1.The purpose of commodity

  • This article will guide you how to configure blocking network users to download specified file types such as sound, video, exe, etc.
  • Specifically, today's commodity we will perform the configuration of blocking download mp3 files and testing on users' computers using the Sophos XG firewall device.

ii.Configuration

a. Create spider web policies and add together them to the internet admission dominion

  • The start footstep is to log into the Sophos firewall admin page with an business relationship with admin rights.
  • We click Web> Policies> Add Policy to create policy for the spider web.
  • The Add Web Policy panel appears, here we will proper name the web policy Block_Download_File-Type.
  • Adjacent click on Add Dominion to create the spider web rule.
  • Click All Web Traffic in the Activies column and click on the dash icon to delete it.
  • And then click Add together New Detail to add together the items to exist banned.
  • Since we have banned downloading according to audio files, we cull Show But and select File Type nosotros will see Audio File on the first line.
  • So click Utilize 1 selected items to relieve.
  • Next we pay attention to the Action and Status columns, in the Activity cavalcade we will select as HTTP Cake and HTTPS and in the Status cavalcade we volition select ON.
  • Click Relieve to save, later clicking Save the browser will ask united states to redirect to the Firewall Dominion to add this policy to the Internet admission rule.
  • Click Become to Firewall Rule, select the rule that allows users to admission the net here, I will select the #Default_Network_policy rule and click Edit to add web policy.
  • In the Web malware and content scanning department, we will choose the following epitome.
  • In the Advanced department, we volition add the newly created web policy in the box below the Web Policy.
  • Click Save to save.

b. Download Sophos certificates and import them into your calculator.

  • Become to Certificates> Certificate Government> download SecurityAppliance_SSL_CA.
  • Right-click on the download certificate and select Rename, prepare the tail of the pem behind the dot to cer
  • In the search box of windows blazon mmc and open it
  • Click File> Add / Remove Snap-in …, the Add or Remove Snap-ins panel appears.
  • Select Certificates> click Add together> Calculator Business relationship> Next> Finish> OK.
  • Get to the Console Root path> Certificates> Trusted Root Certification Authorities> Certificates.
  • Right-click Certificates> All Tasks> Import.
  • Import the downloaded certificate from Sophos.
  • Afterwards configuration is complete nosotros will go to chiasenhac page to try downloading an mp3 file to check the results.
  • As you lot can see, Sophos has reported blocking when we tried to download an mp3 file.