We have a Base Policy for Web Control, that every user picks up.
In the Website Management, we have websites like DropBox added and tagged to block in the policy.
I have tried numerous links and websites including DropBox, and it blocks as expected, we had a user say they could access and now they can't.
I wanted to find out why they would have been able to and now they can't, as they are in the Base Policy?
How is this possible?
Thank you for reaching us,Multiple things need to consider for this investigation.Does the device that user used already has an endpoint installed on his/her system when they try to access dropbox?Was he/she accessing dropbox using a link or via dropbox apps? Does the device the user is using eas manage on your central dashboard?
I would check the SophosNetFilter.log log file. Hopefully you have logs going back to the time when they could access it. They are under: C:\ProgramData\Sophos\Sophos Network Threat Protection\Logs\
Thanks.