Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 5881 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

web site visited

Miguel Thiebaut

Hello all, 
I'm a beginner in Sophos world in my new enterpise.

I have a request from my management to have the site visited by somes persons.

I have the Hardware Sophos UTM 9 & connected to Sophos Central Admin

I found in the Sophos utm 9 the log : Logging & Reporting > Web Protection > Users with URLs but the log is empty.

I searched in the Sophos central Admin  but I only found Blocked Categories / Warned Sites / Blocked Sites / Policy Violator & Malware Downloaders.

Do you know how can I have this info in the Sophos Central ADmin ? 



This thread was automatically locked due to age.
  • 0

    Hi  

    The option that you are looking is not available via the Endpoints managed by Sophos Central. You can, however, control the Websites the user's visit. If you wish to find all the URLs accessed by the users it can be only done via the perimeter SFOS or UTM. The below thread might help you.

    What exact URLs Visited?

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0

    You can do this on the UTM but the events wouldn't be in Central.

    You can also turn up the login on the EP and create logs of all sites visited there.  This requires registry keys to be set.  Would this be useful?

    Regards,

    Jak

  • 0

    Central even if you had it configured would only show sites that are blocked, the utm could show you but this is really misleading.  For example I have users that read the local paper online on their lunch or here and there.  I do see they are going there through the UTM but I also see that facebook, google, some advertising company are also happening because the newspaper site is linked to all 3.  

     

    What I have done is enabled control vis Group Policy or other means to eliminate the users ability to delete their browser history, this can be done with Internet Explorer, Chrome, Edge, Firefox, Safari, etc. etc..  Once you have selected the browsers you want to use and have them set so users cannot delete the history (they still can but they would have to do this via file explorer which means they are really trying to hide it) you can then block whatever browsers you do not want them to use via app control in sophos central.  

     

    Just a thought...

    Respectfully, 

     

    Badrobot

     

Unfiltered HTML