Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 4261 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Application control blocking well known sites unexpectedly

sachingurung

Hi Customers,

[Update 2] RCA has been found by development and application signature update will be pushed out as a hotfix. Please run an update manually if you do not see pattern version. Once done you will need to reload the web proxy service. More info here.

[Update 1] KBA has been released for this. Article will be updated as more information becomes available.

We are receiving a number of reports of certain well known sites (Youtube, Gmail, Yahoo etc) being blocked when accessed via a Firewall Policy with an Application Control policy enabled.

Update 24.05.2018: Updated Workaround and IPS signature version

Applies to the following Sophos product(s) and version(s)

Sophos XG running version x.14.82 of the IPS patterns

The current workaround is to explicitly add the required applications/sites as an Allow entry at the top of the selected application control policy.

Thanks,



This thread was automatically locked due to age.
Parents
  • 0

    Hey Community,

    RCA has been found by development and a new signature pattern is being released to fix this issue.

    [RESOLVED] Application signature update will be pushed out as a hotfix.  Please run an update manually if you do not see pattern version: 

    3.14.83 or 5.14.83

    Once done, you will then need to reload the web proxy service by 1 of 3 ways:

    1. Reboot XG
    2. Restart awarrenhttp service by running command from "Advance Console": service awarrenhttp:reload -ds nosync
    3. From the WebAdmin by browsing to "Protect > Web > General Settings", then click the "Apply" button in the "Protection frame"

    Link to KBA for more info.

Reply
  • 0

    Hey Community,

    RCA has been found by development and a new signature pattern is being released to fix this issue.

    [RESOLVED] Application signature update will be pushed out as a hotfix.  Please run an update manually if you do not see pattern version: 

    3.14.83 or 5.14.83

    Once done, you will then need to reload the web proxy service by 1 of 3 ways:

    1. Reboot XG
    2. Restart awarrenhttp service by running command from "Advance Console": service awarrenhttp:reload -ds nosync
    3. From the WebAdmin by browsing to "Protect > Web > General Settings", then click the "Apply" button in the "Protection frame"

    Link to KBA for more info.

Children
No Data