Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall Compliance with UK Government's Keeping Children Safe In Education

Hi Sophos / Community,

Please can someone confirm that Sophos Firewall Web Fitlering is compliant with the UK Government's Keeping Children Safe In Education standards? I'm unable to provide a direct link to the UK GOV website where this inforamtion is shown as this forum automatically flags it as spam, and the post removed by the automod.

You can readily find these standards by searching for the aforementioned, but in particualr I would like to know if the Sophos Firewall Web Filtering is capable of the following (excerpt):

Technical requirements to meet the standard  

Make sure your filtering provider is: 

a member of Internet Watch Foundation (IWF) 
signed up to Counter-Terrorism Internet Referral Unit list (CTIRU) 
blocking access to illegal content including child sexual abuse material (CSAM) 

If the filtering provision is procured with a broadband service, make sure it meets the needs of your school or college.

Your filtering system should be operational, up to date and applied to all: 

users, including guest accounts
school owned devices
devices using the school broadband connection

Your filtering system should:

filter all internet feeds, including any backup connections  
be age and ability appropriate for the users, and be suitable for educational settings  
handle multilingual web content, images, common misspellings and abbreviations  
identify technologies and techniques that allow users to get around the filtering such as VPNs and proxy services and block them
provide alerts when any web content has been blocked 

Mobile and app content is often presented in a different way to web browser content. If your users access content in this way, you should get confirmation from your provider as to whether they can provide filtering on mobile or app technologies. A technical monitoring system should be applied to devices using mobile or app content to reduce the risk of harm. 

It is important to be able to identify individuals who might be trying to access unsuitable or illegal material so they can be supported by appropriate staff, such as the senior leadership team or the designated safeguarding lead. 

Your filtering systems should allow you to identify: 

device name or ID, IP address, and where possible, the individual
the time and date of attempted access
the search term or content being blocked

Schools and colleges will need to conduct their own data protection impact assessment (DPIA) and review the privacy notices of third party providers. A DPIA template is available from the ICO. 

The DfE data protection toolkit includes guidance on privacy notices and DPIAs.

The UK Safer Internet Centre has guidance on establishing appropriate filtering.

Your senior leadership team may decide to enforce Safe Search, or a child friendly search engine or tools, to provide an additional level of protection for your users on top of the filtering service.

All staff need to be aware of reporting mechanisms for safeguarding and technical concerns. They should report if:  

they witness or suspect unsuitable material has been accessed 
they can access unsuitable material  
they are teaching topics which could create unusual activity on the filtering logs 
there is failure in the software or abuse of the system 
there are perceived unreasonable restrictions that affect teaching and learning or administrative tasks 
they notice abbreviations or misspellings that allow access to restricted material

If possible / more appropriate, can someone tell me where I may find an authority from Sophos who can verify the above?

Many Thanks

This thread was automatically locked due to age.