This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Questions - Disabled Web Protection is not fully disabled.

Hello all. I have a Sophos UTM installed at home with Web Protection enabled.

I was having trouble streaming Apple tv content, so I decided to turn off everything (IPS, Web Protection etc) with the same results.

After enabling my everything back, including my Web Protection, same result... streaming would not start.

So I added an exception in the Filtering Option :

Apple TV UserAgent
Skipping: Authentication / Caching / Block by download size / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Do not display Download/Scan progress page
Coming from these User Agents: AppleCoreMedia

Since then everything is working fine on the apple TV.


1. My QUestion is, why when I disable the Web Protection, It is still blocking some traffics? I don't understand.

2. Now, I'm having a similar issue with Break.com, it will not stream the video, with Web Protection enabled or disabled.... Any idea why ?

Sophos UTM is a great product, but sometime, I don't understand the logic behind it :/

3. Another example, at 10:30 pm I block all traffics coming from certain hosts (Kids computer) with a firewall rule. But for whatever reason, port 80 is not being considered and most of today's applications/games are using port 80, so not much is getting blocked.  I didn't find a way to block Port 80 for certain host time based.

 
Can someone explain this to me ?



Thank you all!


This thread was automatically locked due to age.
Parents
  • A: Make sure you have the blocking rule listed above the allowing rule since rules are evaluated in order and once a match has been found no further rules will be processed.

    B: I leave this for someone else

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • A: Make sure you have the blocking rule listed above the allowing rule since rules are evaluated in order and once a match has been found no further rules will be processed.

    B: I leave this for someone else

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
No Data