Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 4449 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sophos XG SFV6C8 issue with outlook

S BA

HI,

I am having some issue with sophos XG SFV6C8 as every-time I open outlook(the application) , it is popping some alert related to un-trusted certificate and I installed the cert many times using GPO and manually. Some how it work for sometime then the alert returns again!!!! 

Sophos support is simply the worst and they were no help

Can you please let me know how can I do exception for outlook so Sophos doesn't scan the application?

Or else what solution can I do in this regard?

Thanks in advance for your support



This thread was automatically locked due to age.
Parents
  • 0

    SBA,

    if it depends on what protocols you are using. If Outlook is using IMAPS or POP3S, XG is intercepting those connections and the XG certificate is used to intercept SSL traffic and XG Certificate is used to scan on the fly SSL traffic.

    In this case, you are using Email Protection Business Rule, so you have to uncheck SCAN IMAPS/POP3S checkbox.

    If you are using Exchange protocols, like Outlook Anywhere so https services, you have a Decrypt and scan enabled or micro-app scanning enabled. Create an above rule from LAN to WAN going to your public email address where you disable HTTPS SCAN. If it does not work, disable micro-app using the console command:

    system application_classification microapp-discovery off

    Let us know.

    Regards

Reply
  • 0

    SBA,

    if it depends on what protocols you are using. If Outlook is using IMAPS or POP3S, XG is intercepting those connections and the XG certificate is used to intercept SSL traffic and XG Certificate is used to scan on the fly SSL traffic.

    In this case, you are using Email Protection Business Rule, so you have to uncheck SCAN IMAPS/POP3S checkbox.

    If you are using Exchange protocols, like Outlook Anywhere so https services, you have a Decrypt and scan enabled or micro-app scanning enabled. Create an above rule from LAN to WAN going to your public email address where you disable HTTPS SCAN. If it does not work, disable micro-app using the console command:

    system application_classification microapp-discovery off

    Let us know.

    Regards

Children