Problem
Windows 10 and MS Office have a large number of addresses they attempt to access over port 80 and 443. Much of this ignores the client proxy configuration.
Sophos UTM > Network Protection > Top Dropped Destination Services/Hosts
- a23-2-87-17.deploy.static.akamaitechnologies.com
- a104-64-234-58.deploy.static.akamaitechnologies.com
- a23-41-185-26.deploy.static.akamaitechnologies.com
- a96-17-229-36.deploy.static.akamaitechnologies.com
- a23-5-230-228.deploy.static.akamaitechnologies.com
All of these have CNAMES on Microsoft domains.
How do I allow this traffic without having to manually allow every single IP address? There are probably hundreds, if not thousands, of addresses MS/Akamai can use. I need to be able to use a DNS wildcard, but that only seems to be an option on the Web Filtering.
Can I force this traffic through the web filter and allow unauthenticated access somehow? There are dozens of domains here. How are other people using Sophos UTM dealing with this sort of outbound traffic?
https://docs.microsoft.com/en-us/windows/privacy/windows-endpoints-1803-non-enterprise-editions
https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1803-endpoints
https://docs.microsoft.com/en-us/office365/enterprise/managing-office-365-endpoints
This thread was automatically locked due to age.