Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

thinking on moving over to sophos xg

Hi everyone. I'm currently with arista/untangle & thinking on switching over to sophos xg. I have some questions though about the firewall. One thing i use quite a bit with arista is their content filtering (which is why i'm not going to go with pfsense or opensense, their content filtering isn't that good).

Does sophos xg have strong content filtering abilities (i'm assuming it issues of deep packet inspection & SNI)? On untangle they call it application control & web filter (if that helps)



This thread was automatically locked due to age.
  • Hi,

    I suggest you do some web searching and that will provide with the details you are requesting.

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Sophos does DPI and also has application control and web filtering. Not familiar with untangle, but I suppose it has the requested features.

    You could always set up a trial to see if it fits your needs.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Hi   Below KBA guide covers all the basic details on Web filter basics and I hope that will clear your doubts on same.

    Sophos Firewall: Web filtering basics

    https://support.sophos.com/support/s/article/KB-000036518?language=en_US

    Sophos Firewall v18: XStream - the new DPI Engine for web proxy explained
    RE: XStream - the new DPI Engine for web proxy explained


    Sophos Firewall v18: DPI vs. Web Proxy Filtering
    techvids.sophos.com/.../uCC7QqkYcTJtLiBMNhZV32

    And of course, with the required settings in place, you will have user-friendly reporting of Web usage and web surfing activity of machine or end users.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • Hi Brent Waldrop

    For more information, you may refer Sophos Firewall: HTTPS Decrypt and Scan FAQ

    To have strong content-filtering abilities, install Sophos SSL CA on each endpoint(computer or mobile device ). Once Sophos SSL CA is installed enable HTTPS scanning on firewall rule/s.

    To download Sophos SSL CA refer to the below snapshot : 

    Make sure "Default" certificate is filled and download "SecurityAppliance_SSL_CA" to install.

    If might get an error message for SSL CA if the certificate is not installed properly on the end device in this case re-install the certificate.

    Refer : Add a CA manually to endpoints

    With exceptions, you can override protection settings for all web traffic that match the specified criteria, regardless of any policies or rules in effect.

    Thanks and Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • NCage, 

    1. We have used Sophos content filtering for many years on both UTM and XGS.  It is effective, and can be tweaked to suit your enterprise.  We have combined XGS capabilities with Next DNS.  Next provides additional filtering, blacklists and analytics for a small fee each month.  Next has been very good in combating phishing, (block new domains), etc.  Next works by not returning URLs for blocked sites.  Forward internal or XGS DNS to NEXT, very easy setup.  Basically we are combing 2 sets of eyes using different methods and lists to scrutinize content.