Helpful ReplyHot!Sophos Update Being Blocked?

Author
ISOffice
Bronze Member
  • Total Posts : 48
  • Scores: 2
  • Reward points: 0
  • Joined: 2013/11/25 03:23:57
  • Status: offline
2018/04/26 03:56:56 (permalink)
0

Sophos Update Being Blocked?

Hi all,
 
We have 2 X 100D Hardware Appliances running firmware version 6.0.0 (build 0076 GA) in NAT (Flow-based) Mode (HA: Active-Passive). They are deployed as perimeter firewalls for our wireless network.
During a daily check on the appliances this morning, I found that they were blocking access (using the Web Filter mechanism) to a couple of sites that I believe are used by client devices on our wireless network to update their Sophos Anti-Virus software.
The web filter on the firewalls appears to be incorrectly categorising d1.sophosupd.com & d2.sophosupd.com as 'Malicious Websites'.
I created a Static URL Filter on each of our Web Filter Profiles to exempt *sophosupd.com and this seems to have rectified the issue for the time being, but I'm wondering if anyone else has had a similar experience. Further analysis of logs indicate that this began at approximately 12.00pm (GMT) yesterday (25/04/2018).
Any input would be much appreciated.
Best regards,
 
John P
#1
rwpatterson
Expert Member
  • Total Posts : 8179
  • Scores: 173
  • Reward points: 0
  • Joined: 2006/08/08 10:08:18
  • Location: Long Island, New York, USA
  • Status: online
Re: Sophos Update Being Blocked? 2018/04/26 04:59:25 (permalink) ☄ Helpfulby ISOffice 2018/04/26 05:33:43
0
Report these sites for Fortinet to have them re-categorized. They are very responsive. Last time I did this it was way under the 24 hours they ask you to wait before I saw the change.

-Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

-4.3.18-b0689
FWF60B
FWF80CM (4)
FWF81CM (2)
 
#2
ISOffice
Bronze Member
  • Total Posts : 48
  • Scores: 2
  • Reward points: 0
  • Joined: 2013/11/25 03:23:57
  • Status: offline
Re: Sophos Update Being Blocked? 2018/04/26 05:33:40 (permalink)
0
Hi Bob,
Thank you for your prompt and helpful reply. I have submitted the offending URLs to Fortinet to get re-classified.
Best regards,
John P
#3
Jump to:
© 2018 APG vNext Commercial Version 5.5