This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SAV Scanning - HTTP(S) and SSL

Hi all

My search skills are failing me - can anyone please help?

I'm looking for some Sophos documentation on what/how HTTP/HTTPS and SSL traffic is scanned by Sophos Anti-Virus. We are currently being audited for network security and I'm struggling to write up much about the protection offered by Sophos regarding such scanning.

TIA!

This thread was automatically locked due to age.

Parents

0 jak over 12 years ago

The appliances activing as proxies can scan HTTPS and back when web scanning at the endpoint was implemented by a BHO - versions of SAV before 10.x, e.g. 9.7.x - which was IE only due to it being a BHO, that used to do do FTP, HTTP and HTTPS.
As QC says, the LSP now does the client side web scanning which can scan traffic at a lower level than a BHO but doesn't have access to the encrypted data. Interms of HTTPS in SAV 10+, this has some information about the browsers now supported and SNI support: http://www.sophos.com/en-us/support/knowledgebase/117019.aspx.
Regards,
Jak
:43367
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jak over 12 years ago

The appliances activing as proxies can scan HTTPS and back when web scanning at the endpoint was implemented by a BHO - versions of SAV before 10.x, e.g. 9.7.x - which was IE only due to it being a BHO, that used to do do FTP, HTTP and HTTPS.
As QC says, the LSP now does the client side web scanning which can scan traffic at a lower level than a BHO but doesn't have access to the encrypted data. Interms of HTTPS in SAV 10+, this has some information about the browsers now supported and SNI support: http://www.sophos.com/en-us/support/knowledgebase/117019.aspx.
Regards,
Jak
:43367
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data