Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. make Sophos Central's encryption module behaviour more clear

    The encryption module of Sophos Central will silently reset bitlocker recovery keys. if you are using the trial version of the encryption module, when it expires you will no longer have access to the recovery keys.

    central should make it clear that it will reset bitlocker recovery keys, and also give you the option to back them up before the encryption module expires.

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • make Sophos Central's encryption module recognise different bitlocker states

      There are many different bitlocker states:

      * Bitlocker enabled (no TPM)
      * Bitlocker enabled (TPM)
      * Bitlocker enabled (no TPM, startup PIN required)
      * Bitlocker enabled (TPM, startup PIN required)
      etc

      It would be extremely useful for the encryption status to report the bitlocker state so that you can say at a glance 'all endpoints are protected and require a startup PIN'

      3 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • make Sophos Central's encryption module recognise partial encryption

        A windows system only reports as 'encrypted' if all local drives have bitlocker enabled.

        Some of our systems are dual boot and have two drives - a bitlocker encrypted windows drive and a secondary Linux drive with a small NTFS partition used for transferring files between operating systems.

        This system shows up as 'not encrypted' when it should show up as 'partially encrypted' or 'startup volume encrypted'.

        3 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • support POP3 protocol in Sandstorm

          at the moment there is only SMTP supported in sandstorm protection.
          I suggest to support also the frequently used POP3 protocol !

          48 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Put an Interface Status on UTM dashboard

            Had performance issues the other day. Turned out to be an interface operating in a degraded state. Only discovered by accident in the cli. Seems to be a serious design oversite not to include the operational state of the int on the gui.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
            • allow journaling for radar lite customers

              currently journaling of internal mail is only available to radar customers, not radar lite.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
              • NIC Hardware SFP+ OnBoard

                NIC Hardware SFP+ OnBoard
                A lots of customers bought the Supermicro X10SDV-TP8F motherboard. The 6 nics with 1 GbE are recognized, the two OnBoard 10 GbE SFP+ are not shown.
                Please add support for these Intel D-1500 SoC interfaces!!

                3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                • Exception for non-existant domains

                  Please can I request that a feature put in place where we can add exceptions for allowed domains and allowed senders when the Block from non-existent domains is turned on?

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • testing

                    testing

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                    • Regulary Quarantine Reports

                      We want to customize the Quarantine Reports more often than it is possible today (twice a day). For example once an hour or every time a maul is blocked. So we could better handle a faster notification and delivery of mail attachments, that we want to block because of cryto trojan spamming.

                      32 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Implement Hardware management by IPMI, SNMP, Syslog etc..

                        Enteprise class ASG and XG hardware should have more useful hardware management. IPMI, Watching CPU/Memory module status, SMART on HDD, power condition about board.

                        And We also need SNMP monitoring and IPMI event store to watch hardware nonfunctional event.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                        • In IPS alerts, give the Attack Pattern group name that triggered the alert.

                          The description of the intrusion doesn't match the list of attack pattern group names.

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                          • Add the option to report false negatives from the Mail Manager

                            Whereas is very easy to report a false positive for spam detection, it is incredibly convoluted to report a false negative (https://community.sophos.com/kb/en-en/115670). Please add the option to report false negatives from the Mail Manager as well.

                            4 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • "Message ID" as a Variable

                              Provide the option to add the email message ID as a variable that can be added to a notification/header when it has been quarantined, this would make it easier for an admin to find and release an email that has been quarantined and needs releasing.
                              Alternatively provide a unique ID that can be added to the notification and searched with to release any quarantined emails.

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                              • Helpdesk Alerts

                                Get High and Mediun Alerts raised as tickets in our internal helpdesk system automatically rather than just altered via email

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                                • Loggin and debugging interface

                                  Hi!

                                  As meny of your costumers surely do - I come from a TMG/ISA Server environment.

                                  In TMG/ISA we are used to a very user friendly and well working loggin/debugging interface.

                                  We have the ability to view live logs and apply filters to the log-stream.

                                  In Sophos UTM9 there is also a "Filtering" option but I'm missing the possibility to filter in detail. f.ex.

                                  I would like to be able to apply a filter that shows only packages going from one IP to another or from one IP with specifik type of traffic og maybe even a combination of different…

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Duration of recent messages

                                    Would it be possible to adjust the duration of the recent messages to display the last 30, 60 or even 90 days instead of just the previous two weeks?

                                    4 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Searching host and service

                                      In Sophos XG when I implement a new firewall rule and i try to search a single host or service I have to know the exact name there is a way the improve the search field?

                                      3 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Make UTM Webserver protection work with Exchange O365 hybrid passthrough

                                        Exchange / O365 Hybrid requires the use of WSSecurity/OAuth between O365 and on premise Exchange servers.
                                        Webserver protection, when set to passthrough, still intercepts this and breaks the authentication.
                                        only way to use UTM with Exchange hybrid currently is to use DNAT rules and therefore makes the whole thing redundant and useless.

                                        please prevent passthrough from breaking WSSecurity/OAuth.

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Rename port XG

                                          Is possibile in future release of Sophos XG rename the port connection? it will be more usefull for the implementation of rule and routing

                                          3 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base