I have created a rule and applied it to a policy but still not blocking. I have attached screenshots of the rule i created and the policy i applied it in.

Hello, in our company we got about 60-80 users. Each department got his own vlan running over one port. XGS2100 (SFOS 19.0.1 MR-1-Build365) Over the year i was setting up the sopho xg and adding all Firewall rules, like all department are in one…

Sophos XGS 4300 application control can't block specific games like mobile legends. Below are the screenshot of the configuration: Thank you,

After applying Decrypt and scan https, anydesk not working, can u pls provide the Category of ip address of Anydesk, also explain the configuration method

I have encountered a remote case with this firewall, the setup and issue is as follows: Firewall model: XGS87 Firmware: SFOS 19.0.1 MR-1-Build365 This is a new firewall that we have deployed. Before installing this firewall the customer faced no…

Hi folks, I started investigating why the XG115W was showing high CPU load, normally around 5%, but now showing over 20% for extended peraiod. I checked the ATP, Avira, Sophos AV and Sophos anti spam, All but Anti spam last updated early yesterday…

Hi guys, How to block Squid Proxy using Application Control? Few applications like Hoxx VPN use Squid Proxy over port 80/443 to evade detection. Regards

hi, if i have sophos XGS or XG and from lan my users start making connection with bad reputed ip address. then can firewall block it??? ATP is same or it is different? can SOPHOS XG/ XGS also consult some IOC Feed ???

Hey, since we installed Sophos XG we are getting a loads of app filter events regarding GaduGadu Messenger application. Strange is that this traffic is comming from almost all users and its like 100-1000 events per few minutes. Ofcourse nobody is actually…

Hi guys, How to write custom IPS signatures for blocking applications? I have found a few VPNs which are not on the application control list and I would like to block them. Regards

Hi, i've got this message every minute since yesterday. Have you got a any idea ?

Hi everyone, We are getting thousands of alerts from our Sophos XG at the moment, and with the below error alert ID and message: Any possible causes of this? Alert ID: 8001 Message: Malware 'Unscannable' was detected and blocked in a download…

Seems as of this morning Sophos XG is blocking the connection page for the msftconnecttest.com anyone else have the same issue? Kent.

Helo I realy dont know how sophos still dont have an TikTok App Control. This app its terrible for productivity and bandwidth. Can you please add TikTok to Application Control? How can i block this app?

So, while setting up IPS on the system, I want to *block* the usual badness including scanners, etc. However, I have regular vulnerability scanning done by US DHS/CISA as part of their Cyber Hygeine program, and they scan regularly. As such, using scanner…

Hi, Im starting to get "SCAN Zgrab Scanning Attempt Detected" alerts, I understand who would use these, however how do I stop the alerts as they are ~+ Im sure

Good day I have a challenge with blocking youtube. Initially the rule was working fine and all of the sudden users are able to access youtube. i can block other site but youtube keeps working. i have just upgraded the sophos firmware to SFOS 19…

There is a critical 0-Day exploit for Exchange already being exploited, which is pretty much the same as the "ProxyShell" vulnerability in March. How can I check if the mitigation is already working with Snort or IPS rules? https://gteltsc.vn/blog…

Dear Team, As we checked and tried to deny some adult-containing sites on Sophos firewall, with the help of a website, we were able to deny that website, but in the application category, we were not observing any adult-related application, so kindly check…

So I have IPS protection turned on as shown below: I know that the pattern is updating as shown below: So I have 2 questions. 1. Shouldn't the 'Time of signature update' change dates when IPS and Application signatures are updated? Mine doesn…

Hi, In lan network some user need wetranfer access but due to data privacy we dont give to share data upload access only download access so kindly give solution to resolve. model-XG210 version-18.5.4 Thanks Satya

Hi, Not sure if this is a cosmetic issue, or something that needs further investigation - the IPS signatures are being reported in one part of the GUI as being old, but yet updated in another screen. Here it's showing Aug 26th But in this…

We have noticed that connections are sometimes interrupted for a period of 5 minutes. It is then not possible to establish new connections (external / internal) via Sophos. This happens 1-2 times per day and always at a different time. I went through…

Hi, How do I report application traffic that is incorrectly identified - The below is being reported as personal network storage, when it's for iCloud private relay, and should therefore (I would ahve thought) be classified under proxy services…

Hi folks, over the last week or so I have noticed previously fixed issues with applications being incorrectly classified returning in my daily reports. Manual proxy surfing and thunder VPN. Why are these previously resolved issues appearing, does…