This is more of a FYI then a question. But would like to request FQDN be added to "REMOTE ADDRESS" in windows isolation, and documentation updated for windows isolation exceptions
Windows Isolation Exceptions. Requirements. Direction and Port. Sophos words: You must set at least one of the direction, port or address options.
Teamviewer IPs. Link - Not complete/updatewww.teamviewer.com/.../
TV recommendations - Whitelist FQDN *.teamviewer.comSince Sophos isolation it's not possible to use FQDN, you can only use IPv4, IPv6 or CIDR in the remote address section.Link to subdomains search report *.router.teamviewer.com - This is a way to add it.https://subdomains.whoisxmlapi.com/lookup-report/mwkWKqZPkK
Noted: Since TCP uses HighPort (random) from the link below, that you can leave one port BLANK, or an address. This is not listed in the Isolation Documentation btw.Deal with IPS alerts - Sophos Central Admin
Most TCP connections have a random port number as their origin port. We recommend that you use a local port and add specific protocols (such as RDP (3389) or HTTP (80) traffic) to your allow list.
For example, to allow RDP connections from the administrator’s computer of 10.10.10.15 to other computers, use the following settings:
* one local or remote REQUIRED
Conclusion - Since Teamviewer IPs are not up-to date, and Sophos doesn't allow FQDN, The only rule you can add for teamviewer is the following. (unless you allow LAN connection locally then you would need remote address eg. 10.10.0.0/16)
References: EDR: Instructions Device Isolation on Sophos Central. – Techbast
Thanks for reaching out to the Sophos Community Forum and for sharing your insight into this issue you encountered.
I will follow up with our documentation team to request that a mention of "any" port can be specified by leaving the port entry blank.
If you would like to see FQDN compatibility added to the IPS exclusions, I'd suggest getting in touch with your Sophos Account Manager to submit this as a feature request. I will follow up with you via private message to share further details.