Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 2735 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TIME BASE WEB POLICY - CACHING PROBLEM

Proudmore

Hi Sophos Community, Engineer and Architect

Good Day

I have a problem with the Sophos SG UTM 9.4**

I have a time based web policy which is allow Social Networking and Streaming media during Lunch time.
BUT I noticed that, after lunch time users can still have an access to S.Networking and S.media.

Clear browsing history is the solution to block S.networking and S.media after lunch time under Mozilla and Gchrome


Do you experience same issue?
How do you resolved this problem?
Is there anyway to resolve this?
Aside form decrypt and scan https traffic?

Gracias Senior



This thread was automatically locked due to age.
Parents
  • 0

    Kunkka, An established connection won't be interrupted, but no new connections will be made.  One solution is to force a restart of the Proxy when the block rule is supposed to go into effect.  This does interrupt all up/downloads and they will need to be restarted:

    Say that you want to start blocking every day at 13:00.  Add the following line to /etc/crontab-static:

    0 13 * * * root /var/mdw/scripts/httpproxy restart

    After that, force the system to add the new line to /etc/crontab by setting Up2Date to "Manual" in 'Management >> Up2Date', [Apply], change it back, [Apply].  This will survive reboots, but is not included in a config backup.

    There may be a gentler method, but I don't recall it at the moment.

    Cheers - Bob
    PS I moved this here from the General Discussion forum because this is a question about Web Filtering.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Kunkka, An established connection won't be interrupted, but no new connections will be made.  One solution is to force a restart of the Proxy when the block rule is supposed to go into effect.  This does interrupt all up/downloads and they will need to be restarted:

    Say that you want to start blocking every day at 13:00.  Add the following line to /etc/crontab-static:

    0 13 * * * root /var/mdw/scripts/httpproxy restart

    After that, force the system to add the new line to /etc/crontab by setting Up2Date to "Manual" in 'Management >> Up2Date', [Apply], change it back, [Apply].  This will survive reboots, but is not included in a config backup.

    There may be a gentler method, but I don't recall it at the moment.

    Cheers - Bob
    PS I moved this here from the General Discussion forum because this is a question about Web Filtering.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML