Jump to content
RESET Forums (homeservershow.com)
itGeeks

Sophos UTM is getting a new version and guess what? No more 50 IP Limit.

Recommended Posts

Jason

"It still does take a rule to for just android and iOS to bypass only the antivirus.  All other filtering now works fine so you can still block unwanted sites or access."

 

pcdoc, can you please explain how you created a bypass for antivirus to get iOS/Android Microsoft Outlook client to connect in Sophos?  Currently I have to bypass the HTTPS decrypt/scan altogether.  When I create a rule that I should bypass SSL scanning, caching, antivirus, authentication, etc (all checkboxes), it still doesn't work for me.  Thanks.

 


Edited by Jason

Share this post


Link to post
Share on other sites
pcdoc

 

"It still does take a rule to for just android and iOS to bypass only the antivirus.  All other filtering now works fine so you can still block unwanted sites or access."

 

pcdoc, can you please explain how you created a bypass for antivirus to get iOS/Android Microsoft Outlook client to connect in Sophos?  Currently I have to bypass the HTTPS decrypt/scan altogether.  When I create a rule that I should bypass SSL scanning, caching, antivirus, authentication, etc (all checkboxes), it still doesn't work for me.  Thanks.

 

 

 

This is what I use and it works for me on everything including Netflix and outlook.  The source network/devices are calling out a group of only all my IOS/Android devices.  IPS, Web and Application filtering are still enabled.

 

 

RLgNV5.jpg

 

 

kRkFZa.jpg

Share this post


Link to post
Share on other sites
Jason

This is what I use and it works for me on everything including Netflix and outlook.  The source network/devices are calling out a group of only all my IOS/Android devices.  IPS, Web and Application filtering are still enabled.

 

 

RLgNV5.jpg

 

 

kRkFZa.jpg

 

The images didn't attach.  Please repost.  Thanks!

Share this post


Link to post
Share on other sites
pcdoc

The images didn't attach.  Please repost.  Thanks!

 

Can you clarify, this is the rule directly from my firewall.  Which image did not match?  Are you talking about UTM V9 or XG?

Share this post


Link to post
Share on other sites
Jason

Oh I'm sorry. This helps. I didn't see the images attached. By looking at your XG screens, it appears your IPS, app filter and web filter are enabled, but they are being completely bypassed only for streaming devices to include iOS/Android devices. That's essentially what I've done with UTM. I was hoping there was a way to get Outlook to work without having to have the devices bypass all the filtering. Guess not.

 

I was ready to jump from UTM to Sophos XG or Untangle, but it appears it wouldn't gain me anything at this point.

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
nrf

I read that as showing only the malware (antivirus) scan being bypassed.

Edited by nrf

Share this post


Link to post
Share on other sites
Jason

Perhaps I'm misreading XG's UI then. I read it as ACCEPT traffic from Stream Devices with none of the Malware Scanning options checked. Or Malware scanning disabled for Streaming Devices group only.

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
nrf

malware scanning off, intrusion prevention on, web filtering on,  so two of three features still active? 

Share this post


Link to post
Share on other sites
pcdoc

All scanning except malware is enabled for Android/IOS.  IPS, Web, and App filtering.  The rule applies my default rules the same as my normal network except for malware.

Share this post


Link to post
Share on other sites
Jason

Pcdoc, I believe you ran Untangle prior to Sophos NG, correct? What prompted you to migrate?

 

I was looking at the Untangle online demo yesterday. Had never seen UT before. The UI is slick compared to UTM. Am not quite following the layout of the Sophos NG screens.

 

Also after reading the Sophos community threads about NG am afraid to test it

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...