Sophos XG Firewall v17: How to use the Policy Test tool


  • This article describes the steps needed to test the handling of a web request by Sophos Firewall using the Policy Test tool.
  • The Policy Test feature offers a simple test bench, where admins can quickly input relevant information such as source, service, destination, identity, etc.., and be given an outcome on what will happen such as determine what security decisions will be made, and what policies will be applied to the traffic by Sophos Firewall.

What to do

From the Sophos Firewall’s GUI (graphical user interface), click on Log Viewer on the top-right side, a new window opens.

In Policy Test tab, fill in the following information:

  1. The destination URL.
  2. Enable Authenticated User and specify the user if a user based policy is administered.
  3. Specify the Time and Day if time based access rules are in use.
  4. Select the Test MethodTest Firewall Policy provides a complete test results including the firewall rule id handling this traffic. Test Web Policy provides the same results except the firewall rule id handling this traffic.
  5. The Source IP Should be from the network which accesses Sophos Firewall.
  6. The Source Zone of the entered source IP. This field can also be set to Auto-Detection.
  • After clicking on Test button, the Policy Test generates an output results including whether the connection is allowed or blocked, the firewall rule id, the web protection category and web policy, as well as the matched web rule information, as shown in the image above.
  • That way the admin can test the result of configured policies in Sophos Firewall without having to use real users machines.

Be the first to comment

Leave a Reply

Your email address will not be published.