Hi everyone, So like a lot of others here I've experienced where we get the notification that an attempt to communicate with a botnet or command and control server has been detected. And its always these same three sites: As you can see…

Hi, some users of us are using a business website that has an Application (not Web) categorization as Vulnerabilities (besides others) for some years now. It's just when you even call the start page, that the firewall blocks request. That causes me…

whenever i open a rule the application filter stuck on loading i restarted it but se ems weired to me.. any fix?\

Hello, I have a sophos xg can you share a way to block publicip from scanning for open ports and also how can you blacklist an IP address.

Hi all , i need to allow anydesk for some administrators (lan to wan) i make this config below but it doesn't work ! Where's the problem? Source zones=LAN Source networks and devices=any During scheduled time=all the time Destination zones…

We have a customer who uses Sophos Firewall (SFOS 19.5) but has a third party antivirus tool. So no Endpoint Agent and no Intercept X is installed on the client PCs. Does it make sense at all to use App control in the Firewall Rules in this scenario…

Hi I am using XG-115 FW. What is the easiest way to block TikTok? Read number of articles published in the community and noticed that different people are talking different methods. I am confused. Hence looking for a simple answer with simple instructions…

Hi all, Upgraded customers to Veeam Backup and Replication to version 12, an started seeing theese on the backup copy jobs, for the remote repositories: 03-04-2023 14:29:31 :: Processing Error: An unknown error occurred while processing the certificate…

Hello. After importing some firewall rules from another XGS3300 running 19.5.0 over the weekend, each morning I'm coming in to find that we can't access the internet. When I check the application filter for "Block high risk (Risk Level 4 and 5) apps"…

Hello am getting this alert sara-tabuk.no-ip.biz as an ATP threat can you assist?

Firmware version 17.0 have this signature but firmware version 18.5, 19.0, and 19.5 do not have this signature. Can anyone have firewall firmware version 19.5.1 and search in IPS policies have this signature and capture image reply me pls.. Thanks in…

I'm having a hard time blocking ChatGPT and can't even find it in application control. Please help, thank you!

Good morning We have an end customer (a school) where students use iPads. It turns out that there are several students who have caught the bad habit of getting IPs from proxy servers thanks to the XVPN application. They do not use it on the iPads, but…

We have software that goes out to a distributors website and downloads updates. Part of these updates is a batch of Word documents in .docx format that have some ActiveX controls in them that are used for automation. They cannot be removed and are a normal…

In Application usage report, DNS over HTTPS is classified as High Risk. Why? I would think HTTPS is always preferable. Is it because it imposes limitations on what the firewall can see and control?

Hello, we are having some trouble with Zoom meetings where the sound is briefly dropping at times. Sometimes we get the network quality message. I may have traced the problem to some of the meeting traffic getting flagged as Proxy and Tunnel (x-vpn…

Hello I wondering how effective can be IPS in XGS series without decrypting SSL traffic. It is worth to configure without ssl inspection when i want to protect web servers (IIS, nginx, apache)?

I would think this feature should be readily available, but I am unable to find a way to do this. I want to block all IPs that appear on known abuse lists from our network. We are running an XG firewall. So far the rule blocking IPs by country has…

My org had an event last week where a false positive IPS alert was being thrown. This caused over 1400 email alerts within 20 minutes before anyone could get to it and shut it down. When I looked at the email logs it looks like it was sending 3-4 emails…

The UTM has an essential feature called "anti-portscan" that is seperate from DoS protection.Anti-portscan, if you are not aware, will detect when a source IP address is scanning the external WAN interface for open ports, and block, drop, or log the source…

Hi, I run an XGS116 and have a requirement to connect to a company who uses FortiGate 100's. They have supplied me with the FortiClient SSLVPN client. If I connect to the VPN, I can not ping external addresses such as 8.8.8.8. I had their MSP…

Hi everyone, I am administrating about 15 Sophos UTMs still managed through SUM and we are thinking about to use the XGS for future renewals at our customers. That said, do you think the XStream option is needed / a must have or it the standard protection…

it blocked videos on sites like YouTube and facebok from applications, I think it will block all videos on other sites, I am not sure if that is the best practice but anyway its working with me. there is One thing remaining I can't figure it, the Facebook…

good afternoon everyone, I need help. I need to block anydesk on all company computers. how could i do this lock? blocking the application or creating some specific rule? I look forward to returning, thank you.

Keep on getting this notification email every 5 minutes from XGS2100 firewall. Affects only one user's computer. FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt. It started this morning. Please assist. These four IP's external are listed so…