Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 6177 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG firewall does not perform IP reputation check with dangerous site

ShunzeLee

Dear All,

Sophos XG firewall does not perform IP reputation check with some dangerous IP addresses. 

Such as 203.205.151.160 & 203.205.129.101

But both of them are marked as dangerous when user browse them with Chrome.  

And the 2 IP are rated as Malicious and Phishing site in Virus Total.

 

 

I opened a case, ID is 7968656.

Support Team said "Sophos XG firewall does not perform IP reputation check with such dangerous IP site".

Sophos XG can't protect user with ATP, web filter, or other protection now.

And ask me to create feature request as following.

https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/33638998-sophos-xg-firewall-does-not-perform-ip-reputation

 

Please vote the feature request to push Sophos do better.

Thanks~



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I am a bit confused. What you are saying is that even with safebrowsing enabled, avira and sophos as the anti-v etc engines plus the lookup tables, none of that works? So what protection does the XG provide?

    Or are you saying websites get checked, but not IP addresses which seems a little strange for a security device?

    Ian

  • 0 in reply to rfcat_vk

    We hope ATP can protect user to browse the dangerous site.

    Or with Web filter to block the dangerous site.

    But both of them can not do it.

     

    Maybe you can tell me how to protect user to open the unknow site with XG?

    When user browse the sites, only Chrome warns user, but XG do nothing...

  • 0 in reply to ShunzeLee

    Hi,

    I was just asking to clarify your issue in my mind. Both sites get past the XG. The first site gets picked up by my Sophos anti-x software on the MAC, but nothing from the XG.

    Ian

    Investigating the web further show that google safe surfing has one of the sites identified as malicious, yet does not showup or get blocked by the XG or Safari. Firefox blocks it using google safe surfing.

Reply
  • 0 in reply to ShunzeLee

    Hi,

    I was just asking to clarify your issue in my mind. Both sites get past the XG. The first site gets picked up by my Sophos anti-x software on the MAC, but nothing from the XG.

    Ian

    Investigating the web further show that google safe surfing has one of the sites identified as malicious, yet does not showup or get blocked by the XG or Safari. Firefox blocks it using google safe surfing.

Children
No Data