Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ISOffice
Contributor

Sophos Update Being Blocked?

Hi all,

 

We have 2 X 100D Hardware Appliances running firmware version 6.0.0 (build 0076 GA) in NAT (Flow-based) Mode (HA: Active-Passive). They are deployed as perimeter firewalls for our wireless network.

During a daily check on the appliances this morning, I found that they were blocking access (using the Web Filter mechanism) to a couple of sites that I believe are used by client devices on our wireless network to update their Sophos Anti-Virus software.

The web filter on the firewalls appears to be incorrectly categorising d1.sophosupd.com & d2.sophosupd.com as 'Malicious Websites'.

I created a Static URL Filter on each of our Web Filter Profiles to exempt *sophosupd.com and this seems to have rectified the issue for the time being, but I'm wondering if anyone else has had a similar experience. Further analysis of logs indicate that this began at approximately 12.00pm (GMT) yesterday (25/04/2018).

Any input would be much appreciated.

Best regards,

 

John P

1 Solution
rwpatterson
Valued Contributor III

Report these sites for Fortinet to have them re-categorized. They are very responsive. Last time I did this it was way under the 24 hours they ask you to wait before I saw the change.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

View solution in original post

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
2 REPLIES 2
rwpatterson
Valued Contributor III

Report these sites for Fortinet to have them re-categorized. They are very responsive. Last time I did this it was way under the 24 hours they ask you to wait before I saw the change.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
ISOffice

Hi Bob,

Thank you for your prompt and helpful reply. I have submitted the offending URLs to Fortinet to get re-classified.

Best regards,

John P

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors