Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Web Appliance: Granular Help desk role options

    It would be fantastic to have the ability to lock down each section inside of Web Appliance so that certain activities could be delegated to Junior Admin staff (such as only the ability to add entries to Local site list in Group policy section or only access to specific option into the Policy configuration, etc.), without exposing the entire configuration of the WSA to them.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. log a user off from Captive Portal

    The ability to log a user off from Captive Portal, when multiple users use the same workstation, or IT needs to do testing.

    Customer would like the ability to log a user off from the Sophos Web Appliance (Captive Portal) or have the ability to access a web page ie http://ws1100/logoff.php and log the current user off.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. ATP: Send alert on ATP incident

    A customer has requested be below:

    I like the new Advanced Threat Protection applet on the Sophos web filtering management appliance but I think that it would be very useful to add a system alert for Threat Detected.

    We have several SMAs that manage web filtering across several different environments so it would be very useful to receive an email when a new threat has been detected instead of having to manually visually check each SMA.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. Classification of Search-Engine Results

    The http-proxy should classify search engine links to the classification of the final target site under consideration of the local-site-list

    Explanation
    Search Engines have their own URI-Classification. To track user-selection they do not reference the original target URI, but a tracking relocator of the search-engine.
    This tracking URI should have the same classification as the target URI.
    When computing this classification value, the proxy should take into account any local re-classifications done thru the local-site-list, and assign this one value to the tracking relocator URI

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Send email alert on ATP event

    The ability to receive ATP alert notifications will save us from having to check the SWA web appliance console every 5 minutes and therefore carry on with our
    BAU tasks.

    This gives us the necessary alerts to respond to potential advanced threats ASAP.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. Reverse DNS lookup on IP requests.

    When the customer performs a remote desktop session in TeamViewer it sometimes attempts to connect to an IP address rather than to a URL. When running a reverse DNS lookup on the IP we can see the correct TeamViewer domain (which is allowed by policy but the IP is blocked for being uncategorized).
    I have special group of users allowed to access TeamViewer servers (for desktop sharing). Unfortunately a lot of TV servers are not categorized, as TV application access them with IP addresses not with names:

    When a request comes in for an IP address, attempt an RDNS lookup…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to block content based on YouTube content / category rating

    Similar to Youtube for Schools, allow customers to allow or block based on YouTube content / category ratings. This has been requested by a 3,500 user Government prospect:

    https://support.google.com/youtube/answer/146399?hl=en

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Provide Automated Feedback to Customer Regarding their URL recategorization Request

    Several customers have taken issue with our URL recategorization page:https://secure2.sophos.com/en-us/threat-center/reassessment-request.aspx and the fact that they receive no feedback regarding their requests. They would like to be notified when the request has been processed and information regarding if it was approved or denied. Other vendors do provide this feature.

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Authentication: Support SSO via certificate

    Allow customers who have the ability to pre-load a certificate to unauthenticated devices such as tablets as a single sign-on alternative to the captive portal.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. Network Test - Add NTP

    Add an NTP test to the network testing page

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to modify HTTP headers on WSA

    Ability to modify HTTP headers on WSA so we can avoid Bad Gateway errors as upstream routers reject the traffic. Similar to what BlueCoat have here https://kb.bluecoat.com/index?page=content&id=KB5286

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Proxy: Selectively specify Upstream proxy

    Ability to specify "direct" in the selective UpstreamProxy setting to disable a general Upstream-Proxy

    If a general Upstreamproxy is set, you can not specify single hosts for direct access.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. Alerts: Specify SMTP Port Used by SWA for Email Alerts

    We have created a new port different than 25 for SMTP traffic to help keep that port secure and standard for a few systems that we have. This port number also currently
    requires some type of authentication to access this port. We did create a secondary port that allows anonymous SMTP traffic to pass through the Exchange server. Unfortunately there isn’t any current method of applying authentication to the Web Appliance or altering the SMTP port. Seems like this was just looked over as a feature since we can even change the port and authentication methods with other pieces of…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. Decomissioned systems running full web control should automatically be removed from dashboard after no activity for some time

    Automate or add the ability to remove systems that are no longer in use which were previously running full web control from the connected endpoints display within the web appliance dashboard section. Once an endpoint running full web control registers with the web appliance the entry is never removed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Use "Default Groups" which contain IP addresses in Connection Profiles

    Currently if you go into the “Default Groups” menu in the Web Appliance panel it shows you the available groups. You also have the option to create a group and either add Users or ip addresses into this group. As you know these groups can then be used in Additional Policies. I would like the ability to also be able to use these groups in connection profiles. Right now you have to manually add ip addresses in connection profiles. You should have the ability to also add groups that were created in the “Default Groups” menu.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Local Site List Alerts When Entry is Redundant

    The idea would be to automatically, periodically review the Local Site List entries and flag those (with a check box option to autoremove?) entries that are no longer needed as they no longer differ from the Sophos provided data. This would primarily impact LSL entries to set a category for uncategorized sites that are subsequently categorized. This would assist admins to reduce the number of entries in their local site list.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Include Local and Sophos Data Results in the URL Tester

    Currently in the SWA admin GUI, the "Test URL" input box provides output regarding the current risk classification and categorization. This result includes any changes done in the local site list. Customer is requesting that we display both the current local overrides and the current Sophos data results if they are different.

    This would assist customers in determining if their recategorization requests have been successful with out viewing each entry under the local site list page.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Reporting: Produce a Web Appliance policy report

    It could be very interesting to export the policy configuration stored on WS on pdf or xls, csv format in order to analyze the global behavior on wide environment. Actually the XML files exported by backup action are not human readable!

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow exclusions when defining networks by CIDR range

    We would like to add CIDR to a local subnet, but to be able to exclude a specific IP address or a subset. For example

    1) 192.168.0.0/24 -192.168.0.65
    - which would add 192.168.0.0/24 range to the local subnet, except for 192.168.0.65 (for a single appliance).

    2) 192.168.0.0/24 -192.168.0.12-16
    - which would add 192.168.0.0/24 range to the local subnet, except for 192.168.0.12 to 192.168.0.16 (for multiple appliances in the same subnet for load balancing / fault tolerance)

    The alternative is to add in all the included addresses in the CIDR range individually, which is time consuming.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.