https://community.sophos.com/sophos-xg-firewall/f/discussions/123753/ips-with-webproxy-mta-wafHi all, I&#39;m testing XG firewall as home user now in a side role (proxy) before putting it in as router. I have now v18.0.3. I could not find answers to question below. If IPS (Application Control) is configured in FW policy, does it work for: en-USTelligent Community 12https://community.sophos.com/thread/451397?ContentTypeID=1Sat, 31 Oct 2020 12:45:46 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:9b7e283b-2a8d-4a8c-9e7a-43b5ed13fd42Tomas Beran<p>Hello Emmanuel,</p> <p>thanks for feedback.</p> <p>I did a test with webproxy when it is configured in browser (NO transparent).<br />The IPS seems to be triggered on http cleartext traffic.<br />But IPS does not trigger for HTTPS traffic even if it is decrypted by webproxy.</p> <p>So my conclusion is:<br />1. IPS is applied to traffic passing through IPS engine to webproxy port. With HTTPS it sees only the SSL/TLS stream.<br />2. the decrypted cleartext traffic by webproxy in this scenario is not scanned by IPS itself -&gt; no reason to enable it if most traffic is HTTPS and in this case it does not protect clients<br />3. probably the same for Application contorol</p> <p>I would expect that the same is for WAF if all traffic is https. IPS can see only SSL/TLS stream, but can&#39;t see the inner clear text traffic to protect for example vulnerabilities in web server etc.</p><div style="clear:both;"></div>https://community.sophos.com/thread/451364?ContentTypeID=1Fri, 30 Oct 2020 22:43:29 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:e4835c9f-01a5-479e-b055-7a8a6371e761emmosophos<p>Hello Tomas,</p> <p>Thank you for contacting the Sophos Community!</p> <p>Yes, IPS will work for Web Proxy, MTA and WAF Traffic.</p> <p>Regards,</p><div style="clear:both;"></div>