Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Permit invalid Transfer-encoding headers

    Request: Webserver from Skat.dk is sending invalid HTTP header values when downloading certain PDF files. The RFC the webserver is violating boils down to “binary” is not a valid value for the Transfer-encoding header.

    Could the SWA optionally allow these invalid header settings so that these files can be accessed?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. Proxy: Expose Maximum Connections figure

    The Maximum Connections figure has so far only been seen by us when being actually reached, sending the proxy critical; we receive an SMS warning at that point, but no indication in reports
    or an Exception in System Status. Knowing how close to the maximum figure we are at any given time would allow us to plan ahead of time for capacity increase without causing failures and downtime – or support overhead. It is absolutely vital that a maximum,
    or, just as importantly, near maximum that will in essence effectively cause failure to be either raised as an Exception (for…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Comment Field for Additional Policy Manual Entries

    Customer would like a comment field for IP Addresses or ranges of IP addresses under user "Additional Policy: Select Users" dialog box under the "Manual Entries" section. The ability to add a short comment would allow for better referencing and documentation of IP address

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Comment Field for Bridged Mode Exclusions

    Customer would like a short comment field to allow for better referencing and documentation of IP address added to exclusion list.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. Policy: Selective SafeSearch settings

    Advanced partner would like a feature request for the Sophos Web Appliances, which was in direct result to a conversation with an existing customer within the education sector.

    Currently, the SafeSearch feature is a global option, allowing you to turn it on or off for all users.

    Could we please:


    • Give the Administrators the option to turn this on or off per policy (Using Additional Policy Controls)

    Or


    • Give the Administrators the option to remove certain sites from this safe search. IE, exclude YouTube but allow all other sites to be used with the SafeSearch facility turned on.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Improve policy prioritization

    When you have a large number of policies, It’s a pain when creating a new policy because this is always created at the bottom of the list and you have to move it up a step one click at a time.

    It would be great if you could select a group of policies and move them all in one go as you can in ISA so instead of moving a policy up past 50 or 60 other policies to get it to where it needs to be.

    An alternative would be to allow you to select where to create the…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. Syslog: Send log data to multiple devices

    Allow the functionality to output syslog to multiple servers. This would allow the customer to generate redundant logs from the source, rather than duplicating them after thefact. This is especially helpful in UDP scenarios.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. I would like the option to see the full query string along with the base URL on user/site reports.

    I would like the option to see the full query string along with the base URL on user/site reports. Often times the query string contains very important web browsing information. For instance, when a user is on Google and they are doing searches, I cannot tell what they have searched unless it is in the Search Terms list – which only reports on specific words. Our previous web appliance, which was an iPrism by Edgewave, allowed us to see the full querystring.

    How will this new feature address your business requirements?: This would help our organization have more details on…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Modify individual Alerts on the appliances

    We require the ability to disable certain alerts, at present you only have the option to have email alerts on or off and this is no way of amending what is and is not alerted upon

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Increase the number of destinations on the top bandwidth report.

    The current number of destinations displayed is 5 per user. To increase the usefulness of this report increase the limit or allow the user to select the number of destinations to include in the report.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. Reporting: Reports for a specific website for a specific group

    Customer would like to be able to have scheduled reporting on a specific group for a specific website.
    So they only want a specified website in the report for who ever accessed it within the group.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Better security on web admin gui access

    Customer observed some vulnerabilities of Sophos Web Appliance which make it a high risk for hacking.


    1. Access to Sophos Web Console - Since the IP address of SWA written in the
      Proxy settings of the Internet browser, it is very much simplier to copy it
      by any user and will just type in the URL
      https://x.x.x.x (x.x.x.x - IP address of the SWA written in the Internet
      Browser proxy settings). We suggest that access to SWA console must be in
      different port (example:
      https://192.168.1.100:4434)


    2. Unlimited attempt to access accounts in the Sophos Web Console - We don’t
      found any…

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed

    Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed on a per site/per user basis. In other words, permit Bob and only Bob to download MSI files from microsoft.com and only microsoft.com.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. Improve streaming media on iOS devices.

    As per support request 3725151, streaming media will not play unless the site is set to trusted on the web appliance's local site list. This is getting very cumbersome to manage with the amount of sites now containing streaming media.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. "Download Options" configurable in user policy

    Allow download options need to be set at the additional policy level and not at the current global policy setting level.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. AD: Custom schedules for AD Sync

    When adding new users to groups that are used in Additional Policies we have to manually Sync Directory Services to reflect this group membership change. We would like the ability for an Administrator to define a schedule for Active Directory Synchronization.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Reporting: Report on Uncategorized Web Sites

    This will over time provide meaningful management reports on usage patterns based on category classification of sites visited. With the proposed approach from a company perspective if the identification and classification of uncategorised sites of the most common sites (say top 10%) if this was automated overtime your classifications will have higher classified detection rate.

    per case 3616231

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Policy: Block users from Streaming Media or video regardless of site Category

    We would like to block users from accessing Streaming Media regardless of the site category. we are currently blocking users from Streaming Media through the categories on default policy. The issue I have with it is that the web appliance doesn’t block videos on different categories websites. Example: www.mlb.com is a category Sports. This website contains videos which is considered streaming. We cannot block just the video portion of the website. We have to either allow or block the entire website. We would like to just block video and allow the text of mlb.com.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Web Appliance: Allow skype with the HTTPS Scanning on

    When HTTPS scanning is enabled, Skype fails to work because it is trying to send non-HTTP traffic over the SSL tunnel.

    It is essential to be able to scan https sites and also essential to be able to support messaging apps, in particular Skype and iMessage. For Skype – maybe even setting up a simple SOCKS proxy on the Web proxy might do the trick, we do not need to examine or track the contents of the Skype messages." case 3693911

    24 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. Include Sharepoint into the data leakage component of the web appliance

    The company regards security as
    it's upmost priority, holding major contracts with the MOD. As such the company
    needs to demonstrate good risk management, especially regarding the threat of
    data leakage. As more and more partners work in collaborative environments and
    require our employees to access these environments the company feels some level
    of control is required. Currently these environments are not recognized by the
    Sophos appliance as threats and consequently gives no access
    control.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.