Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 2939 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Filter Action to block specific updates

Zak_B18 DZ

Hello community,

I currently have multiple proxy profiles for multiple groups of users set up, each one with it's own policy and filter action.  What i'm trying to achieve is to block Windows/Microsoft updates for everyone during work hours, only. I already have all the links to block ready. What is the best approach in order to do this?

What i'm thinking on is to create for every profile, a second filter action, similar as the first one except this one will have the Microsoft/Windows updates links blocked via the "Websites" tab on the filter action and setup to be active on work hours only. Is it a good approach and more importantly will it work? 

 

Thank you.



This thread was automatically locked due to age.
  • 0

    Salut Zak,

    Yes, your idea can work, but...

    I'm a little confused by your description of your current Web Filtering configuration.  Profiles apply to IP addresses and subnets.  Policies apply to groups.  If an IP qualifies for a Profile, no further Profiles are considered.  If a user qualifies for a Policy in a Profile, no further Policies are considered.  If a user doesn't qualify for any Policy in a Profile, the 'Base Policy' is used.

    If you have just a single subnet, you need just a single Web Filtering Profile in Standard mode and the Default in Transparent mode.  In each, the Policies for work hours should be above the ones for the rest of the time.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Salut BAlfson,

    Our config in in transparent mode and you know what? I think i may have got it wrong with my Web Filtering config as i have set-up every profile to work with a specific group, all in one single subnet. It still achieves what i wanted so far but thinking back now i think i kind of messed it up. Down below one of the (many) profiles i have setup ...

    So now the idea would be to create one single profile, with multiple policies, each one affecting a specific group of users. I would also create a second profile with work hours policies, on top of the first one. Am i making any sense? 

  • +1 in reply to Zak_B18 DZ

    Just a single Profile, Zak, with the work-hours Policies at the top and the Policies without time restrictions at the bottom.

    Again, if an IP qualifies for a Profile, no subsequent Profile will be considered.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML