Sophos – P3 Firewall Rule Sophos Setup

Allow, Block, and Control Traffic Easily

After configuring WAN, LAN, DNS, and activating the license, the next critical step is setting up Firewall Rule Sophos properly.

Firewall rules determine:

• ✅ Who can access the Internet

• ❌ Which IPs are blocked

• ⏰ When traffic is allowed or denied

• 🌐 Which websites are restricted

Understanding how Firewall Rule Sophos works is essential for network control, security enforcement, and traffic management.

This guide covers:

1. Allow Internet

2. Block Internet (by IP/Subnet)

3. Block Internet by Time

4. Block Specific Websites

Let’s go step by step.

1️⃣ Allow Internet

Firewall rules operate from top to bottom.

Whichever rule is matched first will be executed first.

Sophos Firewall already has a built-in rule to allow internet access.

Understanding rule components:

• Source zone: Defines which zone the traffic is coming from.

• Source network and device: IP/Subnet (can be applied by IP, AD user, or device).

• Destination zone: Where the traffic will go.

• Destination network: Desired destination address.

• Services: Service ports and protocols.

If your LAN users can access the Internet, it means the default allow rule is working correctly.

Important reminder:

Always ensure more specific rules are placed above general allow rules.

2️⃣ Block Internet (Specific IP or Subnet)

To block internet access for a specific device or subnet, follow these steps.

Step 1: Create a Host IP

Create a host object representing the IP address you want to block.

This allows precise control over a single device.

Step 2: Create a Firewall Rule to Block

Create a new firewall rule.

Set the rule to block the created host.

Place this rule above the full internet allow rule.

Why?

Because firewall rules are processed from top to bottom.

If the allow rule is above, the block rule will never be triggered.

Once applied, the selected IP will no longer access the Internet.

3️⃣ Block Internet by Time

Time-based control is useful for:

• Office working hours

• Student usage control

• Night-time restrictions

• Bandwidth management

Step 1: Check the Time on Sophos

The time zone must match the current time.

Go to:

System => Administration => Time

Ensure the system clock and time zone are correct.

If the time is incorrect, the schedule rule will not work properly.

Step 2: Create a Schedule

Go to:

System => Profile => Schedule
Select Add.

Example:

Create a schedule named:

Block_Night

Set time from:

9:00 PM to 6:00 AM

Save the schedule.

Step 3: Create a Firewall Rule

Go to:

Firewall Rule => Create new rule

Configure:

• Action: Drop or Reject

• During scheduled time: Select schedule (On)

• Destination zone: Enter the specific host/network you want to block or set to Any for the whole network

Ensure this rule is placed above the full internet allow rule.

Example scenario:

Block: 4 PM
Now: 15 PM 52 => Internet OK
Wait until 4 PM

Once the schedule time starts, the firewall rule will automatically block traffic.

This demonstrates how powerful Firewall Rule Sophos can be for time-based access control.

4️⃣ Block Specific Websites (Facebook / YouTube / TikTok)

Sometimes you don’t want to block the entire Internet, only specific websites.

Here’s how.

Step 1: Create Group URL

Add domains such as:

facebook.com
youtube.com
tiktok.com

Group them together.

Step 2: Create Web Policy

Create a web policy and configure it to block the created URL group.

This allows content-level filtering instead of network-level blocking.

Step 3: Create Firewall Internet Rule

Apply the created web policy to the firewall rule.

Ensure the rule is placed correctly in the rule order.

After applying:

• Facebook access is blocked

• YouTube access is blocked

• TikTok access is blocked

Other websites remain accessible.

This provides granular control without affecting the entire network.

🔎 Best Practices for Firewall Rule Sophos

To maintain a secure and clean configuration:

✅ Always follow rule order discipline

Specific rules on top, general rules below.

✅ Use clear naming conventions

Example: Block_Student_Night, Block_Facebook.

✅ Test after every rule creation

Verify traffic behavior immediately.

✅ Avoid duplicate rules

Keep the firewall rule table clean.

✅ Document rule purpose

Especially important in business environments.

🚀 Why Firewall Rule Sophos Matters

Proper firewall configuration allows you to:

• Protect internal systems

• Enforce security policies

• Prevent misuse of company resources

• Control bandwidth consumption

• Implement compliance standards

Without properly configured firewall rules, even a strong firewall becomes ineffective.

🎯 Conclusion

In this guide, you learned how to configure Firewall Rule Sophos to:

• Allow Internet access

• Block specific IP or subnet

• Block Internet by time schedule

• Block specific websites

Firewall rules operate from top to bottom, so rule order is critical.

Mastering Firewall Rule Sophos gives you full control over network traffic and user behavior.

In the next part, you can extend this configuration with:

• NAT rules

• Advanced web filtering

• IPS policies

• VPN configuration

Your Sophos Firewall is now ready for deeper security deployment.