Application Control and Port dependencies

Question

Hello, 
 
 I do not understand how XG's Application Control work in detail (under the hood). Are any documentation somewhere? 
 I have to control and restrict some Traffic between LAN and Production due to written regulation of security. 
 e.g. for understanding 
 
 LAN-> Production :
 
 Allow Port 80 if it is HTTP 
 Allow Port 25 if it is STMP 
 Block all Traffic in all other cases

In this example we have to Block HTTP on Port 25. 
 How can I solve this with Sophos XG? 
 sincerly 
 Guenter

Prism · Answer

Hi Guenter , 
 So what you want to do is L7 aware Policy, with protocol enforcement. 
 You want to open port 80, but only if It's HTTP traffic, or port 25 if It's only SMTP? Or port 53 if It's only DNS? 
 If It is, Sophos XG doesn't support this since there's no way to "Block All, allow only X."; This is a feature that has asked multiple times, and pretty much most of the NGFW in the market supports it, but XG still falls behind. 
 
 Thanks!

Application Control and Port dependencies

Top Replies