Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG is contacting whatfix.com when I change firewall rules

I noticed that when using the GUI, and do some changes to rules or policies, that in bottom left corner of my browser there is "waiting for whatfix.com".

So it seems the XG is sending information to that website. Why is it doing this? What data is transferred? And how can I disable that?

Running Browser Inspections this is shown:

<script type="text/javascript" charset="utf-8" integrity="sha384-Ri1cUxmQGTk6k9rHS1TVx4oxxxxxxxxxxxxxxxxxxxxxp5yiG53soWAwGA4pxnnd" crossorigin="anonymous" src="">cdn.whatfix.com/.../script>

Even Javascript is downloaded! Why?



This thread was automatically locked due to age.
Parents Reply Children
  • You should cpntact Sophos here: https://www.sophos.com/en-us/legal/sophos-gdpr

    __________________________________________________________________________________________________________________

  • Given this info, Sophos should consider making the Assistant an item that can be easily disabled.... It is a cool feature but this does introduce some new attack vectors (some outside of anyone's control).

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • I'm thinking it might be that Sophos could have processes SC that monitor the contents of included code or destinations of links, etc, and sends a kill signal to XGS's if they detect a change that was not coordinated with Sophos. But that might be too iffy.

    So a switch in the XG to turn it off would allow folks to make their appropriate tradeoff of security and ease-of-use.

    We, of course, have the option to block outbound communications to whatfix.com, either through the XG, or endpoint, or other laptop firewall software. I've stopped it that way, but an actual switch would be nicer. And now that I think of it, I wonder if my fix has caused slight glitches in the rest of the interface... Hmmm...