This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Open discussion: Web Appliance Explicit Proxy Vs Full End-Point Web Control

Hi all, 

I'd just like to get an idea on everyone's thoughts on the Pro's and Cons of Web Appliance Explicit Proxy Mode Vs Full End-Point Web Control Mode?

For example:

EXPLICIT HTTP PROXY, for:

+ HTTPS Scanning

+ Far less worrying about Sophos end-points not working correctly

+ One Sophos team to deal with - Appliance team

+ Easy access to block web access by group membership

EXPLICIT HTTP PROXY, against:

- Does not work when a laptop roams outside of the network

- Reporting is terrible

- Slower browsing for laptops as HTTP scanning still needs to be enabled for laptops in case they roam outside of the office

FULL END-POINT WEB CONTROL, for:

+ Laptops are still protected when working outside of the office

+ Faster for laptops as you're not scanning at the gateway again for laptops

+ Reporting is terrible, but at least I can use a decent reporting tool that even picks up the web applications (layer 7) 

FULL END-POINT WEB CONTROL, against:

- End-points out of date, not complying with policy, saying they are okay but are in fact not.

- Difficulty of getting Sophos end-points working again when its fubar 

- Having to deal with Appliance AND end-point team

- Mac OSX and other non WIndows platforms have been alienated (only works with Windows)

For me the simple answer to these are:

1. Sophos completely and utterly redesign the reporting in the Web Appliance. It's pathetic!

2. Sophos allow for location awareness in end-point AV, so we can disable web filtering on the end-points when they are behing an explicit HTTP proxy

3. Sophos once and for all spend some quality time on the Mac end-point offerings. 

4. Sophos improve the reprting in the web appliance

5. Sophos improve the reprting in the web appliance! ;)

Anyhoooos. What are your thoughts ladies and gents?

Thanks, 

John

:48380


This thread was automatically locked due to age.