This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

STAS in an RDS deployment & local service account being picked up.

Hello!

I've setup STAS on multiple DC's in my test environment and it seems to work OK (admittedly after a lot of playing about) and I'm slowly implementing it on a live network. So far it's picking up users in the live list on the firewall however it also picks up the endpoint sophos AV update account (currently sweepupd, old school!) every time the AV does an update.

For the purpose of the question, I'll need 2 web filtering profiles, one that allows social media and one blocking it. Users will be in one or the other. Unknown users will get a block.

So question 1 would be is this sweepupd account going to cause me issues when it comes to web filtering - will it suddenly forget the current user logged in and pick this one up and change the web filtering rules for that machine?

Question 2 is very similar - I need these web filtering rules to cover a handful of RD servers and being a multi user system it would (to my understanding) work in the same way as question 1. I can't have a user who can access social media logging in and then the web filtering think that machine is allowed for all users logged in.

Hopefully I've explained it OK and it's cropped up before the RDS deployment got overlooked when I ran through the testing phase, whoops!

Cheers

Ian



This thread was automatically locked due to age.
  • Hi, Ian, and welcome to the UTM Community!

    By your post, I'll guess that, although this is the first time you've worked with a UTM, you have substantial TCP/IP and networking knowledge.  I can tell you that I've followed behind very talented CCIEs that have created such a rats' nest of a configuration that I wound up charging twice as much to fix it as I would have charged for the initial installation.

    I don't know enough about what you're doing, but I suspect that you want Configuring HTTP/S proxy access with AD SSO (also applies in Transparent AD-SSO).  The advantage of using the Standard mode in a Web Filtering Profile is that you can leave the Default Profile in Transparent for the same subnets and it will handle the update requests for the machines.

    Cheers - Bob
    PS Moving this to the Web Protection forum.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks Bob, 

     

    I've not had time to go over this yet as other pressing matters have taken precedence - such is the IT world...

    Appreciate your assistance!

     

    Cheers

    Ian