Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 18 replies
  • Subscribers 27 subscribers
  • Views 2352 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking Cloud Drives Except For OneDrive Failed Using Application Filter

Craig Hoy

To Whom It May Concern

I've been trying to block all cloud storage drives accessed from our corporate network except for OneDrive. I tested the implementation using my personal iCloud account after the implementation on our Sophos XG firewall of the Application Filter (please see attached screen shot of the application filter) and could access iCloud despite the application filter having been applied. I followed the instructions on your corporate support site link https://support.sophos.com/support/s/article/KB-000035682?language=en_US for Google Drive which stated it could be used for all cloud drives. Could you please help?

yours sincerely

Craig Hoy



This thread was automatically locked due to age.
Parents
  • 0

    Hello Craid,

    Thank you for contacting the Sophos Community.

    Adding to what Ian mentioned, check that you don't have under Web >> Exceptions, the Default Apple exceptions enabled. 

    Are you using DPI or Web Proxy?

    One of the steps for this to work as Ian asked is to have Decrypt and Scan enabled.

    I would recommend you to check that you SSH in to the XG and in the Advanced Shell (5>3) put the following in debug mode

    # service awarrenhttp:debug -ds nosync

    And then check while accessing iCloud

    # tail -f awarrenhttp_access.log 

    It should give you more information as to what rule is being applied.

    Regards,

Reply
  • 0

    Hello Craid,

    Thank you for contacting the Sophos Community.

    Adding to what Ian mentioned, check that you don't have under Web >> Exceptions, the Default Apple exceptions enabled. 

    Are you using DPI or Web Proxy?

    One of the steps for this to work as Ian asked is to have Decrypt and Scan enabled.

    I would recommend you to check that you SSH in to the XG and in the Advanced Shell (5>3) put the following in debug mode

    # service awarrenhttp:debug -ds nosync

    And then check while accessing iCloud

    # tail -f awarrenhttp_access.log 

    It should give you more information as to what rule is being applied.

    Regards,

Children
No Data