pardon falsches Bild, nun das richtige.
↧
Forum Post: RE: New Config UTM Home 9.6, a lot of Websites and Services dont work, mostly those with let'encrypt CA. Handling of Certificates Problem
↧
Forum Post: RE: Cant get to user portal
SFVH (SFOS 17.5.5 MR-5)
↧
↧
Forum Post: RE: Sandboxie Order Page
Hello John, i posted the same question yesterday and, i think the reply is still the same [quote user="Barb@Sophos"] Hi Geoffrey, Please review and follow the below thread to stay up-to-date regarding buying options (currently disabled) and Sandboxie status in general: What happened to the Sandboxie site and forums Thanks! [/quote] and yeah, i need to buy a licence too, but the website is in maintenance :/ so, we just need to wait.
↧
Forum Post: RE: Scam claiming my account has been hacked and asks for Bitcoins
I use a webhost for my email needs and light webhosting. The rule below helps filter out most of this garbage that appears to be coming from myself. Basically it checks the headers to see if contains the name of my domain (domain.com), AND does NOT contain "107." This is the first octet of my public ip. If this evaluation is true then the email did not originate from my network and gets delivered into the spam folder. There are some caveats to this. Cell phone service is att based so it too will start with the 107. Say if I sent an email to myself from a verizon or comcast ip, it would get flagged as spam.
↧
Forum Post: RE: downgrade firmware version
*ALWAYS* generate a backup image using your favorite backup software before installing updates. Downgrading is much quicker and you don't lose your logs (side effect of the method above).
↧
↧
Forum Post: RE: Download of WindowsCloudNextGen failed from server http:∕∕dci.sophosupd.com.
Hello flo, intriguing rather confusing than puzzling :). Looks like an evaluation license is not immediately removed or disabled when it expires. AutoUpdate sees what it thinks is a valid subscription, the catalogs it uses are stale though and the files they are pointing to no longer exist. Christian
↧
Forum Post: RE: Why is sophos using port 69 (TFTP)?
Hello givemecontrol, an understandable mistake. netstat 's output format is somewhat elusive given that the process name starts in column 1 while connection information is indented, quite counterintuitive. Intending to reply to your initial post I ran netstat and was puzzled that SAVService seemed to listen on UDP 161 ... SNMP? ... noticed the final lines and only then remembered the weird arrangement of the output. Christian
↧
Forum Post: RE: Multiple subnets on same LAN
Basically yes although some descriptions are missing so I can not give you further advise. But if you add the second subnet to the XG, bridge the two LAN ports and create a firewall rule allowing communication between the two subnets then XG will do all the routing and you can use both subnets like it is one. https://community.sophos.com/kb/en-us/123098
↧
Forum Post: Pass through to windows
Hi, i was wondering it is possible to use bitlocker pass through to windows, as i see a 'Pass through to Windows' option in the authentication policy. If this is not possible, could you clarify what this option does do? I cannot find any relevant documentation about this, so i doubt its possible, but i'm wondering what the option in the policy is for then.
↧
↧
Forum Post: RE: Facebook Web Page Exception
Hello, I tried multiple times, and subpage it's always blocked. Can you shown an example with pt-pt.facebook.com/.../ Many thanks
↧
Forum Post: RE: Pass through to windows
This option isn't relevant to BitLocker but Sophos base encryption. You'll use the Sophos Credential Provider (Cog) to log in with but as BitLocker is integral to the OS, there's no pass-through needed/relevant.
↧
Forum Post: RE: Sophos Endpoint WIN 10 1809 Virus & Bedrohungsschutz
Hallo Michael, die Logs aus dem Zeitraum der Deaktivierung (erst einmal SAV.txt ) wären interessant. Ist das SESC oder Central? Christian
↧
Comment on Sophos Community will be unavailable on Saturday, March 9th for an hour at approximately 08:00 CST (14:00 GMT).
Web-interface is a standout amongst the most significant things that you should think about your switch. Here is a great deal settings that you can set up. The majority of them in charge of your system's security. 21st century is age with dynamic IT advance, so there are a great deal of digital programmers, who need to take your own data and use it in egotistical objectives. Visit For More Info:- https://19216811.global/
↧
↧
Forum Post: RE: Clients intermittently can't connect to APX530 and APX520.
Hello, If you have raised Sophos support case please let me know the ID or send me your contact details in PM, so I can help you to investigate this issue. Cheers, Ankit
↧
Forum Post: RE: New Config UTM Home 9.6, a lot of Websites and Services dont work, mostly those with let'encrypt CA. Handling of Certificates Problem
You are correct, the problem is not caused by https inspection. Possible causes of timeout: Intrusion Protection Service blocks the reply packet. If this happens, it should be in the IPS log file. Upstream firewall blocks either the request or the reply packets. This is only possible if you have another firewall. Routing problem causes the request or the reply packets to be lost. DNS lookup failure causes the destination to be unknown. Wiring problem causes excessive retransmits on the Ethernet, particularly having one device set to fixed speed and duplex while the other device is set to auto speed and duplex. I cannot think of any others.
↧
Forum Post: RE: Download of WindowsCloudNextGen failed from server http:∕∕dci.sophosupd.com.
Yeah I contacted my boss who is in charge of licensing... On the Central Admin License Details Page, License is expired: And as you can See, Evaluation Licenses "Expiring 2999" in https://cloud.sophos.com/manage/partner/endpoint/licenses/over-usage , and https://cloud.sophos.com/manage/partner/endpoint/licenses/expired says "0 expired Licenses" though on the Central Admin interface it shows "License Expired" That seems to be a bug in Sophos Central, should we report it?
↧
Forum Post: RE: Could like to enquire on the different meaning of Sophos Av Action (custom)
Hello gkc, [I'm not Sophos, I don't use Central (and thus don't feed events to a SIEM) - so this is not an official statement] The last three should be rather obvious: CleanUpable - according to the detection data cleanup should be possible IsRebootRequired - a reboot is not required for a cleanup Outstanding - the threat has neither been cleaned or otherwise dealt with nor was the alert acknowledged I hope I don't disclose any secret information with the following: ScannerType 200 Unknown 201 On access 203 On demand 205 Scheduled 206 In memory 207 Web browser ActionTaken 100 Unknown 101 None 102 Renamed 103 Deleted 105 Moved 106 Copied 109 Cleaned up 112 Authorized 113 Cleaned up 114 Partially removed 115 Acknowledged 116 Blocked 117 No longer present 118 Cleared from the endpoint QM 119 Unblocked 120 Acknowledged - unblocked I've left out some rather obscure actions (and yes, there are two Cleaned up ). I assume that ScannerType=200 for the remediation (e.g. Cleaned up) events after a detection. Also ActionTaken=114 is likely accompanied by IsRebootRequired=True . Christian
↧
↧
Forum Post: Just not able to allow VPN users to use internet connection
On my XG85W I set up a remote SSL VPN following this guide . Users are now able to connect to the network, but it's not possible to use the internet connection of the VPN. I allowed WAN for VPN, but it is just not possible to use internet connection. The XG is behind a cable modem and I use the Sophos dynamic DNS to get a FQDN. I attached screenshots of my config. Would be great if somone has a hint what's wrong.
↧
Forum Post: RE: Firewall lost connection to Sophos Central
with this screenshot I could not find the place to disable the email alert
↧
Forum Post: RE: Could like to enquire on the different meaning of Sophos Av Action (custom)
Thank You, Christian. These made the whole picture clear. :) Chahal
↧