Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 7051 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to allow or deny Internet access by user agent

AleksMar

Hi,

Could you prompt how to allow or deny Internet access by user agent?

Like it was in Microsoft TMG2010.

I would like to block access for user agent redoc1001

2017:08:11-16:32:32 sop01 httpproxy[23943]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="XX.XX.XX.XX" dstip="XX.XX.XX.XX" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (WebFilter for SATASRV)" filteraction="REF_HttCffFilteSatasNetwo (Filter Action 07)" size="339" request="0xa3aea00" url="YYY.YYY.com/.../SDOWeb.asmx" referer="" error="" authtime="0" dnstime="1" cattime="218" avscantime="3194" fullreqtime="178040" device="0" auth="0" ua="redoc1001" exceptions="" content-type="text/xml" application="soap" app-id="1200" sandbox="-"

thank you

Aleksey



This thread was automatically locked due to age.
  • 0

    Hi Aleksey,

    This is a pending feature request, please cast your vote here.

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0

    There is complexity to this.  

    I have been collecting unique UA text for awhile, and my list currently has over 1800 entries, including 47 related to Java (UAs of the form JAVA*, JNLP*, jucheck, or jupdate), and over 900 containing MSIE  Some of those, such as Google Toolbar, are products that use MSIE rather than IE itself.  It is much more complicated than saying "block all Firefox".  

    Regular expressions provide the most flexibility for matching, but they also provide the greatest risk of unexpected results.  To ensure the intended coverage, while preventing false positives, someone needs to have visibility into all of the UA text strings that can be expected.   That knowledge seems impossible to obtain.

    Admittedly, you seem to have one of the easiest scenarios, a short string with no special characters, which makes the problem appear simple to implement.

     

     

Unfiltered HTML