Features not Supported
While there are many benefits to extending Web Control to the endpoint, some features are only available from within a Sophos UTM on AWS network. The following features are supported on Sophos UTM on AWS, but not supported by Endpoint Web Control:
- Scan HTTPS (SSL) traffic: HTTPS traffic cannot be scanned by the endpoint. If the endpoint is proxying through Sophos UTM on AWS and this feature is turned on, the traffic will be scanned by Sophos UTM on AWS.
- Authentication mode: The endpoint will always use the currently logged on user (SSO). The endpoint cannot perform authentication because if the endpoint is roaming it will not be able to talk to Sophos UTM on AWS to authenticate.
- Antivirus/malware: Sophos endpoint antivirus settings are configured on the Endpoint Protection > Web Control > Advanced page. If Web Protection (download scanning) is turned on it will always perform a virus single scan for all web content. Dual scan and max scanning size are not supported.
- Active content removal
- Streaming settings: The Sophos endpoint will always scan streaming content for viruses.
- Block unscannable and encrypted files
- Block by download size
- Allowed target services: This feature applies only to Sophos UTM on AWS.
- Web caching: This feature applies only to Sophos UTM on AWS.