Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 28 subscribers
  • Views 1008 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Home and malware detection

Volker Bandke

I have migrated the settings of my (now end-of-life) Cyberoam device to a Protectli FW4B that is running Sophos Firewall XG Home Edition, latest version.

Initially I was quite happy, but then I tried the EICAR.ORG testfiles, and those Test-Viruses were not detected, as opposed to thr Cyberoam device, which immediately shows an alert message.

Probably, this is one of the cases where the error is just between the chair and the screen :). So, what did I overlook/forget/screw up?

There are no entries in the malware log, the firewall log just shows“allowed“ for the web access, and the firewall rule contains http scanning (see image below)

with best regards



This thread was automatically locked due to age.
Parents
  • 0

    Are you doing TLS Decryption?

    Right now on the EICAR page your only able to download the test files through HTTPS, in order for the Firewall to scan the encrypted traffic it needs to decrypt it first.

    If you download the EICAR file through a HTTP (plain-text) connection (on another website) the firewall will catch and block it; If not, please report here.

  • 0 in reply to Prism

    Where would I turn on that TLS decryption?  Obviously, my Cyberoam box does this, and I migrated the Cyberoam settings.  Which buttons do I have to press?

    Thanks for the very quick response!

    Volker

Reply Children