I am unable to block the Hoxx VPN extension on firefox. I followed the Application filter recommended settings for better application detection (https://soph.so/WtpQzU). The application uses port 80/443 for VPN servers. Sophos XGS is unable to block the VPN.
Can you check the application rule, based on the Screenshot, the policy is allowed.
Erick JanCommunity Support Engineer | Sophos Technical SupportSophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
It is already blocked in the applications filter. The VPN is using URLs (General Business category) for evading detection.
Can you check the IPS signature version?
"The resolution has been included in app signature version x.15.63"
Also, can you do a test FW rule on top, allowing HTTP,HTTPS,SMTP,ICMP then turn on the " Scan HTTP" and put the application Filter.
then try to connect the VPN again.
which firewall rule is it using?
Do you have https scanning enabled with decryption and CA installed on the end device? Do you limit the ports on the firewall rule?
XG115W - v19.5 GA - Home
Test machine - Asus P10S-i E3-1225v5, 6gb, 4 intel NICs, v19.5 GA
If a post solves your question please use the 'Verify Answer' button.
The application signature version is 18.19.54.
I added a test FW rule on top. Hoxx VPN is still working.