Guest User!

You are not Sophos Staff.

Thread Info
  • Replies 0 replies
  • Subscribers 27 subscribers
  • Views 8090 views
  • Users 0 members are here
Options
Suggested

Sophos Firewall: How to create an exception in application filter

DominicRemigio

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

Overview

This article describes the steps to create an exception in the application filter. It provides the detailed steps about how to whitelist an application. It can also be used to blacklist an application with minor tweak.

The following sections are covered:

Applies to the following Sophos products and versions
Sophos Firewall v18 and later

What to do

The example shows how to create a whitelist for Skype with all other application in category "Instant Messenger" is denied.

Create a new application filter in XG webadmin GUI by going to Application > Application filter > Add button.

Give it a name and set the Template to Allow All.

Edit the newly created application filter.

Click Add

Filter it on Category > Instant Messenger.

Set the action of Instant Messenger to Deny. Then Save.

Edit the application filter "Only allow Skype", again. Then click Add.

Select Select individual application.

In the Name section, click the Filter icon. Select contains in the drop-down menu and then put "skype" in the filter string and click Apply.

Check all the Skype applications and then set the Action to Allow then click Save.

Make sure that the allowed application is on top of the denied application so that the XG Firewall denies all the applications from the category of "Instant Messenger", except Skype.

The last step is to edit the firewall rule  on Proctect>Rules and  policies> " FW Rule/Add Firewall rule " and set on the  Other Security features> Identify and control applications( App Control) as shown below: Click the Created Policy "Only Allow Skype"

You can tweak the application filter to deny certain applications and allow all other applications.

The example below shows how to allow all file downloads, except MP3.

Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.



Updated Disclaimer
[edited by: Erick Jan at 9:17 AM (GMT -7) on 17 Apr 2023]
Unfiltered HTML