This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application Control Sophos Framework Server

Hello,

when i open flow monitor under application control, i see the following traffic:

What is the Sophos Content Filter Framework Server traffic exactly? And why is the communication on port 80 and not 443?

Thx

Sally



This thread was automatically locked due to age.
Parents
  • That would be HTTP traffic to AWS, like visiting Amazon, or something hosted perhaps?  HTTP traffic is internet web traffic, so ... it could really be anything internet related.  Even major companies host on AWS.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hello, I use the Proxy in Transparent Mode, all Clients have the Certificate installed. No Client or Mobile has the Amazon App installed.

    If I actually visit amazon website from a Client I see a new connection under Application marked as Amazon and the connection is with protocol 443/tcp secure.

    So I'm wondering what is the Sophos Content Filter Framework Server Application connected to port 80/tcp unsecure ?

  • so checking further, I see the traffic just on eth1 my external wan interface, and now I see also Sophos UTM Up2Date Application...

    So now my question, what exactly is the Sophos Content Filter Framework Server connection exactly for, and why are the UTMs connection to the Sophos Update Servers unsecured via Port 80??? How to fix? 

  • I believe this is going to be your web proxy content filtering.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply Children