Hello, Do you have any recommendations for classifying financial services/banks and bank websites in the Application object? I need to use SDWAN for this type of service, but generally access to these sites are classified as "Secure Socket Layer…

Hello Community, one of our customers requested whether we could block internet access for powershell in order to prevent sideloading of any malicious modules or scripts. On the SG firewall, I already tried adding an application block rule for…

Hello team, We would like to know which Category unblocks the Buil-in copilot that is coming with Microsoft Edge. Is there an exception be made specific to co-pilot alone?

I noticed in The Logs from our Router that there is 1.25GB Upload on STUN and about 850MB Download STUN. Could someone please tell me what that could, I say could be ? Could it be video chatting over WhatsAPP OR FACETIME ?.

hi, can you please show me a template for DOS best practices and proof protection

Hello Community, Is there a way to create a "bypass" for Application Control in Sophos Firewall that is applied to a client IP address? In the old UTM 9 interface, I used to be able to assign hosts to bypass lists, which would bypass all Application…

Sophos v20 GA I have never noticed this IP Flood protection before. It is not applied, but I cannot see it's activation anywhere in the GUI. All I see activatable is SYN, UDP, TCP and ICMP, Dropped source routed packets, Disable ICMP/ICMPv6 redirect…

Hi Sophos, A user at our org was sent a link to access a document online. This document was hosted by autoexel[.]info which doesn't flag up as malicious using any of the tools available to us, but the Sophos Firewall determines is a TOR Proxy, and…

How to block applications such as advanced ip scanner from scanning the network? my product is sophos xgs 2300

Ok unless I am missing something, you: Create an Application Filter, set it to Block. But in the GUI overview it shows default action is Allow. You have to edit the policy to see it's set to block. Poor design and visually confusing. Create a Firewall…

I have two FQDN hosts : Instagram (*.instagram.com) and Facebook (*.facebook.com). These two FQDN hosts are added in an FQDN host group named Social Media. A rule in "Traffic to WAN" is configured for LAN to WAN that rejects this specific FQDN Host…

Hello Community Members, I want to enable DoS & spoof protection in my Sophos XGS2100. But, To enable it for all the hosts there will be a lot of trusted MAC addresses so adding them manually is a time-consuming process. So I came across this article…

Hello, I found a false positive in Application Filter. Eset connections are seen as Freegate Proxy connections. I need to add an exception for some IP addresses / FQDNs. It seems that a specific area for this purpose is not implemented in SFOS. So…

Hello everyone, I was trying to understand how to make a report of who uses a specific application like Anydesk. In the report I find various categories but I don't understand how to specify the report for a specific application. Thank you

I’m a newbie in Sophos XGS VM version 20.0.0 , I want to make traffic shaping for two user groups for the same application category (Streaming): Group A: Traffic limit for 125 Kbyte Group B : Traffic limit for 1250 Kbyte Is it applicable in Sophos…

Hi Sophos community any solution for this issue. Message: SERVER-OTHER multiple products blacknurse ICMP denial of service attempt

how to block app from microsoft store

Hi there Please could someone give me an idea on how to setup Sophos XG115 to enable mobile devices to access WhatsApp only. Sorry I have some some posts on this, but would like a detailed guide if possible. Thanks

Need help with this issue in sophos Message: SERVER-WEBAPP SNIProxy new_address Stack Buffer Overflow

For some time, we get the following IPS Log Messages: Example 1 2024-01-16 12:12:20 IPS messageid="06001" log_type="IDP" log_component="Anomaly" log_subtype="Detect" ips_policy="" ips_policy_id="0" fw_rule_id="140" fw_rule_name="x1" fw_rule_section…

Currently we are using Sophos XGS 4500 and we are receiving alerts in Advance Threat however it only shows the device (see image below). Is there a way where we can see a detailed reports such sa IP and etc? Also, what is the "X45007...." device indicated…

Why is Hulu in the category "General Internet" rather than Streaming Media? And why is Hulu listed as Risk Level 4 (High)?

Hi team I am getting this alert frequently from the firewall. please help me to resolve this

How to configure Advanced Protection on Sophos Firewall ? Suggest me why we use this option.

Hi folks, This is not Sophos classification issue, but a local one. I have incorrectly classified an application on my XG, how do I correct tit? Ian