Website blocked notification

Hi,

New user to Sophos Central/InterceptX, finding my way around most of it, but a bit puzzled with blocked websites.

Using base policies etc, when a user tries to access a site deemed "dodgy" (pornhub.com for instance) they just get a standard network connected failed type of error, as if the site does not exist. 

How do I setup Sophos so it displays some sort of notification to say its being blocked on purpose ? I can see a lot of helpdesk tickets being raised for "website not working" whereas if they at least get a notification, it gives them so guidance and info before contacting me.

I've not read all the docs yet so an answer prob is in there somewhere, but I need to get this sorted ASAP before we go nuts Slight smile

Thanks!



Added tags
[edited by: Gladys at 6:58 AM (GMT -7) on 18 Jul 2022]
  • Hello there,

    Thank you for reaching us, to understand further about the website blocking notification you may refer to this documentation. For windows devices A notification pop-up will be displayed, or the browser will show a page detailing the content blocked or warned. HTTPS websites will show a message Website cannot be found and no toast notification will be displayed

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer | Global Community and Digital Customer Support
    Connect, Engage, Earn Rewards - Join the Sophos Community
  • That link just gave me same info you posted............ Slight smile

    Why no toast/popup for HTTPS sites ? Considering thats what most websites are now, seems bit backwards. And confusing for end users and frustrating for IT support as we'll have to check every single website we get told "isnt working" to see if its actually down or just being blocked  :-/

  • We are currently working on HTTPs inspection and its not turned on by default and is still in EAP for a lot of accounts. To turn it on, go to Global Settings> SSL/TLS decryption of HTTPS websites

    If you have access to this - then you can turn it on and HTTPs blocks will generate a block page instead of the website not found display. If you don't see that setting available, you can choose to enroll in the New Endpoint Protection Features EAP to access it (Click on your name in upper right > Early Access Programs)

    Unless the endpoint is configured to decrypt and scan SSL/TLS connections, all it can do is throw up a website not found because we stop the page load but have no way of injecting a new page into the connection.

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.