Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 4 subscribers
  • Views 21576 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering Policies based upon IP Address

vertices

I am in the process of migrating from a SonicWALL TZ215 to Sophos UTM9 for my home network.  The first issue I am having is in recreating my web filter policies.  I have 3 classes of machines on my network.  

  • Nodes that can browse anywhere
  • Nodes for kids that are restricted
  • Nodes that should not be allowed to browse at all

On my SonicWALL it was very easy to simply set up IP ranges and assign different policies to them.  Then anyone in that range automatically had that policy.  So all of my DHCP reservations and static assignments have nodes grouped into appropriate ranges for different policies.

I am trying to recreate this on Sophos but so far, have had no luck.  This is a home network so no AD.  I also do not want users to be required to authenticate.  I just need a policy auto applied to certain IPs.

Is this possible?  I'm not having much luck figuring this out.  Thanks in advance.



This thread was automatically locked due to age.
Parents
  • 0
    "I think I got it. Out of curiosity, why does the order of filter profiles matter if they are all locked down to allowed networks? What happens if there is allowed network overlap? Most restrictive wins?" The answer to these are that Profiles are evaluated in order until a match is found. If there is a match, processing ends and no further profiles are checked. If you have two profiles with an overlapping allowed network, less restrictive with higher precedence and more restrictive with lower precedence, the less restrictive would apply and the more restrictive would't be checked against.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Reply
  • 0
    "I think I got it. Out of curiosity, why does the order of filter profiles matter if they are all locked down to allowed networks? What happens if there is allowed network overlap? Most restrictive wins?" The answer to these are that Profiles are evaluated in order until a match is found. If there is a match, processing ends and no further profiles are checked. If you have two profiles with an overlapping allowed network, less restrictive with higher precedence and more restrictive with lower precedence, the less restrictive would apply and the more restrictive would't be checked against.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Children
No Data
Unfiltered HTML