Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 1653 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Scan HTTPS (SSL) Traffic

jreverman
Before updating to 7.504, Enabling this setting on our filter profiles allowed us to specify filter actions for HTTPS sites.

Example: We want to block https://mail.google.com, but want to allow Https://mail.google.com/gpi.us.

By enabling the Scan HTTPs for the profile, the web proxy would enumerate the full URL and Pass or block depending on the white list.

After the update, the proxy stops enumerating at Https://mail.google.com, completely ignoring anything after the .com. 

We are running two proxies, one at 7.503 and the other at 7.504, and the older version still works as intended.

Was there a change? 

Thanks,


This thread was automatically locked due to age.
Parents
  • 0
    Interesting.  That's definitely worth submitting a ticket to see if it's 7.503 or 7.504 that's not working as intended.  I thought the blacklist check happened before the whitelist check, but maybe I just assumed that because the "Block" section is positioned above the "Allow" section.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Interesting.  That's definitely worth submitting a ticket to see if it's 7.503 or 7.504 that's not working as intended.  I thought the blacklist check happened before the whitelist check, but maybe I just assumed that because the "Block" section is positioned above the "Allow" section.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data