Guest User!

You are not Sophos Staff.

Thread Info
  • Replies 0 replies
  • Subscribers 26 subscribers
  • Views 32513 views
  • Users 0 members are here
Options
Suggested

Sophos Firewall: How to allow specific websites without authentication

DominicRemigio

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

Overview

This article describes how to allow users to access specific websites even if they are not authenticated.

Scenario Allow unauthenticated users access to specific websites, in this case, www.sophos.com. The user should not be able to access anything else other than www.sophos.com without getting authenticated.

The following sections are covered:

Applies to the following Sophos products and versions
Sophos Firewall

Configuration

Step 1: Create Custom Web Category

  1. Go to Web > Categories and click Add to create a new Web Category using the parameters below.

    Parameter Description

    Parameter Value Description
    Name Allowed_Websites The Name to identify the Category.
    Classification Productive Select the category of the website.
    Traffic Shaping Policy None Specify the Traffic Shaping policy to be applied to the category.
    Domain/Keyword www.sophos.com Domain: Enter the domain(s) which are to be blocked/allowed.
    Keyword: You can also mention keywords. Any URL containing those keywords is blocked/allowed.
    Local Define domains and keywords that are specific to your organization. To import a domain or keyword list, click Choose File and select a text file.
    External URL Database An external URL database contains a list of domains that is maintained by a third party. These include, for example, country-specific block lists and open-source URL categorization lists.



  2. Click Save to create the web category.

Step 2: Create Web Filter Policy

  1. Go to Web > Policies and click Add policy.
  2. Name the Rule and click on Add Rule. Define the created custom category in the Activities tab and select the action as Allow.



  3. Click Save to save the Policy.

Step 3: Configure Default_Network_Policy

Since the Default_Network_Policy Rule is set to drop all unauthenticated traffic, you have to configure it to allow www.sophos.com.

To configure the rule, follow the steps below:

  1. Go to Rules and policies > Firewall rules and select the Default_Network_Policy to configure it.
  2. Under the Security features > Web filtering section, select the Web policy as Sophos_Allow.



  3. Click Save to apply the changes.

The configuration above allows unauthenticated users to access www.sophos.com. All other sites will require authentication.



Updated Disclaimer
[edited by: Erick Jan at 1:59 PM (GMT -7) on 17 Apr 2023]
Unfiltered HTML