I am using https inspection. The Sophos-supplied configuration excludes https inspection for everything on microsoft.com. I am having a problem with pages from support.microsoft.com not loading correctly. On investigation, I determined that the missing content is being retrieved from akamaized.com, but the website refuses the connection. If I turn off https inspection, the connection is accepted and the page loads correctly.
My inference is the following:
- support.microsoft.com bypasses https inspection
- *.akamaized.com does not bypass https inspection, so it looks to the server like a primary query rather than a referral
- The server is secured so that it only accepts content when the referral comes from an authorized source, such as support.microsoft.com
The obvious workaround options:
- Always reference both sites with https inspection. This requires overriding the Sophos-supplied exception
- Always reference both sites without https inspection.
I assume that akamaized.com serves many clients, so if I disable https inspection for it, the problem will reappear in reverse somewhere else - the referring site has inspection on and the akamaized site has inspection off, so the connection is refused. This is likely to become an endless chain that eventually makes https inspection impossible.
Therefore, the best solution seems to be to change the Sophos-suppied Regex to apply to microsoft.com except when it is support.microsoft.com I know this is theoretically possible with RegEx, but is beyond my experience. The Sophos KB article about regex syntax does not address this type of construct, so I don't know for sure if the chosen syntax will work with their implementation.
Hoping that someone knows the regex command and knows whether the Sophos implementation supports it.
This thread was automatically locked due to age.