Hi Sophos community any solution for this issue. Message: SERVER-OTHER multiple products blacknurse ICMP denial of service attempt

how to block app from microsoft store

Hi there Please could someone give me an idea on how to setup Sophos XG115 to enable mobile devices to access WhatsApp only. Sorry I have some some posts on this, but would like a detailed guide if possible. Thanks

Need help with this issue in sophos Message: SERVER-WEBAPP SNIProxy new_address Stack Buffer Overflow

For some time, we get the following IPS Log Messages: Example 1 2024-01-16 12:12:20 IPS messageid="06001" log_type="IDP" log_component="Anomaly" log_subtype="Detect" ips_policy="" ips_policy_id="0" fw_rule_id="140" fw_rule_name="x1" fw_rule_section…

Currently we are using Sophos XGS 4500 and we are receiving alerts in Advance Threat however it only shows the device (see image below). Is there a way where we can see a detailed reports such sa IP and etc? Also, what is the "X45007...." device indicated…

Why is Hulu in the category "General Internet" rather than Streaming Media? And why is Hulu listed as Risk Level 4 (High)?

Hi team I am getting this alert frequently from the firewall. please help me to resolve this

How to configure Advanced Protection on Sophos Firewall ? Suggest me why we use this option.

Hi folks, This is not Sophos classification issue, but a local one. I have incorrectly classified an application on my XG, how do I correct tit? Ian

Hello everyone, so I create new role and allow whatsapp application but it was allow chat only so I add exception in web control with domain of whatsapp.com to be allow so now all OK and they can send pictures, videos and files This network open…

Hi; I use xgs4300 in the HA structure on which I spend a large network traffic. many app and web filters are applied on the device and more than 1500 users with 6 different DC authentication go online with user-based rules. I have created many policies…

Palo-Alto added App-IDs for their firewalls to allow the use of ChatGPT https://www.paloaltonetworks.com/blog/2023/05/securing-and-managing-chatgpt-traffic/ I checked our XG and found nothing. So if anyone has an idea how I can set up rules to allow…

Hello, I have this alert today: intrusion prevention alert, but i don't know how to check or to diagnose this

I have many IPS reports of this type: "IPS SERVER-WEBAPP ThinkPHP 5.0.23/5.1.31 CVE-2018-20062 Remote Code " I don't understand if these attempts are effectively blocked, then in general do you have any recommendations to mitigate this vulnerability?

Good morning, I have a problem regarding the configuration of certain rules at the Sophos Firewall level. It is impossible for the local partner to filter me on all smartphones connected to the network, a ban on all applications except Microsoft applications…

stupid question, I know, but honestly: what is the benefit of the Xstream protection when you decide not to break TLS sessions at all (besides mail filtering)? Will someone earn any higher protection level with all these features activated without breaking…

Dear all, We are having XG450 Firewall in High Availability and the we have the latest firmware installed... We are facing Microsoft Teams call is disconnecting intermittently under our Sophos XG450 Firewall. I tried all the following settings for the…

Hallo @all, regarding https://community.sophos.com/sophos-xg-firewall/b/blog/posts/generative-ai-policy-enforcement-with-sophos-firewall is there any way to use the new application category for the web policys? Application filtering only allowing allow…

Today our XGS started reporting ATP sources blocked without a Host Name, IP, or Threat. There is also no information under Monitor & Analyze > Reports > Network & Threats: Advanced Threat Protection How do I go about tracing down the issue? …

Hi, we have a SFOS 19.5.3 MR-3-Build652 and since few weeks, when the ips update the patterns, the sophos firewall drops all the packets for 30s. It will never do that before . Is this a bug ? Thanks Regards,

want to block browser based extension vpn

Our company allowed Facebook Messeger as messaging app but we are having hard time to allow page of Facebook two-factor authentication page without allowing the whole Facebook website.

1. I created a Decryption profile name DELETE and choose reject on compression and all other option. certificate error block all algorithem and authentication all block block action reject. 2.Applied to my device ip as source network to WAN all…

We have active application control at a customer. Different application rules were created for this. For example, a rule in remote maintenance applications such as B. Teamvier are allowed and a rule which allows file transfer services (e.g. Dropbox).…