Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 2 answers
  • Subscribers 9 subscribers
  • Views 15988 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deny Access to email if sophos control app is not installed.

koolkuiet

Hello There,

My name is Pablo and we have setup SMC 6.0 in our environment, two thing I found some threat about it but no solution, we want to force the use the of sophos control and if a device doesnt have it deny access to email, I thing this is a two side conf, one from smc and one from exchange activesync but I havent found how to do it, and when i deny access to email to some devices even though they still can receive email, what i have to do to complete deny access to email.



This thread was automatically locked due to age.
Parents
  • 0

    Hi koolkuiet,

    as a pre-requisite to successfully use the "Deny email" options within the compliance rules mentioned by Josip you have to use the Sophos Mobile Control server as EAS Proxy. This way, all email synchronization tries are first hitting the SMC server which will verify if the device / user is allowed to retrieve emails from the mail server.

    If that is given, you can use the compliance rules to dynamically grant or deny email access.

    You can define required apps which devices must have installed or you can also use the minimum SMC client version or the sync interval as stated by Josip.

    Best regards
    Stefan

  • 0 in reply to SDU

    Thanks Stefan,

    About this how I have to setup the smc as eas proxy and what about exchange, i have to redirect activesync to smc server?, there's not info or any guide about that just info how to setup but not how to accomplish what I require.

    Do you have some guide or step by step that you would share with me, I'd appreciate that.

Reply
  • 0 in reply to SDU

    Thanks Stefan,

    About this how I have to setup the smc as eas proxy and what about exchange, i have to redirect activesync to smc server?, there's not info or any guide about that just info how to setup but not how to accomplish what I require.

    Do you have some guide or step by step that you would share with me, I'd appreciate that.

Children
  • 0 in reply to koolkuiet

    I agree too, there is nearly nothing about connecting SMC with an Exchange server behind. Here should Sophos Guys improve a guides and manuals. (especially Sophos Container and Secure functions)

    Neverthenless, there is lot of stuff in SMC training lesson, where you can find realy usable how tos.

  • 0 in reply to JosipBacinger

    When I was setting up our system, we implemented an internal EAS proxy server with the Compliance rule set to Deny email to force the access to be checked through the Exchange server while we were testing and getting the SSL cert and DNS setup for the external EAS proxy server. Then we converted to the external server. It worked out pretty well doing that.

    I found the information for the Internal EAS proxy server configuration in section 12 of the "Super Admin Guide". The External EAS proxy server is discussed in the "Installation Guide", but there is a separate manual for the External EAS proxy server called "Setting up the Sophos Mobile Control External EAS Proxy" that can be found in the SMC manuals section.

Unfiltered HTML