We're new to Sophos, moving from other products. First a quick explanantion of our setup to lay the foundation. We use TMG as our firewall with a webfiltering product laid on top. All HTTP(s) traffic is scanned and filtered no matter whether someone has their proxy server settings on or not. We use DHCP WPAD to set the Auto Detect feature of the browers to the proxy server they should use but in our setup, it's really not necessary as all the traffic gets filtered anyway but we do it anyhow. This works well for us because sometimes you have apps that don't like to use a proxy server and therefore we can set the browser to not use a proxy and it gets around the problem but still filters the traffic.
Since we are moving to Sophos for the web filtering, I need to come up with a simliar way of filtering this traffic best we can, without letting too many connections go through TMG unfiltered. Because as soon as I uninstall the plugin on TMG for the filtering, and set everyone to go through the Sophos we will have that risk. Therefore, what is the best way to make sure Sophos is filtering all of the traffic? Since we are using TMG as our edge firewall the Sophos will be internal and downstream of the TMG firewall. I've read in the config papers about the plug in but thats for TMG being downstream of the Sophos, which is not our setup. From what I've read, it looks like we have two options, setting the Sophos up as strictly a proxy server using DHCP WPAD for setting the browsers as well as a GPO to force the auto detect, and the other option would be to use the Sophos upstream of the TMG, possibly in DMZ, to filter the traffic. Am I wrong on this or is there another way to do it?
Ideally, I'd like to have TMG somehow call out to the Sophos for any HTTP request for fitlering and have it return the results: like this:
user-->TMG-->inet
|
Sophos
I'm open to any and all thoughts on this and would appreciate any feedback.
Thanks,
Howard
This thread was automatically locked due to age.