Hi Folks !
I have an interesting question due to a request from one of my customers. He asks me, whether there is a possibility to limit Access to Outlook-Anywhere outside of normal Work-Hours.
Background of the question is, that the CEO want prevent the Danger of a "Burnout-Syndrome" on his employees. He discovered, that many of his personnel receive and write mails via mobile devices outside of normal Office-Work-Hours, so he is wiling to do all necessary to stop the workaholics from taking over (Yeah i know, some Directors would be happy if they had such involved employees)...
But Ok, let's give it a try. On the Company-Side, there is located a Sophos XG115 with Firmware "SFOS 16.05.6 MR-6" installed.
So my first intention was (nothing easier than that) to set up a firewall rule on the top, named it "Burnout_Prevention_Rule" and made the setting to block all requests from WAN to the Public-Interface that is hosting the Outlook-Anywhere-Requests and Internal-Address of the Exchange Server on Port 443.
Sadly to my astonishment, the rule completely will be ignored, even when the WAF-Rule for Exchange is on the Bottom of the Rule-List. It doesn't matter which kind of settings i made, all options will be ignored and it seems that Business-Rules always have higher priorities than Network-Rules.
In the WAF-Rule itself i didn't found any possibilities for time-based access-settings.
Does anybody know if there is a way to limit WAF-Rules in such way ? or what we can do otherwise to solve that problem (instead of taking power off the firewall at the Offtime-Workhours *joking*).
Thanks and Best Regards :-)
Josef
This thread was automatically locked due to age.
