Hi All, hope you can help. Ive recently been getting a lot of alerts with this as can be seen in the image below. searching with some of the IP addresses on greynoise it shows it as commonly seen and it is nothing to worry about. i have seen that…

"OneDrive File Download" and "OneDrive File Upload" Application Signatures are not working as expected on Sophos XGS 6500(SFOS 19.5.4 MR-4-Build718). I need to separate the OneDrive web application rules into "Download" and "Upload". However, it does…

Hi , We are facing this issue. Any solution for this?

Hey everyone, today i noticed our Windows DCs want to communicate with Windows Clients behind a RED Device, where SFOS is recognizing it as a Freegate Proxy Application and blocks it Src IP = Win DC Dst IP = Win Client behind RED Seems to be…

Hi I have an issue whereby users cannot send images or documents on whatsapp mobile app. We have policy rules for social restriction but whatsapp i alloewd but seems not to be working

Hey, after deploying our new XGS3300 with SFOS v21 we noticed several IPS Alerts which are created from a Veeam Guest Interaction Proxy to the Veeam Backup Server: Attack : FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt Attacker: Guest…

Today we've had a partial outage due to high /var partition usage. It was flapping between 70% and over 90% in a short time. /dev/var 179.3G 138.6G 40.7G 77% /var /dev/var 179.3G 138.8G 40.5G 77% /var /dev/var 179.3G 138.9G 40.4G 77% /var /dev/var…

Hi, I’m using a third-party threat feed with Sophos and under the impression that it should provide WAN to LAN protection. However, I’ve conducted a test and observed unexpected behavior. Here’s what I did: Created a custom text file list containing…

Hello, it seems I have missed something, on all my firewalls "cloud application list" is just empty. Application control is being populated but the cloud part has nothing in list or graphs. Would anyone be so kind to advise? All are XGS 107 with…

Hello, One of our clients has asked us to block communication to Tor Exit Nodes, in the Applications and Web options in the Sophos XGS firewall I can only see things related to TOR VPN, TOR PROXY and TOR2WEB or whatever... But I cannot see anything…

hello, The last two days, we've been receiving an http virus mail from sophos firewall with the following message, (Malware 'Unscannable' was detected and blocked in a download from acroipm2.adobe.com). what we had done so far, full scan launched…

We have several XG firewalls reporting this. Other layers in the defense report nothing. Endpoints are a mix of Defender/Huntress and also Sophos MDR. All scans are clean. Anyone else seeing this particular alert regarding the FQDN from Adobe? Alert…

Hi, all of a sudden we see that our FreePBX installations triggers Network-attacks in our XGS. "Attacker" is our FreePBX, 192.168.1.22 - "Victim" is the IP of our SIP-Trunk Provider. Attack : PROTOCOL-VOIP Contact header format string attempt. This…

Hello everyone, Since yesterday, we have been experiencing a consistent IPS alert from our firewall (XGS Vers. SFOS 20.0.2 MR-2-Build378 ). The affected connection is between our email gateway/proxy in the DMZ and our mail server. Every 30 minutes…

hello, I got this intrusion attempt for the first time. just don't know what to do. I looked for any recent downloads and browsing history, and asked the user if he plugged any device to the computer but nothing suspicious found. this is a screenshot…

Hello there, Just wondering if there is anything that we can do to block Bing video preview. We have blocked youtube and other video sites. However in when bing search is used, it previews the video and seems there is no way to block. Even there is…

Hi Team, Kindly schedule support call for Gmail block setting in Firewall.

dear all, can someone help to block both telegram App and website on my sophos firewall

hello, Alert Message: Message: SERVER-WEBAPP Arcadyan Routers CVE-2021-20090 Path Traversal Attempt I got this Alert today, and the attacker is one of the company's computer, I read an article about this vulnerability…

Hi, I am new to Sophos products I newly get into it and the BASIC installation has been done. I discovered the Sage300 application that our staff working remotely using a public IP to connect to the onpremises server is not working after installation…

Hello Community, I am facing a challenge in getting a rule to block social media and video hosting to work. I created an application filter and web policy to block all social media and video hosting. Created the rule and placed it at the top. It blocked…

Hi, Can we enable botnet prevention on the SFOS firewall. Please provide any kind info related to this.

Hi. RusDesk remote control app, suddenly can no longer connect to the network. I did some tests and I realized that if I bypass the Firewall (XGS 136 sfos 20), Rustdesk works perfectly. I have not implemented any rules to block it, so I suppose Sophos…

Dear Member I hope this message finds you well. I am currently encountering a significant amount of network traffic related to the Attack-FILE-IMAGE ImageMagick SyncExifProfile Out Of Bounds Array Indexing alert. the firewall ais detecting and dropping…

Hello: Yesterday I started seeing these IP_SPOOF violations from our remote site that is on the allowed list in the DNAT firewall rule. They are unable to connect or ping our DNAT devices setup behind the firewall. We can connect to them with out…