Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1105 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter - Block clients by user-agent

Steppenwolf

Hello,

I am looking for a way to regulate internet traffic based on user agents. Unfortunately I don't have control over the devices in our network, so I would like to restrict access to the internet based on the operating system. I read in another post that this is not directly possible in the XG but you have to go through the IPS. Is this still correct?

If so, can someone provide me with a working example. Unfortunately I do not manage to create a corresponding rule.

Thank you very much.

Regards,

Michael



This thread was automatically locked due to age.
  • 0

    The main issue is the encryption. 

    Based on the client, if you look into the Web request, a request is encrypting the GET first. So the firewall cannot tell, which user agent is used. Therefore the feature does not make a difference without decryption. If you do not have access to decrypt the traffic, there is not much to do here. 

    __________________________________________________________________________________________________________________

  • 0

    Hi Steppenwolf

    I would suggest you to authenticate users on your network. Once you authenticate users you don’t have to worry about IP address MAC address or type of OS.

    this might help you to meet your requirement

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    In our case, all traffic is decrypted. I also see the user-agents in the log viewer and in the syslog.

    Authentication would be nice, but I have a lot of remote offices where I have no control over the clients. Currently I could only accomplish the decryption of the traffic.

    With best regards,

    Steppenwolf

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?