Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to put mime types as trusted in local site list

    Website's audio streaming cannot start when HTTPS scanning is enabled. Found that the stream is treated by SWA as mime type "Application/octet-stream" and when the site is put to Trusted in the Local Site List, the streaming can go on. Customer does not want to trust the whole site domain though. They want the AV to Trust only when its that mime-type so audio can go on BUT they want other parts of the site to be scanned.

    5864911

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. Upstream proxy settings not copied across to other SWA managed by SMA

    A Platinum customer has a large number of upstream proxy redirections which are set on the SWA5000. They wanted both SWA5000 and SWA5000b to have the same synced copy managed by the Management appliance.

    The settings are found under Network/Hostname/Upstream Proxies/Advanced options.

    It would be nice that upon joining the SMA1000 with the first appliance, that the option to upload the proxy list to the SMA1000 be allowed
    and then for the SMA1000 to have a configuration area for the same to push out to all web appliances in the management pool.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow individual users to be able to download certain extensions from individual websites

    We would like to be able to allow individual or a group of users to be able to download a file type from a certain website only.

    for example if ZIP files are blocked from being downloaded, however we have three users that often download from dropbox. We would like to allow these three users to be able to download ZIP files from dropbox only.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Email alert when a set threshold of High risk sites have been visited.

    The appliance should generate an email alert when a threshold(configurable by the administrator) of High risk sites have been visited. This should take in account for sites categorized as High Risk by Sophos as well as if the user overrides the category via local site/additional policy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add web application for "Cloud and NAS solution"

    Requirement to block home cloud / home NAS solution websites from the corporate network. Some of these like Mynetgear.com is classified as a ‘Business’ site. A lot of vendors have similar websites to access storage solutions at
    home or other networks.

    Can we able to add these on web application under default policy

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Email Alert when traffic drops below threshold

    We would like to have a new Email Alert Option for when web traffic (i.e concurrent users, throughput, latency, etc.) drops below a selectedThreshold during set hours.

    If there is an error/misconfig in either PAC file or GPO settings that is supposed to direct endpoints to the Gateway, traffic will gradually start dropping and it could be days or weeks before the error is discovered. This could lead to a malicious download that would have been blocked had the traffic correctly gone through the Gateway, as happened to us.

    An email alert for this reduction in traffic will enable administrators…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. realtime website browsing alerts

    Being aware in real time of visited web sites that have malicious code, virus’s or other security issues means we can react quicker to block these sites at the appliance.
    If a site has been infected then blocking it before access is paramount as other yet unknown and undetectable infections may also reside on that site. In much the same way as SAV alerts in real time, having admins informed of infections in real time is critical.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add the possibility to create local user

    Allows the option on Sophos Web Appliance to create and manage local user. In some case, it is not possible to create AD user so a way to create local user on Sophos Web Gateway is needed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. create exception for for specific domains in AD SSO

    Create exception for specific domains in AD SSO in which this domains will automatically redirected to Captive Portal

    This would be helpful to the customer's set up in hospital in which they use shared PC in which once they enter this specific domain it will automatically redirected to Captive Portal

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Block web page based on regular expression.

    From ticket #5552897 can you allow the web appliance to have the functionality to block web page based on regular expression.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. vmware esxi6 support

    According the Dataproduct sheet the WEB and MAIL appliances are supported on VmWare ESXi4x and 5x.
    We are running on VmWare ESXi6, i would like to see that there is official support for the WEB and MAIL appliances running on VmWare ESXi6.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. I need a certificate authority added

    when end users go to www.adhc.nsw.gov.au they get an error saying that the certificate was unable to be verified.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Finer grain control for report scheduler - Web appliance

    On the Management/Web appliance you can schedule reports, but there are only report packages. Can you add the ability to specify more custom reports (eg. Only "Top bandwidth Users") and not the whole "package".

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow downloading large files with non-browser tools

    There should be a way to make large download work with tools like wget or whatever software is unable to display the "scanning message" in a browser window
    For example downloading a 700 MB file with wget hangs at

    HTTP request sent, awaiting response...

    And stays this way until the appliance has downloaded and scanned the file and starts streaming it to the client

    Many other software will just timeout after the while and athe only way to make them work is to bypass the appliance all togheter, making it pointless.

    Sophos support told me to add the sites to…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. Adding sophos_log for incomplete request with tag TCP_MISS

    getting alerts from sophos UTM firewall, saying that the web appliance has attempted to download from a restricted site.
    If the web appliance logged the failed requests as well as the successful ones, we might be able to track down which client tried to get to the malicious site.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allows visibility and management of huge file downloads where limited resources are available.

    Allows visibility and management of huge file downloads where limited resources are available. The request is to provide an end device configuration option so that
    I can turn off the feature that downloads large files to the appliance first and then the end user pulls that file to their local machine. During the download to the appliance I have no mechanism to determine who is downloading to large files.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enabling the web appliance to give customized information on the approval page

    Enabling the web appliance to give customized information on the approval page will allow for IT Managers to create automated workflow to send requests to specific managers of various departments
    in order to allow department managers to directly know what is going on “only” with the users they care about, and thus approve web site pages accordingly. This will allow for business automation workflow and prevent unnecessary emails to users who have no
    authorization to approve.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Simplify authentication exceptions

    When creating an exception on the UTM you can configure a single exception of domain.com. This will apply to: domain.com, www.domain.com, subdomain.domain.com and domain.com:443.

    On the web appliance you are required to manually configure an entry for each of these which increases the management overhead.

    Could the behaviour of the WSA be updated to match the UTM?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Additional Policies

    Improve features Additional Policy:
    + Add filters in additional policies (like Local Site List).
    + Possibility of sending a rule to a certain position in the order of policies.
    + Remove limit 150 Policies.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support vMotion

    Support for vMotion should be added to the product. A huge proportion of customers require vMotion on their virtual hosts at which point they are running an unsupported configuration.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.