Comments on: A documentation of the different Sophos UTM layers https://networkguy.de/a-documentation-of-the-different-sophos-utm-layers/ Share your knowledge! Thu, 09 Jun 2016 16:15:21 +0000 hourly 1 https://wordpress.org/?v=6.9.1 By: Chuck Norris https://networkguy.de/a-documentation-of-the-different-sophos-utm-layers/#comment-922 Thu, 09 Jun 2016 16:15:21 +0000 http://networkguy.de/?p=1266#comment-922 Such a Diagram allready exists, in Sophos’s Documentations. See:
https://i.imgsafe.org/995bf6a210.png

]]> By: Mase https://networkguy.de/a-documentation-of-the-different-sophos-utm-layers/#comment-899 Thu, 19 May 2016 07:54:54 +0000 http://networkguy.de/?p=1266#comment-899 Hi,

regarding the ATP, there must be something before iptables which is sniffing the network traffic.
In general ATP messages are always dns requests to blacklisted domains. In fact, when you drop DNS traffic and forge a request to a blacklisted domain, you will get an alert. So there must be a daemon in promiscous mode which sits in front of iptables.

]]> By: Paolo Bolognese https://networkguy.de/a-documentation-of-the-different-sophos-utm-layers/#comment-898 Wed, 18 May 2016 14:16:09 +0000 http://networkguy.de/?p=1266#comment-898 Thank you so much for the workflow. It ‘s really useful.

You can specify how they work url filtering and application control? What control is done before? I this firse the web filtering and then the application control. is it right?

]]>