Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. WebProtection time that user was surfing on sites

    Currently, Sophos show the total time that a user spent on sites, but will be interesting that shows the hour when user was on sites.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
    • List what Content Control Lists Rule triggered an email alert

      It would be nice if the "Notification regarding potentional leak of data" email sent to administrators would list what Content Control Lists Rule triggered the alert.

      I have my UTM set to allow the email but alert me when content is suspected to have been confidential. I was hoping to use the alerts to help decide what rules are going to be useful in my environment but without an indication of what triggered the alert the message is not very useful.

      It also appears that "potential" is spelled wrong in the subject line.

      9 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Add SAML support as an Authenticaiton Source for the UTM manager interface

        Make it so that you can authentication admins for the UTM system using SAML to something like ADFS.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
        • Remote uninstall / shutdown

          Sophos should include a feature to allow an administrator to remotely shutdown or uninstall the client from the enterprise console. Most other enterprise AVs have such a feature. It isn't always easy to walk to every machine or obtrusively RDP into a workstation. The process should mirror installing through the enterprise console, silently and remotely.

          1 vote
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
          • new feature

            Add feature to show more than a 1000 results for mail logs in the Sophos PureMessage appliance and add a feature to download the results as a file.

            3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
            • Active Directory backed groups to be usable in the Firewall configuration

              We require the Active Directory backed groups to be usable in the Firewall configuration. In our environment we have a secure data centre housing our customers servers. Our support manager or IT team assign rights to individual members of staff on a ticket by ticket basis for access to various parts of the hosted environments. For example one support ticket may require Remote Desktop access, whereas another may
              require SQL server access.

              We have configured the relevant rules in the UTM to allow people in a specific AD group to connect to the Remote Desktop ports over the VPN. The…

              2 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Flag idea as inappropriate…  ·  Admin →
              • Mobile Control

                Fully integrate Sophos Mobile Control into the UTM WebAdmin console.

                13 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                • Devices based firewall rules

                  In Present Era of BYOD,would be great to have device based firewall rules & UTM controls..eg: Android devices in network could be blocked,Windows devices to be allowed etc

                  6 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • 7 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • NVGRE Gateway for Microsoft Network Virtualization

                      Software Defined Networking (SDN) is the future and Microsoft has laid out their recommended topology for utilizing Network Virtualization with Hyper-V/SCVMM/Azure. The only way for a user that is relying on Astaro for their current networking/routing to setup a NVGRE Gateway (Network Virtualization General Routing Encapsulation Gateway) is to take 2x dedicated physical Hyper-V hosts and install Microsoft's Windows Server Gateway (WSG) into 2x child clustered VMs running across of the Hyper-V hosts. It would be ideal if Sophos UTM users could skip the WSG and use the Sophos UTM as the NVGRE. A proper solution would fully integrate with…

                      54 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                      • Command & Control summary

                        Need log of bottom percentage of traffic to evaluate its potential as C&C residing on the network.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                        • UTM RED bulk import feature

                          For larger implementations of UTM / RED, and to also benefit our PS offering - wouldn't it be great if we could import RED serial numbers from CSV directly into WebAdmin, to speed up the process?

                          The serial numbers are already available in SalesForce which would reduce the time taken to get this feature off the ground.

                          3 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
                          • UTM Proxy centrally manage url

                            It can be great if a UTM can distribute proxy rules to other UTM instead of using SUM

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • Multiple virtual MAC addresses per interface

                              Add virtual mac addresses to "Additional Addresses" for interfaces.

                              Our ISP has the limitation, that we need one MAC address per IP.

                              12 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                              • hotspot

                                Allow custom "session expires" values with "Backend authentication" hotspot types, or at least increase to 1 year.
                                We have students that stay only for 1 year, would be great to allow for 1 year instead of asking every week to log in.

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • add sslvpn option for domain search in addition to domain

                                  add openvpn option for domain search in addition to domain using "dhcp-option SEARCH" to allow for resolving multiple domains on a vpn connection

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Impplement SLAAC and RDNSS with IPv6 with optional DHCPv6 lease times

                                    Optional DHCPv6 lease times is implemented, but COMCAST uses 4 hours, which causes the UTM to hang on SSL every 4 hours (not properly renewing the lease). The request is a custom box for time as well as keeping the drop-down menu.

                                    Also D-Link routers use SLAAC and RDNSS with DHCPv6 because of improper router advertisements between different types of routers. The ULA option does not allow IPv6 to communicate to the UTM which is yet another feature (unicast) of IPv6.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                    • resolve addresses in reports

                                      resolve addresses in reports

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Sort Domains in various fields

                                        It would be nice if we would be able to Sort the Domain-Lists in fields like Webserver Protection - virtuell Webserver
                                        Web Protection - Filtering Options
                                        etc.

                                        5 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                                        • SMC Cookies for Admin and SSP

                                          To set Cookies for Admin and SSP within the SMC Portal for HTTPonly flag

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base