Hello am getting this alert sara-tabuk.no-ip.biz as an ATP threat can you assist?

Firmware version 17.0 have this signature but firmware version 18.5, 19.0, and 19.5 do not have this signature. Can anyone have firewall firmware version 19.5.1 and search in IPS policies have this signature and capture image reply me pls.. Thanks in…

I'm having a hard time blocking ChatGPT and can't even find it in application control. Please help, thank you!

Good morning We have an end customer (a school) where students use iPads. It turns out that there are several students who have caught the bad habit of getting IPs from proxy servers thanks to the XVPN application. They do not use it on the iPads, but…

We have software that goes out to a distributors website and downloads updates. Part of these updates is a batch of Word documents in .docx format that have some ActiveX controls in them that are used for automation. They cannot be removed and are a normal…

In Application usage report, DNS over HTTPS is classified as High Risk. Why? I would think HTTPS is always preferable. Is it because it imposes limitations on what the firewall can see and control?

Hello, we are having some trouble with Zoom meetings where the sound is briefly dropping at times. Sometimes we get the network quality message. I may have traced the problem to some of the meeting traffic getting flagged as Proxy and Tunnel (x-vpn…

Hello I wondering how effective can be IPS in XGS series without decrypting SSL traffic. It is worth to configure without ssl inspection when i want to protect web servers (IIS, nginx, apache)?

I would think this feature should be readily available, but I am unable to find a way to do this. I want to block all IPs that appear on known abuse lists from our network. We are running an XG firewall. So far the rule blocking IPs by country has…

My org had an event last week where a false positive IPS alert was being thrown. This caused over 1400 email alerts within 20 minutes before anyone could get to it and shut it down. When I looked at the email logs it looks like it was sending 3-4 emails…

The UTM has an essential feature called "anti-portscan" that is seperate from DoS protection.Anti-portscan, if you are not aware, will detect when a source IP address is scanning the external WAN interface for open ports, and block, drop, or log the source…

Hi, I run an XGS116 and have a requirement to connect to a company who uses FortiGate 100's. They have supplied me with the FortiClient SSLVPN client. If I connect to the VPN, I can not ping external addresses such as 8.8.8.8. I had their MSP…

Hi everyone, I am administrating about 15 Sophos UTMs still managed through SUM and we are thinking about to use the XGS for future renewals at our customers. That said, do you think the XStream option is needed / a must have or it the standard protection…

it blocked videos on sites like YouTube and facebok from applications, I think it will block all videos on other sites, I am not sure if that is the best practice but anyway its working with me. there is One thing remaining I can't figure it, the Facebook…

good afternoon everyone, I need help. I need to block anydesk on all company computers. how could i do this lock? blocking the application or creating some specific rule? I look forward to returning, thank you.

Keep on getting this notification email every 5 minutes from XGS2100 firewall. Affects only one user's computer. FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt. It started this morning. Please assist. These four IP's external are listed so…

While upgrading the firmware on my HA stack of sophos XGS 3100, I got more than 70 email alerts for the HTTP virus detected Alert ID: 8001 with the messages below repeatedly: Malware 'Unscannable' was detected and blocked in a download from crl4.digicert…

Hello everyone, I have a problem with two FW (one on Azure, one XG) We have a lot of detections like this (ATP) We saw that this URL centos.brontocdn.com is legit and it's an official Centos Repo. I allowed it here : But both FW are still…

I have a strange issue today. I have a firewall rule to block OpenVPN connections in place and it seems to work. However, today I discovered data is still being transferred even the connection is denied. I can see from the firewall log the connection…

Hi I find odd that none of the major firewalls on the marketing have an built-in option to block or control major social networks like TikTok. TikTok and Instagram are by far one of the worst things for the bandwidth and productivity. Rants asside…

Dear Friends, We have recently upgrade our Firewall XG310 to latest Firmware ( SFOS 19.0.1 MR-1-Build365) , now we are facing issue in IPS Time of signature update which shows 23:08:29, Nov 11 2022 and the Pattern Updates for IPS and Application signatures…

dear guys we have sophos XG firewall device , now when we block the VPN is working fine on iphone but in android system VPN not blocked so i mean VPN applications will block on iphone but in android still working and the applications on android and…

dear all, I asked this question 9 months ago but unfortunately, still I have no solution for it although I have installed the Security Appliance SSL CA on the end user's machineI've Sophos XG Home that block all Entertainment Web Browser. Problem is…

Hi Sophos Community, I was wondering for a while why some of our customers couldn't reach the Lastpass website. Now I have discovered that its being blocked by application filtering with filter "Block high risk (Risk Level 4 and 5) apps". I am aware…

Good Monring, I've an XGS v19.0.1 and want to set an Application Filter (AC) on top of existing Firewall rules. But i'm not sure if i'm understanding how this mechanism is working. My fw-rule is from "serveral internal zones" with "several defined…