Action Recommended: Blocking Unscannable and Encrypted Files on Your Sophos SG UTM
| Dear Sophos SG UTM Customer, |
| Sophos is updating the default settings on new SG UTM Firewall installations to block unscannable and encrypted files. While some customers have the feature enabled already, Sophos is recommending to those who have not that they do so in order to prevent potential malware attacks. |
| Overview |
| Beginning with SG 9.7 UTM maintenance release 1 in November 2019, the default setting on SG UTM devices will be updated to automatically block/quarantine unscannable and encrypted files. This prevents a malformed archive/zip file containing malware to pass through the firewall. |
| Recommendation |
| Whether you have applied the maintenance release or not, Sophos recommends you enable the feature by checking the boxes highlighted in bold below in the firewall user interface. |
| •Email Protection SMTP ⇒ Malware ⇒ Malware scanning: “Quarantine unscannable and encrypted content” |
| •Email Protection ⇒ POP3 ⇒ Malware ⇒ Malware scanning: “Quarantine unscannable and encrypted content” |
| •Web Protection ⇒ Filtering Options ⇒ Misc ⇒ “Block unscannable and encrypted files” |
| Future |
| All new SG UTM installations with the latest maintenance releases will be enabled by default such that no action is required. |
| Best regards, Your Sophos Team |
