Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 2154 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nordvpn appears to be incorrectly classified

rfcat_vk

Hi folks, 

nordvpn is not an application according sophos XG. If you use the URL check for nordvpn.com it returns as information technology, where as the nordvpn site promotes VPN not much information technology.

With nordvpn missing from the application list means you now have a security hole in your firewall because it does not get blocked by the default VPN/tunnel etc profile. You will need to setup your own profile and hope that nordvpn do not start using servers in different domains.

sophos please address this mis classification urgently.

ian



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to emmosophos

    Hi emmosphos,

    thank you for passing that issue along. In cha ginghams the setting I remember another little gripe and that is according to XG I am block IT, but I cannot find IT in any of my active profiles. Now according to XG the NORDvpn is blocked because it is IT, that is not correct.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hello rfcat,

    The category of nordvpn should be correct already.

    As per the second issue you mention, does this XG used to be a Cyberroam device? 

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Hi emmosphos,

    no, the device is a home built unit.

    Nordvpn.com has been correctly reclassified, but still does not appear in the application list.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Do you use DPI/HTTPs decryption? As far as i know, nordvpn uses 443 and sneaks through firewalls as HTTPs traffic anyways. So hard to classify this traffic. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I use https decrypt and scan. If you have a firewall that is not using the proxy it will get through and nothing is registered.I have tightened all my rules and so far none required an additional exception or not using some of the other firewall features. The ability to use more checking in firewalls has only happened since mr3.

    I will setup a rule using dpi and see if that blocks it.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML