Sophos UTM is getting a new version and guess what? No more 50 IP Limit.

[Jason 84]

"It still does take a rule to for just android and iOS to bypass only the antivirus.  All other filtering now works fine so you can still block unwanted sites or access."

 

pcdoc, can you please explain how you created a bypass for antivirus to get iOS/Android Microsoft Outlook client to connect in Sophos?  Currently I have to bypass the HTTPS decrypt/scan altogether.  When I create a rule that I should bypass SSL scanning, caching, antivirus, authentication, etc (all checkboxes), it still doesn't work for me.  Thanks.

 

Edited March 3, 2017 by Jason

[pcdoc 114]

 

"It still does take a rule to for just android and iOS to bypass only the antivirus.  All other filtering now works fine so you can still block unwanted sites or access."

 

pcdoc, can you please explain how you created a bypass for antivirus to get iOS/Android Microsoft Outlook client to connect in Sophos?  Currently I have to bypass the HTTPS decrypt/scan altogether.  When I create a rule that I should bypass SSL scanning, caching, antivirus, authentication, etc (all checkboxes), it still doesn't work for me.  Thanks.

 

 

 

This is what I use and it works for me on everything including Netflix and outlook.  The source network/devices are calling out a group of only all my IOS/Android devices.  IPS, Web and Application filtering are still enabled.

 

 

 

 

[Jason 84]

This is what I use and it works for me on everything including Netflix and outlook.  The source network/devices are calling out a group of only all my IOS/Android devices.  IPS, Web and Application filtering are still enabled.

 

 

 

 

 

The images didn't attach.  Please repost.  Thanks!

[pcdoc 114]

The images didn't attach.  Please repost.  Thanks!

 

Can you clarify, this is the rule directly from my firewall.  Which image did not match?  Are you talking about UTM V9 or XG?

[Jason 84]

Oh I'm sorry. This helps. I didn't see the images attached. By looking at your XG screens, it appears your IPS, app filter and web filter are enabled, but they are being completely bypassed only for streaming devices to include iOS/Android devices. That's essentially what I've done with UTM. I was hoping there was a way to get Outlook to work without having to have the devices bypass all the filtering. Guess not.

 

I was ready to jump from UTM to Sophos XG or Untangle, but it appears it wouldn't gain me anything at this point.

 

 

Sent from my iPhone using Tapatalk

[nrf 135]

I read that as showing only the malware (antivirus) scan being bypassed.

Edited March 4, 2017 by nrf

[Jason 84]

Perhaps I'm misreading XG's UI then. I read it as ACCEPT traffic from Stream Devices with none of the Malware Scanning options checked. Or Malware scanning disabled for Streaming Devices group only.

 

 

Sent from my iPhone using Tapatalk

[nrf 135]

malware scanning off, intrusion prevention on, web filtering on,  so two of three features still active? 

[pcdoc 114]

All scanning except malware is enabled for Android/IOS.  IPS, Web, and App filtering.  The rule applies my default rules the same as my normal network except for malware.

[Jason 84]

Pcdoc, I believe you ran Untangle prior to Sophos NG, correct? What prompted you to migrate?

 

I was looking at the Untangle online demo yesterday. Had never seen UT before. The UI is slick compared to UTM. Am not quite following the layout of the Sophos NG screens.

 

Also after reading the Sophos community threads about NG am afraid to test it

 

 

Sent from my iPhone using Tapatalk