Hi all,
I'd just like to get an idea on everyone's thoughts on the Pro's and Cons of Web Appliance Explicit Proxy Mode Vs Full End-Point Web Control Mode?
For example:
EXPLICIT HTTP PROXY, for:
+ HTTPS Scanning
+ Far less worrying about Sophos end-points not working correctly
+ One Sophos team to deal with - Appliance team
+ Easy access to block web access by group membership
EXPLICIT HTTP PROXY, against:
- Does not work when a laptop roams outside of the network
- Reporting is terrible
- Slower browsing for laptops as HTTP scanning still needs to be enabled for laptops in case they roam outside of the office
FULL END-POINT WEB CONTROL, for:
+ Laptops are still protected when working outside of the office
+ Faster for laptops as you're not scanning at the gateway again for laptops
+ Reporting is terrible, but at least I can use a decent reporting tool that even picks up the web applications (layer 7)
FULL END-POINT WEB CONTROL, against:
- End-points out of date, not complying with policy, saying they are okay but are in fact not.
- Difficulty of getting Sophos end-points working again when its fubar
- Having to deal with Appliance AND end-point team
- Mac OSX and other non WIndows platforms have been alienated (only works with Windows)
For me the simple answer to these are:
1. Sophos completely and utterly redesign the reporting in the Web Appliance. It's pathetic!
2. Sophos allow for location awareness in end-point AV, so we can disable web filtering on the end-points when they are behing an explicit HTTP proxy
3. Sophos once and for all spend some quality time on the Mac end-point offerings.
4. Sophos improve the reprting in the web appliance
5. Sophos improve the reprting in the web appliance! ;)
Anyhoooos. What are your thoughts ladies and gents?
Thanks,
John
This thread was automatically locked due to age.