Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable feature for soft restart while updating/adding new WAF policies and changes occured in existing WAF policies.

    Enable feature for soft restart while updating/adding new WAF policies and changes occured in existing WAF policies. Since compete WAF restart may annoying the existing service availability to the customers. number of Financial transaction services being run through reverse proxy which could lead in trouble when you edit or delete any existing WAF rule or services.

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
    • When a URL is blocked, the log should have more detail

      When a URL is Blocked, the log should have more detail as to why the URL was blocked. We should be able to see these details so we can troubleshoot and fix the issue instead of calling support.

      3 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
      • Block custom file extentions

        I would like to see the ability to block custom file extensions and not just the predefined ones.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
        • Whitelisting only seems to work for IP address and not DNS names

          We recently tried to whitelist a VPN connection in Secure Web Gateway, using the DNS name did not whitelist the VPN, we had to put the actual IP address in to the whitelist to get it to work.

          2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Allow pop-ups/in-screen pages to be presented with warn/quota/proceed

            When a warning page, block page, or quota page is presented for a background site such as a content delivery server or image content the browser does not display this page. If possible customer would ideally be able to see this quota/proceed page within the page rather than the website loading unformatted and with no images.

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • more granular bandwith reporting per Domain and Subdomain

              Client asked for an option in reporting, where he can see a more detailed bandwidth usage based on URLs and if applicable subdomains to check the total bandwidth/volume/bytes/hits consumed for everyone globally going through the web appliance.

              At this point, bandwidth for domain xyc.com already can be checked, but cannot differenciate the bandwidth usage for (examples) abc.xyz.com, bca.xyz.com and cba.xyz.com

              Thanks for considering!

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
              • Automatic generation of reports via backend

                Customer is requesting for Automatic generation of reports via backend as manual generation per user/site iis tedious given the number of our internet users

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                • Erase Proxy log specific user

                  If possible, delete a specific user's proxy logs without deleting the logs of the others

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                  • ssmtp

                    I would like the appliance to send emails securely. That is, I could use ssmtp, tls, starttls, for sending alerts and reports.

                    Currently you can only use SMTP.

                    regards

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                    • time should include one thousandth of a second

                      Time should include one thousandth of a second when searching user web history. When endpoint security products detect malicious web activity it would be helpful to have the Web Gateway display to the thousandth of a second in the Date/Time column so we can match the time with the event that occurred on endpoint security. That way we can block the URL by adding it to the local site list. I know the Web Gateway can do this because I see this detail in my SIEM when the Web Gateway sends events to the SIEM.
                      Thank you!

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                      • Block Newly Registered Websites

                        The ability to block newly registered websites would be great. So many new sites are created with malicious intent. Say 30 days or 60 days. The Sophos Firewall has the ability to do this, so should the Web Gateway.
                        Thanks!

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • sophos email appliance quarantine summary to specific users only

                          We have customer here requesting to have option to enable quarantine summary to specific users only

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Show correct error page when Uncategorized category is blocked

                            When a user attempts to visit an invalid URL (does not resolve in DNS) and the Uncategorized category is set to Block on the WS, the user will incorrectly be shown a “Blocked due to category” error page. While the URL is likely ‘Uncategorized’, it would be more correct to show the user a splash screen for “Server Error Page” that explains “The web address you entered could not be found.” The “Blocked due to category” error page allows the user to submit a request for access to a URL that doesn’t exist, creates additional IT work orders, and wastes…

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                            • Reports which file type is blocked.

                              Currently if a user has a problem with a certain site because a file type is blocked it is not displayed in the reports.

                              So have to investigate this in the syslog if you have set it up or call Sophos support which takes too much time.

                              Can the reason for the file type block be added in the reports?

                              3 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                              • Web Appliance Configuration

                                It would be very useful to have a tool to download and view the configuration fo the web appllainces, mainly the policy configuration.

                                Right now it seems the only way to get the policy configuration is to extract the policy.xml file from a backup but it's nearly unreadable

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Separate Web Gateway Role from Help Desk read

                                  I'd suggest removing the Web Gateway logs readability and search from the Help Desk and Read-only Roles. I need help desk folks to be able to troubleshoot the end-point by disabling the tamper protection, call into support, etc. What I don't want is the ability for all the help desk personnel to see and search the browsing history of any user, especially VIPs. Is there already a way to do this?

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Email Applicance - Possibility to remove Disposition-Notification-To and Return-Receipt-To headers

                                    Product "Email Appliance" is not available so posting it hear instead.
                                    Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
                                    I would like to remove those 2 headers (only for certain recipients) and sent the mail through.

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Web

                                      Audit/System configuration log in order to determine when changes are made by a user. The log should be able to identify time of access to the web appliance, who accessed it, and what changes to the appliance, policies, and other configurations were made by that user. The report/log should also would be useful if the Administrator could export the log (i.e PDF, CSV, etc)

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Implement some basic security features.

                                        The standard Web Gateway install exhibits the following behaviour that really should be fixed.

                                        Revoked leaf certificate - treats as trusted.
                                        Bad HPKP pin - treats as trusted.
                                        SHA-1 signed certificate - treats as trusted.
                                        Invalid SCT - treats as trusted.

                                        I mean come on, not checking for revoked certificates is pathetic in what's meant to be a security product.

                                        4 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Deactivate encrypted file blocking by URL

                                          Hi guys,

                                          at the moment it is only possible to block ALL encrypted and unscannable files under Filtering Options -> Misc

                                          It would be great to get an option in the Exceptions to deactivate the blocking for encrypted files by URL.

                                          3 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 15 16
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.