This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Inherited authority on HTTP proxy

Hello
I wonder if it is possible to do the following:

I would like to create 5 AD groups (from basic to full authority) which are used by an http policy.

In the ASG I would like to enable sites e.g. for the second group and all higher groups should get this privileges passed.

my aim is to enable a website on one level and all the upper layers should get this site automatically.

this would allow our it support to easily enable websites.

thanks

chaser

This thread was automatically locked due to age.

Parents

0 BAlfson over 16 years ago

Good catch, MisterAG - I misunderstood his question, but it's clear now. You have it exactly right: put the largest, most-open profiles and filter assignments at the bottom, then place increasingly-more-restrictive sub-groups above. What can't be done, as you mention with specific websites, is mix and match multiple filter actions.

Thanks for your very-clear example!

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 16 years ago

Good catch, MisterAG - I misunderstood his question, but it's clear now. You have it exactly right: put the largest, most-open profiles and filter assignments at the bottom, then place increasingly-more-restrictive sub-groups above. What can't be done, as you mention with specific websites, is mix and match multiple filter actions.

Thanks for your very-clear example!

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data