Sophos Web Appliance

Version: Sophos Web Appliance

Sophos is a Web Security Application (web appliance), built to secure web gateway that makes web protection simple. It provides advanced protection from todays sophisticated web malware and gives user full control over their employees online activities. User can easily create policies for individuals or groups while gaining important insights into user activity on their network

Netsurion's Open XDR platform helps to monitor events from Sophos Web Appliance. Its dashboard, alerts and reports will help you track allowed and blocked traffic activities. It will trigger alert such as, Warned URL accessed by user or any URL with malicious category accessed.

Once Sophos Web Appliance is configured to deliver events to Netsurion Manager; alerts, dashboards and reports can be configured into Netsurion.

Alerts

Type Name Description
Security Sophos Web Appliance - URL with malicious category accessed This alert is triggered when a URL with criminal and hacking category is matched in Sophos Web Appliance.
Security Sophos Web Appliance - Spam URL found This alert is triggered when a potential spam URL is detected in Sophos Web Appliance.
Security Sophos Web Appliance - URL with spyware categories accessed This alert is triggered when a potential spyware is detected in Sophos Web Appliance.
Security Sophos Web Appliance - URL with phishing/fraud category accessed This alert is triggered when a potential phishing and fraud activity is detected in Sophos Web Appliance.
Security Sophos Web Appliance - Suspicious URL has been blocked This alert is triggered when a suspicious web traffic is detected in Sophos Web Appliance.
Security Sophos Web Appliance - Warned URL accessed by User This alert is triggered when a user decides to proceed with warned web traffic is detected in Sophos Web Appliance.

Reports

Type Name Description
Security Sophos Web Appliance - Blocked Activities This report gives information about all allowed activities detected in Sophos web appliance. Report contains user detail, source IP address, domain name, and other useful information.
Compliance Sophos Web Appliance - Allowed Activities This report gives information about all allowed activities detected in Sophos web appliance. Report contains user detail, source IP address, domain name, and other useful information.

Documentation

The configuration details are consistent with Netsurion version 9.3x and later, and Sophos Web Appliance.

Download Integration guide and How-to Guide for more information and to configuration instructions.