This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter: add domain list via API

Hello everybody,

As the title suggests, I want to import a large list of domains (~ 5000) via API http post.

I think I need this API call:

 

I've already tried it but never found the newly created object.

Any help is greatly appreciated!

 

Thanks in advance

Tim



This thread was automatically locked due to age.
  • Hi  

    Do you want to create a regex list for Web exception? How do you want to import this list of domains and where do you intend to use it?

    Regards

    Jaydeep

  • Hi Jaydeep,

    thanks for your reply. 
    There are no regexes, just normal domains and IP addresses. 

    I want to use the domains as a blacklist.

    When using the WebUI, theres an option for importing domain.

     

    Thanks
    Tim

  • Hallo Tim and welcome to the UTM Community!

    In my experience, adding so many objects to the UTM causes it to bog down and not function well.  Perhaps you could tell us what you want to accomplish so that we can tell you the best technique to apply in WebAdmin on the UTM.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hey Bob,

    thanks for your reply. 
    My boss asked my if we can block "bad" URL from Emotet servers.

    Currently we have IPS and advanced threat protection enabled.

    I my opinion I think thats enough - what do you think?

    Thanks

    Tim

  • If you're using UTM Web Filtering, Tim, and not allowing access that skips the Proxy except for select uses, then, yes, I agree that IPS and ATP are an important part of the solution.  If you don't already have a Sandstorm subscription, I would definitely add that.  Also, if the UTM's SMTP Proxy is not doing anti-malware on your inbound email, I would consider whether the anti-malware solution you have offers something like Sandstorm.  Sandstorm is additional protection against day-1 threats like ransomware.

    For devices that can be moved out from behind the UTM, I prefer to also use Sophos' Intercept X for anti-malware as it also uses a sandboxing technique similar to how the UTM uses Sandstorm.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA