This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Appliance integration with Mac vs Web Appliance integration with Windows?

My understanding of the Web Appliance is that if you have an all windows environment, you can implement the web appliance and integrate it with Sophos Endpoints and manage web behavior through that integration.

However, if you add Macs to the environment, my understanding is that the web appliance does not integrate with Sophos Apple Mac endpoint.  Therefore, any Macs in your environment would be much less protected than Windows machines - in relation to the web appliance.   However, if you setup all of your traffic to go through the Web Appliance, almost like a proxy situation, this would mitigate that lack-of-integration.

This was based on multiple conversations with Sophos engineers.  Today, a marketing specialist told me otherwise - that they DO integrate and always have.

I'm not so sure.  Perhaps the new web based product does.  I am an on premise end point user.

Does anyone know about this?



This thread was automatically locked due to age.
  • The Mac endpoint that is used with SEC and SWA does not do any web filtering.  Therefore you cannot control categories like pornography and have it enforced on the Mac endpoint.  However if the Mac is behind a SWA/UTM it will be controlled.  On the malware side since the Mac endpoint does of course do Anti-virus scanning you are still protected from those.

    The "Sophos Central" Mac endpoint (previously known as Sophos Cloud) does do Web Filtering and always has.  Also the "Cloud Web Gateway" protects all devices types everywhere.  Either the marketing person was confused at what product you were looking at, or is confused himself.

    So effectively if you get SEC with Mac Endpoint and a SWA, while you Macs are within your network you get Web Filtering (enforced on SWA) and all downloaded files are AV scanned by the SWA and by the EP.  If you take that Mac computer home then you no longer have the Web Filtering but all downloaded files are still AV scanned by the EP.

    Try looking here:

    www.sophos.com/.../sophosendpointprotectiondsna.pdf

  • I agree that if you direct all traffic through the Sophos Web Appliance (SWA) within your office - then and only then - will the Mac be protected by the appliance.  However, this is not necessarily an easy thing to do - firewall wise.  It took us a while to get it right.  When we didn't have it right - the Macs were not protected by the SWA.  Moreover, there was a serious bug a year or two ago that disconnected the Windows endpoints from the SWA.  Luckily, that was eventually fixed.  

    It would appear that the cloud product gets the integration a little better.  

    Adam in DC

  • I would say that the better phrasing is:

    Any web traffic (port 80 and 443) coming from devices running any OS is protected if traffic is configured to flow through the SWA.

    Making the traffic flow through the SWA is a network configuration issue that is different for every customer and not really related to the capabilities of the SWA.

    The SWA, traditional Windows Endpoint and traditional Mac Endpoint are three different products done by different teams.  Each are mature products that work independently, but have the ability to share configuration.

    The cloud products are new and are built from the ground up to work together as one seamless system.  Because they are new they may not be as mature or feature rich but they are positioned to be what system admins really want.

    In the coming years, the SWA, cloud, and endpoints will move even closer together.  Integrated security.

  • That is indeed better phrasing and provides better insight into the history of the applications.  Thanks.

    Adam in DC