Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 4 subscribers
  • Views 20577 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

External Dynamic List (EDLs)

Steve Shaw

Hello,

Is this answer still valid ? https://community.sophos.com/products/unified-threat-management/f/web-protection-web-filtering-application-visibility-control/45727/who-is-the-external-filter-list-provider

and is there an option to add own customized URL/domain list  (A dynamic list hosted externally so that UTM can import objects—IP addresses, URLs, domains—included in the list and enforce policy.)

 

Thanks

Steve



This thread was automatically locked due to age.
Parents
  • +1

    Yes, the base data for UTM is provided by Trusted source, which Sophos uses with adjustments.   There is no provision for an alternate source to use for a second opinion.

    You can create static overrides, which is all that I have ever needed.

    SMTP proxy supports multiple custom RBL sources.

    You also should be able to integrate with Norton DNS.  I tried once, had trouble, and rolled back before figuring out what I did wrong.  

  • 0 in reply to DouglasFoster

    Hello Douglas,

    Do you know the update interval by which TrustedSource will update URL categories on Sophos UTM

    I am concerned about how long it will take UTM to get updated URL verdict once TrustedSource has analyzed domain/url as malicious

    Thanks

    Steve

  • 0 in reply to Steve Shaw

    Trusted source commits to complete their work in one business day, and they confirm by email.  They have consistently met that commitment for me.

    Sophos Support says that it can take up to 5 days to deploy changes after McAfee makes them.   This is invisible and I have not made much effort to verify, since the policy help desk tool only checks one URL at a time (making any audit process painful.)

    I believe you will find some items that are "Uncategorized" in UTM even though Trusted Source has a stable category.   This seems to be due to problems in the UTM lookup system, which I have been told will be addressed in a redesign.  I mostly see it on image references with long paths, so I think the issue has to do with applying higher level categories to leaf nodes.

    Both UTM and McAfee nay apply different categories to different paths within a website, which is appropriate.  I think reputation raings are more global.

  • 0 in reply to DouglasFoster

    Thank you Douglas for detailed response.

Reply Children
No Data
Unfiltered HTML