1. Software

Sophos XG Firewall Web Interface Reference and Admin Guide v16.5

Add to My manuals
627 Pages

advertisement

Sophos XG Firewall Web Interface Reference and Admin Guide v16.5 | Manualzz

| Protect | 146

File Types

A file type is a classification that is determined by file extension and MIME header. You can include file types in web policies to control access to files that match the specified criteria. The default file types contain some common criteria and you can create additional types.

Using File Types with Policy Rules

You can create file types to control access to files on a more granular level. For example, you may want to allow access to SQL files but deny access to all other database files. In this case, you would create a file type for SQL files and a policy that specifies the following rules in the following order:

1. Allow access to SQL files

2. Block access to all database files

Add File Type

1. Go to Protect > Web > File Type and click Add.

2. Type a name.

3. (Optional) Select a template.

You can select from predefined or custom file types. If you do not wish to use a template, choose Blank.

4. Specify the file extension and MIME header.

Figure 155: Add File Type

Surfing Quotas

Surfing quota policy allows you to assign the duration of Internet surfing time to users and groups.

• Duration of Internet access can be cyclic or non-cyclic.

• You can apply the surfing quota policy to users.

The device is shipped with the following predefined policies. Predefined policies can be applied straight away to users and groups.

• Unlimited Internet Access

• 1 Month Unlimited Access

• 1 Month 100 hours

• Monthly 100 hours Cyclic

• Daily 1 hour Cyclic

• Weekly 7 hours Cyclic

Note:

1. Users generally belong to a group. If the surfing quota policy applied to the user differs from the one applied to the user’s group, the user’s policy takes priority.

2. For details of policies and rules to which the surfing quota policy can be applied, view the following diagram.

| Protect | 147

Add Surfing Quota

To assign the duration of Internet surfing time to users and groups, you can create surfing quota policies. These policies are then applied to users (Configure > Authentication > Users) and groups (Configure > Authentication >

Groups).

The Add Surfing Quota Policy page allows you to create a surfing quota policy.

1. Go to Protect > Web > Surfing Quotas or System > Profiles > Surfing Quotas and click Add on the upper right side.

Note: Surfing Quota policies can also be created when applying the policy to users or groups from the respective pages. The Surfing Quota page displays the full list of predefined and custom policies.

2. Enter the details.

Name

Enter a unique name to identify the policy.

Description

Enter a description for the surfing quota policy.

Cycle Type

Select the cycle type.

Available Options:Cyclic: Duration of Internet access recurs for each cycle.Non-Cyclic: When the specified time limit ends, the user is disconnected.

Cycle Hours (available only if Cycle Type is Cyclic)

Specify the cycle hours in hours and minutes. Select the cycle from the drop-down list. Cycle hours define the upper limit of surfing hours for daily, weekly, monthly or yearly cycles.

At the end of each cycle, cycle hours are reset to zero.

Example: If cycle hours specified are 7 hours 30 minutes for a daily cycle, they are reset to zero at the end of each day whether cycle hours are fully or partially used or remain unused.

Validity

Select Unlimited if you do not want to restrict the validity period. Clear the check box to specify the validity period of Internet access.

Maximum Hours

Select Unlimited if you do not want to restrict the maximum allowed surfing duration. Clear the check box to specify the maximum duration (in hours and minutes) of surfing time allowed across the validity period.

Example: Cyclic Policy

Cycle Hours: 5 hours per day

Validity: 5 days

Maximum Hours: 20 hours

If the user accesses Internet for 5 hours each day, the user will have used 20 hours of Internet access by the end of the fourth day and hence will be disconnected.

Example: Non-Cyclic Policy

Validity: 10 days

Maximum Hours: 10 hours

The user is disconnected at the end of 10 hours even if the validity period does not expire.

| Protect | 148

advertisement

Key Features

  • Firewall rules
  • Web filtering
  • Intrusion prevention
  • VPN
  • Wireless management
  • Email security
  • Advanced threat protection

Related manuals

Swisscom Huawei Router B593s-22 Instructions

Swisscom

Huawei Router B593s-22

  • Instructions
Sophos Group Level Web Interface Guide

Sophos

Group Level Web Interface

  • User guide
Sophos Cloud Firewall Manager Guide

Sophos

Cloud Firewall Manager

  • User guide
Lee's High-Tech Enterprise LWNF21-12D1 Transmitter User Manual

Lee's High-Tech Enterprise

LWNF21-12D1

  • User manual

Frequently Answers and Questions

What is the purpose of Sophos XG Firewall?
Sophos XG Firewall is a network security appliance designed to protect your network from threats.
What are the key features of Sophos XG Firewall?
Key features include firewall rules, web filtering, intrusion prevention, VPN, wireless management, email security, and advanced threat protection.
How do I access the Sophos XG Firewall web interface?
You can access the Sophos XG Firewall web interface by entering the IP address of the appliance in your web browser.
How do I configure basic firewall rules?
You can configure basic firewall rules by creating a new rule in the Firewall section of the web interface.
How do I enable web filtering?
You can enable web filtering by creating a new web filter policy in the Web section of the web interface.
What is the difference between a user rule and a network rule?
A user rule applies to a specific user, while a network rule applies to a specific network.
How do I create a VPN tunnel?
You can create a VPN tunnel by creating a new IPsec connection in the VPN section of the web interface.

advertisement

Table of contents