Jump to content
RESET Forums (homeservershow.com)

Sophos Copernicus is now out of Beta and Has a New Name, Sophos XG Firewall

itGeeks

By itGeeks,
in Networking

 Share Followers 4

Recommended Posts

  • Replies 300
  • Created
  • Last Reply

Top Posters In This Topic

  • itGeeks

    92

  • nrf

    53

  • pcdoc

    46

  • psykix

    40

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

nrf

for intrusion prevention, the equivalent in UTM9 is the 'attack patterns' tab on the intrusion prevention page. since I am not hosting internet services I orient both toward protecting clients. on XG

itGeeks

Here is what Sophos had to say about this brand new platform- https://blogs.sophos.com/2015/11/10/sophos-xg-firewall-a-network-security-ecosystem-with-many-innovations/#more-30035   You can downloa

pcdoc

Well I was almost there this weekend but had to bail out.  Got everything working very well such as port forwarding, filtering, application policies etc.  Got my home automation, cameras, and streamin

nrf

nrf 135

Posted
Posted (edited)

thanks for that one! now how user friendly are we finding the resultant logs? :(

anyone finding it clumsy to have to scroll down to reach the right/left scroll bar? it would be so much easier if the number of records per screen were chosen to fit the screen.

 

 

now I am noticing that I can download an executable without hitting some dialog chiding me about my intended behavior, anyone have recommended settings for this aspect?

Edited by nrf
Link to post
Share on other sites
CaffeinatedTech

CaffeinatedTech 0

Posted
Posted

Well I can't get the Blizzard launcher to do any updates through the web filter, and the logs aren't helpful.. I see plenty of allow events to various blizzard sites and akamai, but no denies.  I know deny logging is working because I can set the filter to block explicit content and try to go to a porn site and it shows up in the logs.

Link to post
Share on other sites
pcdoc

pcdoc 114

Posted
Posted

Well I can't get the Blizzard launcher to do any updates through the web filter, and the logs aren't helpful.. I see plenty of allow events to various blizzard sites and akamai, but no denies.  I know deny logging is working because I can set the filter to block explicit content and try to go to a porn site and it shows up in the logs.

 

Try setting a default rule to enable logging of everything temporarily to see if that captures anything.  It might lead to the problem.  I use blizzard and will try and help to see if I see anything.  What do you have setup in terms of filters or applications?

Link to post
Share on other sites
CaffeinatedTech

CaffeinatedTech 0

Posted
Posted (edited)

Try setting a default rule to enable logging of everything temporarily to see if that captures anything.  It might lead to the problem.  I use blizzard and will try and help to see if I see anything.  What do you have setup in terms of filters or applications?

 

Yeah I created a deny all rule at the bottom of the firewall, I have logging enabled on everything I can find.  I can set the web filter to allow all and it still won't work, I have to set it to none.  I've got application filter set to none.

 

Blizzard launcher will sign in, and game play works fine, but if you try to install a game or something needs updates it will fail.  Anyone can test this by downloading the free blizzard launcher (you'll need a free account), and try to install Hearthstone (free game).

 

Oh and the Blizzard launcher no longer uses P2P for downloads and patches.  It uses connections on port 80 and 443.

Edited by CaffeinatedTech
Link to post
Share on other sites
pcdoc

pcdoc 114

Posted
Posted

Yeah I created a deny all rule at the bottom of the firewall, I have logging enabled on everything I can find.  I can set the web filter to allow all and it still won't work, I have to set it to none.  I've got application filter set to none.

 

Blizzard launcher will sign in, and game play works fine, but if you try to install a game or something needs updates it will fail.  Anyone can test this by downloading the free blizzard launcher (you'll need a free account), and try to install Hearthstone (free game).

 

Oh and the Blizzard launcher no longer uses P2P for downloads and patches.  It uses connections on port 80 and 443.

 

Ok thanks.  Will test it tonight to see if I get the same results.

Link to post
Share on other sites
pcdoc

pcdoc 114

Posted
Posted

Yeah I created a deny all rule at the bottom of the firewall, I have logging enabled on everything I can find.  I can set the web filter to allow all and it still won't work, I have to set it to none.  I've got application filter set to none.

 

Blizzard launcher will sign in, and game play works fine, but if you try to install a game or something needs updates it will fail.  Anyone can test this by downloading the free blizzard launcher (you'll need a free account), and try to install Hearthstone (free game).

 

Oh and the Blizzard launcher no longer uses P2P for downloads and patches.  It uses connections on port 80 and 443.

 

I am assuming you have the HTTP antivirus scan on?  Try and change it to real time scanning.  Protection>Web Protection>Web Content Filter.  Go to HTTP/HTTPS and change it to "Real Time" and try that.  Battle Net worked for me.  If that does not work, let me know and I will try some other combos.

Link to post
Share on other sites
CaffeinatedTech

CaffeinatedTech 0

Posted
Posted

I am assuming you have the HTTP antivirus scan on?  Try and change it to real time scanning.  Protection>Web Protection>Web Content Filter.  Go to HTTP/HTTPS and change it to "Real Time" and try that.  Battle Net worked for me.  If that does not work, let me know and I will try some other combos.

 

I already have the AV scan set to realtime.  Did your battle.net launcher actually perform a game update?

Link to post
Share on other sites
Jason

Jason 84

Posted
Posted

Before move to XG must you uninstall the Endpoint AV from each client previously installed from UTM 9.3?

 

 

Sent from my iPhone using Tapatalk

Link to post
Share on other sites
itGeeks

itGeeks 187

Posted
  • Author
Posted

Before move to XG must you uninstall the Endpoint AV from each client previously installed from UTM 9.3?

 

 

Sent from my iPhone using Tapatalk

I would say yes, The old Endpoint AV is not supported on XG. Its now called security heartbeat

https://www.sophos.com/en-us/press-office/press-releases/2015/11/new-sophos-xg-firewall-with-security-heartbeat.aspx

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 4
Go to topic listing
×
×
  • Create New...