Since Sophos support couldn't help me with this case I decided to ask the community what is their solution. If I am missing something please let me know so I can correct my UTM accordingly.
Here are the details of the test, please compare with your own system and check if you are able to prevent a user/s who using a VPN application going restricted websites and other stuff.
- SSL Inspection operational on UTM- You have installed the certificate on the client machine (actually doesn't matter at all)
- Client installs a VPN app such as XVPN (do not turn on XVPN yet!) https://xvpn.io/
- Try to access a restricted website and ensure you are blocked!
- Turn on XVPN and try to access the restricted website again to see the result
Our findings are;
- We absolutely have no control on a traffic if VPN applications in use by any client (with SSL certificate or without)
- Clients even able to bypass the UTM with Chrome extensions (we removed extensions via GPO on domain joined workstations eventually as a workaround)
This thread was automatically locked due to age.
