Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 2043 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unblock categories for certain user

Ricky Kua

admin

we have enforced entire organisation with a standard Web Protection Policy.
our marketing personnel is not able to access google Ads because it falls under one of the blocked categories.

is there a method we can allow this user/device to bypass this Ads category?



This thread was automatically locked due to age.
  • 0

    Hello Ricky,

    welcome to the forum!

    The first thing you need to differentiate between users is an authentification service, for instance against an ADS.

    Then enable this for your webproxy:

    Active Directory SSO: This mode will attempt to authenticate the user who is currently logged in to the computer as the user of the proxy (single sign on). If the currently logged in user is a valid AD user with permission to use the proxy, the authentication should occur with no user interaction. You must have configured Active Directory Single Sign-On (SSO) on the Definitions & Users > Authentication Services > Servers tab. Clients can authenticate with NTLM or Kerberos.

    Have a look here for a howto for ADS SSO: https://www.fastvue.co/sophos/blog/sophos-utm-and-active-directory-step-by-step-integration-guide/

    Then you could define different filter policies for different users / user groups.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Selamat pagi Ricky,

    I note that you've posted the same question in the Intercept X forum, so if you don't have a UTM, our responses here may not apply to your issue.

    Agreed with Philipp that the best approach is using AD if that is available to you.  Otherwise, you can create a Web Filtering Profile that allows Google ads for specific IPs.  If you're assigning IPs to devices with a DHCP server in the UTM, make sure that fixed IPs assigned to certain MAC addresses are outside of the range of those assigned randomly by the UTM DHCP server.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML