I'm trying to get DLP working through Central and have found something that I can't quiet believe hence this post.
If I have a policy that detects content and I do a new email in Outlook and use the paperclip "Attach" icon to attach a file with sensitive…
Our Sophos enterprise console is failing to update our clients when we enable an AD policy to restrict .exe and other restricted file types from running.
I am able to add exceptions to the policy but do not know where sophos places the updates when…
Hi team,
I´m new with sophos and we need set our 'CENTRAL' policies in a way that EVERYONE shoulbe use the default policies but we have board directors who shou use a specific ("more relaxed") policy.
I used the article below but the user has…
After a year, I've decided to try Sophos XG again. Currently using UTM 9.5 - which has its issues, but works well.
I am trying to find out how to force all web requests through the proxy port. Sadly, I'm not getting far with Sophos XG.
If I add a…
Hello,
I have two questions about adding websites to the Global Scanning Exclusions list in Sophos central:
If I add, for example, google.com - does this cover all subdomains for google.com like a.google.com, b.google.com, c.google.com etc.. or…
How does one best set up firewall rules for iDrive backup solution?
Problem:
A network I am working on uses iDrive backup solution. iDrive connections are prevents when using the XG Firewall inline. I've likely narrowed down the issue to when "Prevent…
Hello,
I am testing out the XG firewall as a VM and have come across a couple of issues with the Application filter. The current issue is that if I enable Application filtering for high risk Apps 4 & 5 Windows updates take about 3 days to do a full…
Hi,
If I open a website once, it's blocked. If I open it twice, it won't get blocked!
Why does web filtering blocks some websites one time and a few seconds later not?
Thanks in advance - Meghan
Hi all,
I have a question about Sophos Central End User Protection, we have the base policy applied to all users, in this policy Youtube is blocked but we want them to access to a certain channel in this platform.
Is possible to implement this kind…
Hi there, I'm new to XG,I'm getting the message below. I'm using the default policy. I want to unblock the category Auctions & Classified Ads. In Categories, I marked it as acceptable, but it still is blocked. In the default policy, the line that blocks…
I'm sure (hoping) there is a simple solution to this. We've been banging our heads against the wall for a couple of days trying to figure out what we're doing wrong.
The simple setup:
XG550
PortA8 configured as LAN, 192.168.1.1.
DHCP server scope…
I have started looking at the logs and reports in XG Firewall just to start getting more familiar with the product. I get thousands of entries for "SCAN UPnP service discover attempt", all of which are from 2 Windows PC's on the network.
I am downloading…
Hi, I wanted to allow access for 4 external WAN IPs to my LAN zone computers. Here is my rule But after testing one app to connect no matches are increasing. Wireshark on one of LAN pcs shows that packets are coming from source ip (for example) 1.1.1…
Hello,
I am running XG Firewall for a few months now. However, I still have a problem which I could not solve yet.
When trying to update my apps on my Android phone, Google Play Store keeps trying to download the updates. After several minutes I receive…
I´m trying to block SMB traffic. This has to do with the WACRY ransomware.
Im sure its an easy thing to do, but when im trying to add an firewall rule to block TCP / UDP. But i cannot edit the TCP / UDP to port 139. The "save" button is "grey".
Whats…
Hello,
I am trying to figure out which services apply to what policies in regards to web control. I would like to have web control completely disabled on our servers (including its services), we had previously done this when we were on the on prem version…
I am having issues which consist of an inability to save SSL VPN settings (They always revert to default) and downloading the SSL client for windows. After doing some research it seems my Default CA may be the issue, and when I check the Default CA it…
Noticed recently that there does not seem to be an option in Central to force a Policy update for a user/computer.
This would be very beneficial when making changes that need to be made ASAP rather than when the next scheduled sync takes place.
For…
I am able to successfully authenticate to the user portal. However I am unable to connect to the clientless access connection. I get the below error:
Error: Protocol Security Negotiation Failure
I created the firewall rule for vpn access but…
I have norton Security Premium, so to be able to install it on the devices i have to go to norton.com/setup, there i have to download the setup, but the setup also download files from internet, but it cant make the connection, except if i open my firewall…
Hello, I have groups of computers that I want to make web exceptions for with no authentication.
For instance for IP group1, I want these computers to be able to access sites A.com B.com C.com. For IP group2 computers, they can access sites D.com E…
Hi,
I needed to set up a new policy for our developers to access blocked websites.
I have cloned the Base policy to create a new one disabling Acceptable web usage and added the relevant users but certain websites are still being blocked, when…
Hi all,
I have set up an web application on AWS Elastic Beanstalk environment.
This application has to access a MySQL server that is located in LAN. Depending on the load Beanstalk is launching several EC2 instances, which are all behind a load balancer…
