Hi all,
We are using Sophos XG as our firewall.
We are now looking a way to block our Internet Explorer user from accessing the internet. They are limited to access local only when using Internet Explorer. Appreciate your help.
Thanks
Sandy
Hi,
You can do this with IPS + AppCtrl + SSL/TLS Decryption - You can add this on the existent Rules that you have for the Users to Internet.
You can create/add a AppCtrl Rule that blocks from IE 6 to IE 9.
And to block IE 10 and IE 11 you will need to create a custom IPS Signature.
IE 11 IPS Signature:
content:"|54 72 69 64 65 6e 74 2f 37 2e 30|";
IE 10 IPS Signature:
content:"|54 72 69 64 65 6e 74 2f 36 2e 30|";
I've only tested IE 11 Signature, but I'm almost sure It won't bring false positives on both of those.
Be aware you will need to decrypt all HTTPS traffic in order to block all Internet Explorer connections to the internet, or else only HTTP connections will be blocked.
Hi Prism,
Already configured as you mentioned but not working yet.
Create IPS Signature for IE10 & IE11
Create IPS Policies from custom signature named "IPS Profile 5"
Added it to firewall rule
Test browsing from IE11 and still working.
Do I miss something? I'll try to investigate it first and will be back with the updates. Thank you very much for your help.
Hi Prism,
Already configured as you mentioned but not working yet.
Create IPS Signature for IE10 & IE11
Create IPS Policies from custom signature named "IPS Profile 5"
Added it to firewall rule
Test browsing from IE11 and still working.
Do I miss something? I'll try to investigate it first and will be back with the updates. Thank you very much for your help.
