changes you make on a web filter are dynamically applied to endpoints, even if they are offsite.

    web-policy-1.PNG

    Any firewall should not be rolled out without fully testing as you could end up causing yourself a lot of grief. Having said that from your first post I would assume you know what you're doing.

    I think you have three options;

    1. If you have a Sophos Web Filter use Full Web Control.
    2. Use the Inappropriate Web Control. In this way you can be safe in the knowledge that endpoints are protected from malicious websites. This will allow users access to sites other than the list you wish to deploy.
    3. If you don't have a Sophos Web Filter and must restrict users' internet access then it looks like you'll have to deploy a firewall policy. Ensure you follow the guidance here, http://www.sophos.com/en-us/support/knowledgebase/57757.aspx and here, http://www.sophos.com/en-us/support/knowledgebase/63997.aspx and then fully test on a local machine before rolling out across the network.

    Regards.

    :55282
Reply
  • 0

    Good morning,

    When you configure your firewall policy you have two options for web control.

    The first is Inappropriate website control, which allows you to control access to websites in the classifications listed. Any websites not in these classes will not be controlled by the policy. I suspect this is the one you are using.

    The second is Full Web Control. For this you need to have a Sophos Web Filter. This allows you full control over endpoint web browsing and also allows you to ensure that any changes you make on a web filter are dynamically applied to endpoints, even if they are offsite.

    web-policy-1.PNG

    Any firewall should not be rolled out without fully testing as you could end up causing yourself a lot of grief. Having said that from your first post I would assume you know what you're doing.

    I think you have three options;

    1. If you have a Sophos Web Filter use Full Web Control.
    2. Use the Inappropriate Web Control. In this way you can be safe in the knowledge that endpoints are protected from malicious websites. This will allow users access to sites other than the list you wish to deploy.
    3. If you don't have a Sophos Web Filter and must restrict users' internet access then it looks like you'll have to deploy a firewall policy. Ensure you follow the guidance here, http://www.sophos.com/en-us/support/knowledgebase/57757.aspx and here, http://www.sophos.com/en-us/support/knowledgebase/63997.aspx and then fully test on a local machine before rolling out across the network.

    Regards.

    :55282
Children
No Data
Unfiltered HTML