Hi forum.
We've been having some issues with some Microsoft FQDN's and have used FQDN hosts with the * filter though with some of them we've found with some Microsoft services they will use a local akamai or cdn in some cases and will not be able to match the *.domain pattern properly.
Tying to move some of those domains to Web Policies but the default action at the bottom of the policy allow/deny makes it inflexible and more or less requires you to match all your web traffic with a single rule which is not ideal for us as you end up with a really complex single rule that nobody wants to touch .I would much prefer to see another action be available like Bypass or Ignore to allow rules to be matched to firewall rules situated underneath this rule.
We usually group couple of rules with functions that are similar ie Conferencing,Updates,Telemetry,Productivity, 3rd Party etc
The other issue we hit with web policies when we match them with web categories that we create out of Sophos Central, we need per site override of QOS because not each site has the same bandwidth capabilities.Setting it locally via the web gui means it will get override by whatever is set in Sophos Central if it gets updated (usually QOS of none) which is really not ideal.
This thread was automatically locked due to age.