This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Feature Request for Sophos Web Appliance

Hi,

I work for Foursys and have done multiple Web appliance installtions in my time to various size organizations.

What has re-occurred recently several times is the fact that when deploying multiple Web Appliances that are managed by a Management Appliance, HTTPs scanning if enabled applies to all networks.

In the case where some Web Appliances are filtering no domain mobile devices, the customer may wish to not perform HTTPs scanning against these networks due to the certificate errors it would produce on the clients.

The only way I can see to do this currently is to seperate an appliance from the cluster and have it standalone.

Ideally it would be good to have the ability to exclude source networks from this HTTPs scanning to resolve this issue.

Maybe this can be done using the connection profiles.

Thanks

Tim

:54523


This thread was automatically locked due to age.
  • Hi Tim,

    Currently there isn't a way to create this bypass in the Web Appliance configuration.  You are correct that you could have a seperate appliance for non-domain users with a different configuration which some of our customer choose to do.  The other alternative is to not route HTTPS traffic from that network range to the appliance, but then you will lose URL filtering for that traffic.

    I have added your feature request to our system.

    Also, so you are aware, our UTM product does have the ability to do what you are looking for.

    Petr.

    :54575