I'm trying to emulate the web filtering rules on a different FW on a Sophos UTM.
The old hardware held the rules in a hierarchical format.
For example; a default policy to allow all except social media, then a policy that just defines Twitter users with an allow rule for twitter and a policy for Facebook users that just defines Facebook uses and allows Facebook.
Because they were arranged hierarchically (like Sophos does with IP filters) if it matches Facebook user and Facebook then apply the face book rule, otherwise apply the default.
As I can see it with Sophos the filter profile has to define everything, so although I can see how to create a rule profile for it you have to define the whole policy, not just an exception for Facebook users.
This means that any changes to the default policy would need to be duplicated in the Facebook, twitter and any other separate groups policies.
Does that make sense and is there a way to stream line it?
Thanks.
This thread was automatically locked due to age.
