This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block Android Games from Accessing Internet.

I have implemented Sophos XG on an old computer. I am very happy with it so far. But I was wondering if it could address an annoying challenge that I am facing these days. I have a 5yo child who plays games on an android device, and those games are bombarded with Ads of others games and sometime inappropriate content for children. I find if I block the WIFI the ads stop, so these apps are clearly accessing internet actively to get those adverts displayed on the device. 

I can't obviously can't keep the WIFI of the device disabled all the time. I was wondering if I could use Sophos to block these android games to not be able to use internet. Is there a way I can do it.

A fair warning!!  I am very new to the world of networking, So explain the steps to me as you would explain to a Grandpa :) 



This thread was automatically locked due to age.
  • Hi,

    yes you can block it a number of ways. the easiest will be to create another SSID for the android user and put a restrictive policy on that access IP address. Make sure you change the password on the other SSIDs.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • can you give me some details on what type of policy do I create? and what parameters should I set? 

  • Hi,

    what rules do you have in place, did you build the rules or are they the default from installation?

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • "I can't obviously can't keep the WIFI of the device disabled all the time." It seems like you actually could do this. Put the device on a separate SSID and deny it internet access entirely. Once a week or once a month, you enable access while you update Android and the apps that you allow. In some sense primitive, but in some sense simple and bullet-proof.

    (If you're only concerned about updates and it they auto-occur in Android, you could even set up a schedule for the SSID to only allow internet access from 2-4 AM when you'll theoretically have the device on a shelf under your control overnight and it will update itself. Again, that assumes the device is for games only and the child has other devices for tasks that require internet access.)

    In terms of the policies that rfcat_vk mentioned, under Web > Policies you'll see a bunch of premade policies, including one that tries to block ads. It sort pf depends on how the ads you're seeing are actually served to the device: do they come from known ad servers, etc. You would enable a policy from a firewall rule, which could include a separate rule you make to cover the device itself or a separate SSID/VLAN you create for child devices. (The rule would have to go higher in the rule list, so that it acts first, before more generic rules. You can create new policies.

    You could make rules for a Child SSID/VLAN to only allow traffic to Android updates/store and key websites. Probably pretty tedious, but...

  • Default from Installation

  • Hi,

    before we go down a configuration change page I would like you read the  XG guide at the top righthand side of the forums. The document will then give you an idea what the forum responses are suggesting and make life easier for you.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.