Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 1097 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Top Web Traffic Logs

V M Smith

I had to turn off "Web Filtering" because the typical problems with Web Proxy enginesL:

Top Reason #1 = web traffic is complex (especially with everything going SSL)

Top Reason #2 = the high administrative overhead to keep up with configuring 'exceptions' to keep the end user website experiences useful

Top Reason #3 = Eventually enough 'exceptions' in proxy rules results in swiss cheese like holes

I regret turning off "Web Filtering" because I like the reporting aspect of website traffic.

Is there any way to use "Web Proxy" in an "Allow-All" fashion that will not block but will log web site browsing history?

Beyond web browsing traffic.... does Sophos have any local client for endpoints that can log/monitor DNS requests and traffic?

(something along the lines of the Cisco AMP / Umbrella local client that changes windows endpoint DNS to 127.0.0.1 for monitoring)



This thread was automatically locked due to age.
Parents
  • 0

    Hi VM and welcome to the UTM Community!

    Yes, you can allow all and log browsing history.  The Reporting feature lets you create  custom reports.  Usually, it's not the fact of blocking undesirable sites that causes a problem, rather it's that  some servers/sites don't play well with proxies.

    Depending on how you have DNS configured, the UTM logs DNS requests.  How does your setup compare to DNS best practice?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hi VM and welcome to the UTM Community!

    Yes, you can allow all and log browsing history.  The Reporting feature lets you create  custom reports.  Usually, it's not the fact of blocking undesirable sites that causes a problem, rather it's that  some servers/sites don't play well with proxies.

    Depending on how you have DNS configured, the UTM logs DNS requests.  How does your setup compare to DNS best practice?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML