Hi,
customer likes to do:
User using a mobile Device Web Control is working as the policy says.
When the same User is using a stationary PC or is wthin the Company network, Web Control should not run on the client or with lower policy, but the Company proxy is used instead.
Is this possible?
Sven
Hi Sven,
Thanks for reaching out to us.
By "mobile device" do you mean a Laptop?
If all of your endpoint devices are registered in Sophos Central and have Sophos Endpoint installed on them, it is possible to create multiple Web-Control policies. As Web-Control is specifically a "User-based" policy you will need to create an additional user entry specific to the laptops in Sophos Central.
eg: Bob-Desktop, Bob-Laptop
Once these unique users are created, you can look into the pre-existing users under the "People" tab. Open up the entry for "Bob" that has a green check-mark. Looking under the "Logins" section near the bottom right of the user's page you will see one or more entries that look like "Device\User", or "Domain\User". One of these entries will correspond to the laptop login and one will correspond to the desktop login. You can move the "Laptop\User" so that it shows up under "Bob-Laptop", and the "Desktop\User" under "Bob-Desktop". Web Control policies can then be assigned as needed.
Note: If you are using domain logins and both the laptop login and desktop login are the same, you may need to create a new user entry in AD so that a new "Login" is created in Sophos Central to be used for this purpose.
I will test a bit further to see if I can find a work-around that will avoid the need to create a new AD user and update you here with my findings.
I recommend discussing this limitation with your Sophos Channel Account Manager.
Unfortunately, I wasn’t able to find another way to get this to work as desired.
I recommend discussing this limitation with your Sophos Channel Account Manager.
Unfortunately, I wasn’t able to find another way to get this to work as desired.
