Web Policies not taking effect 100%?

Hi All, 

I've managed to get a second XG firewall for our business (XG210) which I've installed this week. 

I firstly had an issue whereas every web page was really slow to load (taking 5 to 10 seconds) but just by setting my [FIREWALL > User /NETWORK Rule > Web Policy] to 'none' and saving, then changing it back to 'Default Work Place Policy' and saving it seemed to have sorted the speed issue. every page now loads instantly..

The problem i have now, I'm trying to test the policy by loading up gun sites expecting to see a rejected page,  2 of 40 sites I've tested say "Your organization's policy prohibits access to websites categorized as Weapons." the rest of the sites have just let me in.

 

As a couple has been blocked, it would suggest that the policy rule is working, but is there a way to get a better block rate?

 

Sorry, i'm not a firewall guru yet, i'm still learning :)

 

Many thanks in advance

Dave

  • Hi Dave,

    question is if these websites have been identified and rated by sophos. As far as I understand there is no automatic identification.

     

    Regards, Jelle

  • Upper right, click on Log Viewer.  Switch tab to Policy Tester.

    Put in the URL and test.

    If the category is Weapons then it should be blocked.  If the category is not then, well it depending on your settings.

    If you think the category is incorrect, then you can submit it to Sophos to be changed.
    https://secure2.sophos.com/en-us/support/submit-a-sample.aspx

     

    The automatic categorizer can sometimes get things wrong.  For example a shopping site where you can buy guns might be categorized shopping.  A forum where people talk about guns could be categorized as Forum.  Humans are much better at determining the best category when there are multiple categories that fit.