Sophos Web Appliance
Has anyone else experience of the Sophos Web Appliance for web filtering?
I've got one on evaluation and so far I can't believe how many proxy sites its letting through - even with the policies set to block them it lets through a good few!
I can't believe its that bad for a coporate product - unless I'm missing something
Until I left the college, last year, I was responsible for the Sophos Web and Email appliances. I have to say that I never had any problems with the proxys' getting through. I do remember spending a good few hours setting everything up though so that we were locked down. It was always a nice feeling to go into a room and hear the students complaining that they could no longer get through to Facebook, etc!
I think that, like most things, if you spend the time on getting it just right....it'll be worth it!
*I am not employed by sophos, nor do I have any connection to them! We use symantec where I work now!
Hmm, but I have an evaluation box set up to block Proxy/Translators and straight away I went to glype proxy and it worked perfectly! That site was categorised as Business by Sophos (Business is allowed for staff) so its failed to recognise the proxy site. I have the Dynamic Categorization enabled but still a simple google search found 4 glype type of sites that worked!
test it against megaproxylist.com
Get a smoothwall - blocked them 99.9% of the time out of the box
Well, we were running smoothwall - and have decided to stay with it/upgrade. The sophos appliance was a joke - googling for 'glype proxy' found 10 working ones in a shockingly quick time - even with all the rules etc set to block.
Originally Posted by glennda
So its hello again to smoothwall....
Agreed, we have Sophos here but not the actual appliance. After a couple of hours configuring its spot on.
Originally Posted by aerospacemango
Agree on the setup may not have been correct or it was not updated from factory as we had one and it worked fine and as good as any other.
It was updated, configured and discussed with sophos themselves, who reported the behaviour as normal and that the 'rogue' sites would need adding to a blacklist manually.
Give it a try on your sophos box - you might find like I did that some of the glype ones were classified as 'business' and therefore let through