Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 6 subscribers
  • Views 15358 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Turning Off Web Protection Altogether

Aron Bert

We don't want web filtering at all with our UTM 9 so we turn it off and it doesn't give us the page that says it was blocked but the connection times out and when I look at the live view log it shows blocking the 2 sites we need access to.  How do I either add an exception to the countries it's blocking or just turn off blocking to let the site pass through?  I looked at exceptions, added the sites, still same result.  Log says it's blocking them still even though we don't get the notice on the browser that the site was blocked.



This thread was automatically locked due to age.
Parents
  • 0

    It is hard to know exactly what happened without knowing which live log you are viewing, and not knowing everything in the log entry.   Here are some of the possibilities:

    • You have country blocking enabled, and need to create a country blocking exception.
    • You have Intrusion Protection enabled, and the sites are sending back content that is triggering an alarm which blocks traffic.
    • You have web protection enabled, even though you said that you want it off, and web protection is blocking the traffic.

    However, web protection blocks the request, so it returns results quickly.   A long delay (about 2 minutes) followed by a generic browser message would indicate that the response was blocked, so the problem is probably in IPS or Country Blocking.   You can check for IPS events in the IPS log.

    However, Web Protection is the best part of UTM, and an essential part of any cyberdefense strategy.   I don't think you really want all users to have access to all web content.    Software Piracy?   School Cheating?   Pornography?   Criminal Activity?  Even if you do want access to all categories, you still should block access to bad-reputation sites.   I block Web Ads because I know that their content is not from the requested site, so the reputation is unknown.   Researchers have demonstrated that they are potentially usable for malicious purposes.

    An analogy:  If you don't want to get stabbed, you can either avoid bad neighborhoods or wear an armored vest.   90% of cyber-safety is staying out of bad neighborhoods.   The weapons used by bad guys are always changing, so you really don't want to find out if your armored vest will protect against the weapon they are using today.

    I second Bob Alfson's recommendation to get an expert involved.  There is a lot of complexity to UTM.

  • 0 in reply to DouglasFoster

    I turned web protection back on.  I am trying to make an exception to the sites but it's not blocking them with a splash screen it's just timing out.  How do I add an exclusion for countries?

     

  • 0 in reply to Aron Bert

    That is a bug or "undocumented feature".   Web Filtering ignores Country Blocking Exceptions. 

    Instead, create a web filtering exception to "Skip UTL Filtering" for the desired websites.   It produces the intended results, except that it probably eliminates any ability to block the site for specific users.   This is because I believe that URL Filtering is where the site is checked for category and reputation, so if you don't check, then you don't know.  

Reply
  • 0 in reply to Aron Bert

    That is a bug or "undocumented feature".   Web Filtering ignores Country Blocking Exceptions. 

    Instead, create a web filtering exception to "Skip UTL Filtering" for the desired websites.   It produces the intended results, except that it probably eliminates any ability to block the site for specific users.   This is because I believe that URL Filtering is where the site is checked for category and reputation, so if you don't check, then you don't know.  

Children
No Data
Unfiltered HTML