I had to turn off "Web Filtering" because the typical problems with Web Proxy enginesL:
Top Reason #1 = web traffic is complex (especially with everything going SSL)
Top Reason #2 = the high administrative overhead to keep up with configuring 'exceptions' to keep the end user website experiences useful
Top Reason #3 = Eventually enough 'exceptions' in proxy rules results in swiss cheese like holes
I regret turning off "Web Filtering" because I like the reporting aspect of website traffic.
Is there any way to use "Web Proxy" in an "Allow-All" fashion that will not block but will log web site browsing history?
Beyond web browsing traffic.... does Sophos have any local client for endpoints that can log/monitor DNS requests and traffic?
(something along the lines of the Cisco AMP / Umbrella local client that changes windows endpoint DNS to 127.0.0.1 for monitoring)
Hi VM and welcome to the UTM Community!
Yes, you can allow all and log browsing history. The Reporting feature lets you create custom reports. Usually, it's not the fact of blocking undesirable sites that causes a problem, rather it's that some servers/sites don't play well with proxies.
Depending on how you have DNS configured, the UTM logs DNS requests. How does your setup compare to DNS best practice?
Cheers - Bob