Sophos

188

Solutions

358

Contributors

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.

Share tech news, updates, or what's on your mind.

Sign up to Post

We have the sophos utm firewall. Do you know if there is a way to get a specific users web traffic?
0
On Demand Webinar - Networking for the Cloud Era
LVL 9
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Hi all.
I need guidance/ assistance in if anyone has done a similar project? Rolling out kaspersky and uninstalling sophos..
We have around 900 workstations and 100 servers (VMs)...anyone has done a project plan Project plan ..risks...dependencies plan?
0
Hello,

I am running powershell to stop services, uninstall applications and remove some keys out of the registry.

If I open up Powershell as Administrator and type the commands manually they work a treat.
If I save those same commands as a .PS1 folder and run as administrator I get a field of red text saying all sorts.

I have run as Administrator, set Execution policy to unrestricted and have sufficient administrator privileges. Why wont the commands run when in PS1 but will individually?

Pictures Attached.
erroring.jpg
working.jpg
0
Hi:

I tried searching, but I'm a combination of surviving on 6 hours sleep split across 3 days and probably not finding the right words to put... So my apologies. Anyway:

My job site has been hit by the NotPetya attack. Long story short, out of 400 computers, 150 refuse to grab AV definitions from Sophos' offline servers (meaning it stupidly only pulled it from the fileserver at one point), and for some reason, the local admin password is no longer valid... On top of 25 infected machines, which both combined is causing corporate to refuse to power on the server until all machines are safe.

With that in mind, I was thinking of creating a temporary server to push the correct admin password back on the machine in case I need it later, and running the update patches from both Windows Update and Sophos Antivirus (which that's a piece of cake IMO) to be in compliance.

Since I'm no expert at LAN, I have 2 questions:

1. Can I just create a GPO with just the password update and not have it sync any other setting?
2. If that can't be done, can I clone the GPO settings of an enduser's computer with the ideal settings and upload it to the temp server?

Thanks for your help!
0
My company is currently move to a new office.  I have two Sophos SG210 devices.  They were setup using HA for redundancy.  I have stopped the HA so I can take one of the devices over to the new space to setup for some users to move over a week earlier.  I have configured the device for the new internet provider but my question comes to if I create a tunnel between the new space and existing space.  Would it cause a problem is I create a tunnel between the two locations and leave the internal LAN settings the same.  With this scenario the internal LAN's would be the exact same networks so I am wondering if it would cause conflicts.  Our current space also has a VPN tunnel to our datacenter.  I was going to also create a tunnel form the new space to the datecenter.  Would both offices being on the same internal network also cause conflicts with that.  

Or should I just have to change the internal LAN of the new space and enable DHCP on the Sophos for the users that move over early then change the LAN back after the entire move has been completed?
0
I've recently recently rolled out Intercept x by Sophos which is a software that prevents files from crypto viruses. it can detect file changes and roll these changes back.
However sophos have told me there is no way to tell from there cloud service if the end points has received the update. pain the in backside i know! they did say if the end point device has Hitman.pro service then the device has received the update.

So i'd like to know what's the easier way to scan the network to find this service or executable file on all the devices

Thanks
0
I have installed Exchange 2010 onto Server 2008R2. I have an SAN SSL certificate from Godaddy installed on Exchange (mail.domain.com and autodiscover.domain.com). I have a Cisco ASA acting as a firewall and a Sophos XG135 in bridged mode acting as the email filter. Email can be sent and received without a problem and the email is being filtered. OWA works from the outside without a problem, however, Outlook Anywhere will not work. I have poured over the available documentation from Sophos but cannot get a remote Outlook client to connect to the Exchange server using Outlook Anywhere.

Has anyone successfully configured the XG in bridged mode to work with Outlook Anywhere? What steps am I missing? Do I need to install the SSL cert on the XG instead of Exchange and make the XG an SSL Proxy? If so, is there any documentation on how to go about this with the Godaddy certificate?
0
I would like to make practice with a sophos UTM. (I don't have any experience with sophos before ).

Firstly how to connect it and how to reset all the existing setting (so to start for the begging)?
Also how to set web filtering etc.
0
We have configured on our end phase 1 and phase 2 to match an ASA that is on a cloud provider. Phase 1 and Phase 2 connect but when looking on the debug on the ASA with the tech decapsulating packets are not happening.

So when we get on a computer the data still times out and will not pass traffic through the VPN connection.

Anything besides the VPN that we need to configure on the Sophos XG85? Routes? Or firewall policies?
0
Hi
Has anyone got any real world experience of migrating from sophos to bitdefender (or the other way?)?
Evaluating BD currently and looks very good.  Relay option looks good for machines that can be pushed out to clients etc.  Unsure of the ins and outs until its deploying fully etc..
Obviously cheaper and has ransom-ware integrated.
Any pointers/recommendations on it?
Thanks
0
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

We have a problem where emails to certain domains are being blocked as spam, it’s gradually getting worse. We get bounce messages such as “5.3.0 - Other mail system problem 550-'Administrative prohibition”, “5.0.0 smtp; 5.3.0 - Other mail system problem 553-'Blocked Using Spam Pattern, Your Message May Contain The Spam Contents'”.
I have checked all the major black lists and all the minor ones that I could find, I’ve also checked reputational databases and all are showing as good for our domain and IP addresses. We are being blocked by major email management orgs such as messaglabs, mimecast and Sophos devices so I’m fairly confident that an org such as Sophos has blacklisted us and is propagating this to customers and partners.
I’m trying to work with the IT departments of affected recipients but they have their own problems and naturally aren’t prioritising our issue. Can anyone think of a way of finding out who has blacklisted us, avenues to go down, backdoors I can knock on, etc?
0
Hi
We used to use CentOS 5 with Sendmail, MailScanner and Sophos SAVI (Perl module) to scan mail virus.
As EOL of CentOS 5, I build the mail server on CentOS 7 instead.

My MailScanner doesn't work with SAVI mode (use less CPU resource), just work with Sophos mode (user more CPU resource).

I have complied the SAVI-Perl-0.30 and the after "make" the SAVI.so has been deployed to /usr/local/lib64/perl5/auto/SAVI/SAVI.so.

I set "Virus Scanners = sophossavi" in MailScanner.conf, let it make use SAVI module.
However I got the following error in maillog, keep saying "SAVI Perl module not found"

Apr 20 15:07:56 myserver MailScanner[5266]: MailScanner E-Mail Virus Scanner version 4.85.2 starting...
Apr 20 15:07:56 myserver MailScanner[5266]: Reading configuration file /etc/MailScanner/MailScanner.conf
Apr 20 15:07:56 myserver MailScanner[5266]: Reading configuration file /etc/MailScanner/conf.d/README
Apr 20 15:07:56 myserver MailScanner[5266]: Using SpamAssassin results cache
Apr 20 15:07:56 myserver MailScanner[5266]: Connected to SpamAssassin cache database
Apr 20 15:07:56 myserver MailScanner[5266]: Enabling SpamAssassin auto-whitelist functionality...
Apr 20 15:07:58 myserver MailScanner[5266]: SAVI Perl module not found, did you install it?

If I set  "Virus Scanners = sophos" in MailScanner.conf, it works, but use a lot of CPU and performance is not good.

In the MailScanner.conf, seems no conf to tell the …
0
Hi,

is there anyone here who has ever configured Sophos UTM and it's Web Application Firewall reverse proxy feature with Exchange 2010 using a single domain certificate and SRV-records as autodiscover-method?

The guide uses three different certificates and I am unable to follow as I have only one.

https://sophserv.sophos.com/repo_kb/120454/file/Exchange%20WAF%20How%20to%209%202%20new.pdf

Thanks,
Ralph
0
Ransomware is a concern for everyone and SOPHOS has come out with this Intercept X product that they claim to stop modern exploits, including zero-day and ransomware.

Has anyone had any experience with this product? Can anyone one confirm this products protection from Ransomware?
0
Hi,
We are considering Sophos Intercept X and Endpoint Security for our organization. I was wondering of anyone has had any experience with this product. If so, how is it working out for you.

thanks!
0
Hi,

I have exchange server2010  environment with Edge Server in dmz and Sophos UTM XG430 as an internal Firewall.

MY Exchange Server is integrated with O365  but there are some local users also.

when i try to send an email from local network to external email address i get : 5.7.1 unable to relay from sophos.

my hub is sending smtp traffic to sophos and sophos is sending to Edge.

Please advise what i have done wrong, this is new sophos device.
0
Hi, just got an alert from sophos cloud that one of our pcs got infected with huntsy malware but it is unable to quarantine it or remove it.  What would be best way to remove it? Thanks
0
HI all

Odd one I have inherited here.

In short there are 3 sites, one with an ASA (I don;t know the model at this point), one with a Meraki MX device and another location in Azure.

The customers site runs the Meraki, and there parent site runs an ASA.  These sites are connected and they have a DC at each location.  The customer currently accesses the Azure site via external RDP connections.  They want to create a site to site VPN from Azure to the ASA and the meraki for full connectivity.

The problem lies in that all parties eitehr have issues with IKE2 and or they have restrictions using policy based VPN's.  The solution is to put a virtual firewall appliance within azure which can support the VPN requirements.  I haven't had a good look at this yet but wondered if anyone has any experience deploying a firewall appliance within Azure and getting VPN's working etc, in what I assue is in a double NAT type situation...

Thanks
0
Hello Everyone.

We have a SOPHOS UTM firewall.  In the Web Protection - Filtering Options - HTTPS CAs we have imported a COMODO wild card cert *.mycert.net.

I have exported that same cert and imported it into Windows Group Policy on the domain controller so Windows clients will not get an error when surfing the net.  See screenshot of GP settings.

Capture.JPG
However, users are still getting a warning with the cert.  Am I leaving out a step?

Capture2.JPG
By the way, when I was making this question, I could not choose "UTM" or "CERTIFICATE" as topics.  EE rejected them.  Any idea why?

JamesNT
0
Enroll in August's Course of the Month
LVL 9
Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Hi All,

I have a VBS script, which checks on the network for Sophos End Point Antivirus application if its installed, and secondly it checks for which Sophos version its running.
I am trying to run it through GP, I have tried it under default GP policy (Startup Script) but its not working.
Under which Container in GP I should put so it will serve its purpose :-)

thanks.
0
Hi
Does anyone have any pointers for migrating Sophos enterprise console to the portal?
Have they removed the firewall product from the portal?
Thanks
0
If you have a hardware firewall installed like a Sophos UTM is that reason to turn off Windows firewall?  I'm curious

Thanks
0
Hi
We have two servers running enterprise console.  They manage three site between them.  I see sophos central is now an option.
Anyone migrated from enterprise to cloud?  Any issues, limitation etc?
Thanks
0
Dear Experts,

I am working on Sophos UTM 9, i have integrated it with Active directory and my requirements are as follows:

1) I want to give time based access to users for facebook, I have done all the configs but for some reason it is blocking for all the time and not for the time I mentioned.
2) i want to block some users for facebook based on time as mentioned above and to allow others. for some reason it is blocking for all the users.

looking forward for your kind gesture.
0
I have 2 Sophos UTM firewalls that I need to setup a site to site VPN.

In the setup there are 2 options: SSL and IPSEC.

What are the benefits of going with SSL vs. IPSEC for a site to site VPN.
(I am not interested in answers for client to site)

Thank you.
0

Sophos

188

Solutions

358

Contributors

Sophos develops products for communication endpoint, encryption, network security, email security and mobile security as well as unified threat management. Products include hardware (or software virtual appliance) network firewalls including web browsing protection, AntiSpam filters and antivirus protection, encryption and data protection, web filter, antispam and mobile content and device management tools.

Top Experts In
Sophos
<
Monthly
>