Edited TAGs
[edited by: Raphael Alganes at 8:21 AM (GMT -8) on 6 Nov 2024]
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Hello Alfredo,
You could create an allow user-based FW rule/Web Filter Rule with similar settings to the KBA below for your email domains and MS updates on top of your "Block all" FW/Web Filter Rule/ App control rule
Email: https://support.sophos.com/support/s/article/KBA-000004733?language=en_US
Win updates: https://support.sophos.com/support/s/article/KBA-000004980?language=en_US
Also, please note that when configuring a "Block all sites" except email/s and Windows update, you should not include CDNs on your blocklist and other necessary resources to fully load/access your allowed websites and resources.
Raphael Alganes
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.