Skip to content
Contact Us
  • There are no suggestions because the search field is empty.

Additional Configuration - Sophos

Safelisting Secure Schools on Sophos Central

This guide provides instructions for configuring Sophos Central to ensure that Secure Schools phishing simulations are delivered correctly and that users can access simulation links without being blocked, and was authored with the assistance of AI. (Sources)

If you encounter any issues with these steps, please contact your usual Sophos support contact. 

Overview

When running a phishing simulation, having emails delivered to the inbox is only the first step. If your security software, such as Sophos Central, blocks the destination URL, your staff will encounter errors (like a 404 or "Page cannot be reached"), and the simulation will fail to record the click in the Secure Schools portal.

To resolve this, you must exempt our domains and IP addresses from Sophos's web filtering and email security modules.

Prerequisites

You will need the following information from the Secure Schools Domains and IP Addresses KB article including the Sending IP Address, Infrastructure IP Address, and Primary Domains.

Configuration Steps for Sophos Central

1. Website Management (Allowing Links)

To prevent Sophos from blocking the simulation landing pages when a staff member clicks a link, you must add the domains to the Website Management list.

  1. Log on to your Sophos Central admin console.

  2. Navigate to My Products > General Settings > Website Management.

  3. Click Add in the upper-right corner.

  4. Enter the Secure Schools domains provided in the Secure Schools Domains and IP Addresses KB article.

  5. Set the Category Override to Trusted or Business.

  6. Add a Tag (optional) such as "Secure Schools Phishing".

  7. Click Save.

  8. Repeat for all domains listed in the prerequisites.

2. Global Exclusions (Bypassing Intercept X)

If your staff use Sophos Intercept X on their devices, it may interfere with the browser's ability to load "simulated" malicious pages.

  1. In Sophos Central, go to My Products > General Settings > Global Exclusions.

  2. Click Add Exclusion.

  3. Set the Exclusion Type to Website.

  4. Enter the Secure Schools domains (see Domains & IP Addresses).

  5. Click Add.

3. Sophos Email Security (If Applicable)

If you use Sophos as your primary email gateway (rather than just endpoint protection), you must allow the sending IPs to bypass spam and phishing filters.

  1. Go to My Products > Email Security > Settings > Inbound Allow/Block.

  2. Select Allow List.

  3. Click Add and enter the Sending IP Address: 185.250.239.80.

  4. Click Save.

FAQ & Troubleshooting

Why did my staff see a 404 error?

A 404 error or "Page cannot be reached" message usually indicates that a security layer—like Sophos or a web filter (e.g., LGfL School Protect)—is intercepting the request. If the firewall or endpoint agent blocks the link, the browser cannot reach our portal to record the "click", which is why the data does not appear in your Secure Schools dashboard.

If we also use LGfL School Protect, will I need to make changes there?

Yes. If your school uses LGfL (London Grid for Learning) for its internet connection, their School Protect web filter may also be blocking the simulation domains. You will need to log on to the LGfL School Protect portal and add our domains to the Allow List there, in addition to the changes made in Sophos.


Always get the most current and complete list of exact IP addresses listed in our article here: Domains and IP Addresses. Note that these lists can change over time. Using an outdated list may result in failed delivery.