Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 44 subscribers
  • Views 3131 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

thinking on moving over to sophos xg

ncage

Hi everyone. I'm currently with arista/untangle & thinking on switching over to sophos xg. I have some questions though about the firewall. One thing i use quite a bit with arista is their content filtering (which is why i'm not going to go with pfsense or opensense, their content filtering isn't that good).

Does sophos xg have strong content filtering abilities (i'm assuming it issues of deep packet inspection & SNI)? On untangle they call it application control & web filter (if that helps)



This thread was automatically locked due to age.
Parents
  • 0

    Hi Brent Waldrop

    For more information, you may refer Sophos Firewall: HTTPS Decrypt and Scan FAQ

    To have strong content-filtering abilities, install Sophos SSL CA on each endpoint(computer or mobile device ). Once Sophos SSL CA is installed enable HTTPS scanning on firewall rule/s.

    To download Sophos SSL CA refer to the below snapshot : 

    Make sure "Default" certificate is filled and download "SecurityAppliance_SSL_CA" to install.

    If might get an error message for SSL CA if the certificate is not installed properly on the end device in this case re-install the certificate.

    Refer : Add a CA manually to endpoints

    With exceptions, you can override protection settings for all web traffic that match the specified criteria, regardless of any policies or rules in effect.

    Thanks and Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0

    Hi Brent Waldrop

    For more information, you may refer Sophos Firewall: HTTPS Decrypt and Scan FAQ

    To have strong content-filtering abilities, install Sophos SSL CA on each endpoint(computer or mobile device ). Once Sophos SSL CA is installed enable HTTPS scanning on firewall rule/s.

    To download Sophos SSL CA refer to the below snapshot : 

    Make sure "Default" certificate is filled and download "SecurityAppliance_SSL_CA" to install.

    If might get an error message for SSL CA if the certificate is not installed properly on the end device in this case re-install the certificate.

    Refer : Add a CA manually to endpoints

    With exceptions, you can override protection settings for all web traffic that match the specified criteria, regardless of any policies or rules in effect.

    Thanks and Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Children
No Data
Unfiltered HTML