Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wildcard usage methods. Is it available ?

Hi All,

General built-in Web categories are not enough for creating special in-depth web policies for non english spoken countries.
Other than english languages foreign ones has its unique words, sentences even letters affects the domain names accordingly.
These variables creates hardness for preparing secure network through policies.

Is there any option available to resolve this kind of requirements in the Sophos Xg devices?

How to use wildcards and/or asterisks in Sophos Firewall and/or Cloud Endpoint Protection?

Exanple usage;


To block any host for site.com use:
*.site.com

Another example when streaming-media category is blocked, The settings below allow access to youtube.

*.youtube.com
*.ytimg.com
*.youtube.com/watch
*.googlevideo.com
Then following characters are considered separators:
./?&=;+
Every substring that is separated by the characters listed above is considered a token. A token can be any number of ASCII characters that does not contain any separator character or *. For example, the following patterns are valid:
*.yahoo.com   => Tokens are: "*", "yahoo" and "com" 
www.*.com     => Tokens are: "www", "*" and "com"
www.yahoo.com/search=*  => Tokens are: "www", "yahoo", "com", "search", "*"
Thanks all.


This thread was automatically locked due to age.
Parents
  • As you can read in the firewall help:

    "You must enter a valid domain name. Regular expressions are not allowed."

    So you can use the following:

    site.com to block any host from this domain

    or

    host.site.com to block a specific host

  • If you're using URL Groups or Web Categories, while creating a new group with "site.com", not only the host domain will be blocked but It will also work as an wildcard.

    If you use "new.site.com" only the subdomain will be blocked.

    All of this applies on both Web Filtering and SSL/TLS Inspection Rules.

Reply
  • If you're using URL Groups or Web Categories, while creating a new group with "site.com", not only the host domain will be blocked but It will also work as an wildcard.

    If you use "new.site.com" only the subdomain will be blocked.

    All of this applies on both Web Filtering and SSL/TLS Inspection Rules.

Children
  • Thanks

    Yes in use of Web Categories. These cats are especially for english-spoken countries i'd say.
    So those pre-compiled lists could not satisfy the needs for non-english spoken zones.

    There are lots of new web sites appear like a plop every day for getting over the blockage of dmca or government censorship.
    So it is very hard to track the new domains via logs.
    Yes censorship occurs in these regions.


    if there is no wildcard method available is there any other way to get this kind of job done?
    Different approach; maybe via another mechanism..