Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 40 replies
  • Answers 2 answers
  • Subscribers 40 subscribers
  • Views 96641 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Streaming Services Blocked

StephenBurton

"Reopening" this thread since it is a ongoing issue. As others have already experienced, I'm running into the same streaming issues. Netflix, PluralSite, and other streaming services won't work on AppleTV, Wii, Samsung Smart TVs, Apple iPad, and Apple iPhones but does through a web browser. Also, audio streams won't stream properly (constantly restart) and PlayStation updates won't download properly (get 175% download messages before throwing an error).  Lastly, I cannot login to some banking websites and have difficulties with content downloading on other reputable sites.

So, as others have, I created a profile which filters based off of MAC address and has malware scanning and web scanning is turned off - so essentially everything that you want in a modern security appliance turned off. Most of the systems began to work, but Netflix on the Wii still does not work (streams get to 100% but never start. I also tried the Netflix filters used on the UTM but as other have experience this does not work on the XG).

Also as others have experienced, no useful log files are created as to what it getting blocked, either Malware or web filtering of any type kills any stream (even simple filters such as blocking webmail will kill a stream - seems to be a issue with the scan engine itself and nothing to do with the content.) 

Obviously this is a serious issue that needs to be addressed as I can purchase a $50 firewall from Walmart that will work better than the XG currently is. Don't get me wrong, I'm a Sophos fan, but this has been an ongoing problem for way too long. What's the plan for this to be fixed? My definition of "fixed" is the ability to have malware scanning and web filtering enabled on devices that stream content. It needs to work this way because a large number of devices stream content and disabling malware scanning and/or web filtering is not on option. 

Has anyone else had better luck with streaming content on the XG with security enabled? I'd like to move back to the UTM firewall, however streaming doesn't work that well on that platform either. 



This thread was automatically locked due to age.
Parents
  • 0

    I think we need to remember these applications are born in the corporate world not the home user world.  Not an excuse (definitely a benefit) but these will be unique circumstances to that environment.  The use cases for LAN to WAN vs WAN to LAN in UTM is really in that context.  Corporates have had an endless struggle protecting their IP from 'dumb users' so to speak and such policies such as LAN to WAN have been required.  In those environments basically all packets from LAN to WAN are blocked, special proxies allow outgoing web traffic and managed rules are available for internal servers and such.  Typically Netflix and the like would not be approved and as such the scenario is a rare one.


    Home users are different.  We want simplicity and everything to just work.  That isn't typical of traditional firewalls and the trade off will always be reduced security for convenience.  Seems like Sophos haven't gotten their head entirely around that yet.  e.g. installing the XG gateway appliance and the large, unbelievable oversight of not included PPPoE in basic network options for license validation.  PPPoE is typically home users and the software doesn't have it because well, it's not really designed for home users.  Someone who can set up a firewall appliance like that will know how to get around it.

  • 0 in reply to QuentinJackson

    Sorry, I disagree on some of your statements. XG is what some small business might use and they would have an ADSL server PPPoE.

    Netflix, facebook, messenger, etc are now corporate multi-meadia tools both inhouse and for customers. MS and MAC updates come in through the various internet connections not just MS WSUS/SCCM servers.

    After the MR1 update my Apple updates flow without any issues, I have automatically downloaded and installed to MAC OS 10.11.4 beta releases both over 1gb. Previously the only way to successfully download them was through the UTM.

  • 0 in reply to IanMorehouse

    Agreed. Sophos seems to have an Apple way of thinking meaning 'You don't need that', We are Sophos we know what you need.

Reply Children
No Data