Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 1398 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Feature Request: Integrate known bad hosts\sites etc into firewall...

mikepiet

I was recently looking at a product called ThreatStop and it looked to be a very good product. It basically blocks outbound (and inbound) traffic from known bad sites, countries, IP's etc etc.

With the tremendous resources Sophos has, I don't see why such a technology couldn't be implemented. While web protection is a good first step, that does not always block corrupt sites when malware is imbeded.

While the goal would be to keep all baddies of a machine in the first place, with the ever increasing rate at which malware evolves, it might be a nice feature.

:34337


This thread was automatically locked due to age.
  • 0

    Hello mikepiet,

    web protection is a good first step

    what's missing? As Web Protection does block "bad" sites what else should it do? Do you have any examples where such a site has not been blocked? Web Protection attempts to block only sites with "known" threats (and if you browse through this forum some think it is already going too far sometimes). Web Control adds another layer categorizing sites so you can block "potential" bad sites, and the gateway products offer even more control and in addition they assist you in submitting URLs for (re-)classification. 

    If you encounter a "bad" site you can always contact support.

    Christian

    :34369
  • 0

    I suppose one problem would be latency.  There is too much data and changing too fast for the endpoint to store and maintain.  Therefore you need a lookup to the cloud to make the assesment.  On a web page it's not so bad as you're fetching data from the web anyway and a little latency added by the lookup is neither here nor there on a good day.  Browsers probably tollerate delays in fetching content better than other client apps so to extend this to applications beyond browsers might have variable results.

    Just my thoughts.

    Regards,

    Jak

    :34373