Top Web Traffic Logs

I had to turn off "Web Filtering" because the typical problems with Web Proxy enginesL:

Top Reason #1 = web traffic is complex (especially with everything going SSL)

Top Reason #2 = the high administrative overhead to keep up with configuring 'exceptions' to keep the end user website experiences useful

Top Reason #3 = Eventually enough 'exceptions' in proxy rules results in swiss cheese like holes

I regret turning off "Web Filtering" because I like the reporting aspect of website traffic.

Is there any way to use "Web Proxy" in an "Allow-All" fashion that will not block but will log web site browsing history?

Beyond web browsing traffic.... does Sophos have any local client for endpoints that can log/monitor DNS requests and traffic?

(something along the lines of the Cisco AMP / Umbrella local client that changes windows endpoint DNS to for monitoring)

  • Hi VM and welcome to the UTM Community!

    Yes, you can allow all and log browsing history.  The Reporting feature lets you create  custom reports.  Usually, it's not the fact of blocking undesirable sites that causes a problem, rather it's that  some servers/sites don't play well with proxies.

    Depending on how you have DNS configured, the UTM logs DNS requests.  How does your setup compare to DNS best practice?

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA