Bad URLs Categorizations Error on Web

Michael Dunn are you serious ?  Your seriously think that Sophos is doing OK at failing to categorize IBM, Banks, Intel, ET.C. ? 

I have a Checkpoint appliance at home that cost a fraction of our Sophos solution that never failed to categorize properly in month.  I had it side by side with a Sophos XG105W so I could compare them for month.  Checkpoint have not shown a single mis-categorization in months.  Compare to Sophos XG at the office where users at calling me many times a day.  I could also compare to Symantec WEB filtering.  Symantec'hit s***t old "SpyWall" AND Symantec new waffle††† b************† Coat.

It is not a matter of personal taste.  Intuition. Or guesses.  I know XG WEB filtering does not match the "average" performance of the industry.  Has nothing to do with being fair or not.

Paul Jr 

Hi Paul,

What percentage of Support calls does Sophos get about bad categorization?  Almost none.
When Sophos goes to partners and asks for what features do the partners want, categorization barely gets mentioned.
In the forums, what percentage of posts are about categorization?  More than other areas, but still low.

I think that, in the grand scheme of things, Sophos does pretty good at categorization.  I know that it is very hard for me to tell the other parts of the company "categorization is an issue we need to solve" since they come back "give us the evidence" and there is none except a few people complaining in the forums.  Sophos is like any company - it will spend time and money in the issues that have the most complaints, that will make the biggest sales.  Right now, categorization isn't that.

I am not saying you are wrong or that you shouldn't complain.  I'm saying that you should gather all your complaints about XG, prioritize them, then complain in every feedback mechanism you can.  And include evidence, statistics, examples.

Lets take two instances from this thread where evidence, statistics, examples and investigation have worked:

rfcat_vk has been complaining about 20,000 uncategorized websites a day for a long time, when it is actually 20,000 hits to a single website that is uncategorized because there is a "do not categorize" exception in place for it.

downloadcenter.intel.com was (most likely) categorized like that deliberately because a customer complained and wanted it that way.  Now you complained and want it another way and it was changed.

So you saying "you seriously thing that Sophos is OK at failing to categorize [...] Intel?  I reject your premise that we are failing to categorize it.  Show me evidence and examples - that we can investigate and fix - not rants.  And show me the numbers of admins who are complaining about it so that it can receive higher priority.

Yes Michael,

you are correct, I have been complaining for awhile about the high count. What do other admins see from their servers talking to Sophos central about anti-x updates, how do they stop the count?

I suspect my issue is caused by the endpoint protection installed on the server when I had the UTM running and managing end points. I suspect I will have to fire up the UTM when I can find the disk to update/ remove the software even though the server shows it as being up to date? Of course this leads to another question, why does the server talk to the Sophos sites so often? This server does DNS, and photo management all internally.

Ian

Hello M. Dunn

I do not have numbers to reach a statistical conclusion.  And that's not close to be an argument anyway.  If you want numbers that turn wrong, 88 millions Germans followed Hittler.  No.  I just have a permanent access to WebSense, Symantec and Checkpoint web filtering.  And a lot of experience and common sense.  I can compare Sophos every hour of the day if I want.

The screen shot I posted last week is crystal clear to whoever wants to see.  Intel was wrongfully categorized.  Now if one, two, or even one hundred persons complain to have a web site category changed for something as large as Intel.com, and they succeed, that simply means mechanisms behind Sophos categorization are flaw and dead broken.  WEB categorization shall not be based on a popularity contest  !!!  And particularly for WEB sites as gigantic as Intel.  That's how categorization was done 15 years ago.

Paul Jr 

Hi Big_Buck 

We understand you're not satisfied and we have allowed you to express your dissatisfaction. We have had professional services and support managers attempt to work with you on a professional level. We would like to help and assist you regarding the issues you are experiencing. However, your ranting is not helping others in a constructive manner. If you would like to have a dialogue, please raise a support case and we will work with you. Work with us to make it better for you and everyone else.

Best,

FloSupport | Community Support Engineer

Dear Sophos Team,

We are expecting some solution for this issue. This is the Genuine problem in XG 17 and Sophos should look into this issue very seriously.

Now a day’s many sites categorizations are not done properly and category get randomly change this Is what we observed.

Sample case:

This Site https://www.ieindia.org/, in Sophos it is showing in “Job” category. But I believe this site should be in educational web category.

I cross check with Bluecoat, Fortinet, SonicWALL website category portal and it shows this website in educational category. Why in Sophos it is showing in Job category? This is by mistake or any logic behind this?

Similar case with: www.instagram.com also. It should be in social media or media sharing but in Sophos it is showing in photo gallery category.

Many more are there…

I'm sorry but I also think that categorization has a lot of false entries. I just took a look at category 'Jobs Search':

The first 5 entries are definitly wrong. Number 6 is about finding new staff. 7 and 8 are again completely wrong.

I see this every day and currently looking at categories and reports based on it makes no sense.

From my point of view this feature is completely broken.

Hi Jelle and Dilip Patel

I would agree for re-assessment for some of those websites.

Specifically:
ieindia.org -> educational
newsletter.actebis.com -> general business
news.hilti.com   -> general business
aerzen.com -> general business
idgesg.net -> advertising
instagram.com is debatable as it is a photo gallery, but more of a social-media and social networking type category.

The other items in the list seem to be valid Job sites.

I would advise to please submit these and future websites for re-assessment via our submission page here. Please PM me if you run into issues submitting via our page.

Regards,

FloSupport | Community Support Engineer

HI,

we can submit the sites for re-assessment if we know site is wrongly categorized (Reported cases).

I just go through 1 days logs and it clearly seems site list is very big and do you think this is the feasible solution to submit these many websites every day for re-assessment?

you should think from user prospective, many sites category is allowed as per the policy but due to wrong categorization site is not opening and user assumed site is blocked by IT as per the policy and they manage their work through other workaround.

Here is list of sites which is wrongly categorized.

iciciprulife.sc.omtrdc.net

yatraonline.sc.omtrdc.net

loyaltysolutions.sc.omtrdc.net

cisco.sc.omtrdc.net

rmf.sc.omtrdc.net

valyoo.sc.omtrdc.net

kotakmahindrabank.sc.omtrdc.net

inc-excel.officeapps.live.com

indigoaviation.sc.omtrdc.net

siemens.sc.omtrdc.net

ideacellularlimited.sc.omtrdc.net

hsbcbankglobal.sc.omtrdc.net

dulux.sc.omtrdc.net

fnp.sc.omtrdc.net

ltfh.sc.omtrdc.net

spicejetlimited.sc.omtrdc.net

static.sharepointonline.com

indiaskillsgujarat2018.org

www.bajajfinserv.tech

Vote to this feature here: ideas.sophos.com/.../33264490-web-category-and-reputation-override-like-utm