The ability to block newly registered websites would be great. So many new sites are created with malicious intent. Say 30 days or 60 days. The Sophos Firewall has the ability to do this, so should the Web Gateway.
It would be very useful to have a tool to download and view the configuration fo the web appllainces, mainly the policy configuration.
Right now it seems the only way to get the policy configuration is to extract the policy.xml file from a backup but it's nearly unreadable2 votes
We have customer here requesting to have option to enable quarantine summary to specific users only1 vote
I'd suggest removing the Web Gateway logs readability and search from the Help Desk and Read-only Roles. I need help desk folks to be able to troubleshoot the end-point by disabling the tamper protection, call into support, etc. What I don't want is the ability for all the help desk personnel to see and search the browsing history of any user, especially VIPs. Is there already a way to do this?1 vote
Product "Email Appliance" is not available so posting it hear instead.
Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
I would like to remove those 2 headers (only for certain recipients) and sent the mail through.2 votes
Audit/System configuration log in order to determine when changes are made by a user. The log should be able to identify time of access to the web appliance, who accessed it, and what changes to the appliance, policies, and other configurations were made by that user. The report/log should also would be useful if the Administrator could export the log (i.e PDF, CSV, etc)1 vote
The standard Web Gateway install exhibits the following behaviour that really should be fixed.
Revoked leaf certificate - treats as trusted.
Bad HPKP pin - treats as trusted.
SHA-1 signed certificate - treats as trusted.
Invalid SCT - treats as trusted.
I mean come on, not checking for revoked certificates is pathetic in what's meant to be a security product.4 votes
at the moment it is only possible to block ALL encrypted and unscannable files under Filtering Options -> Misc
It would be great to get an option in the Exceptions to deactivate the blocking for encrypted files by URL.3 votes
Set the maximum Downlaod-Size of File in Rules.
We want to set a Rule for Users or IPs that control the max. Size of a Download-File. e. g. is not allowed to Download a File with over 25MB.
In SiteKiosk we can set this Option, but when the Sophos Web Appliance is used as Proxy, the Download starts and get the hole File (e. g. 100MB) and then SiteKiosk can say: No, Download is to large ...3 votes
Generic Block for local site list.
This came up when trying to block a website for all our sites except for one.
Additional policy was created to allow the site, but to block other sites we changed the Category to something that was blocked. This does not indicate the correct reason.
Unable to use global block tag as it has higher precedence.3 votes
The ability to modify the syslog output would be a great feature so that we can tailor that output to a format that works best with our SIEM.3 votes
I am not able to connect with some of the sites like moneycontrol.com, karvyonline.com. these sites are only for stock trading nothing else. And I am investor in share market and I want to watch those sites regularly as it is my field of studying and also I am having financial interests in them. kindly remove the blockage to access them, so could I use them.
thanking you1 vote
Customers would like to be able to see what connections are occurring through the appliance an any given time to be able to look at load issues or to troubleshoot issues with out the help of support.46 votes
We have addressed some of the operational issues with connections in version 4.0 by removing the limitations on concurrent connections. We will look again at this specific feature in the future if there is still strong demand.
One of our largest platinum service CWG client who is using cloud web gateway services globally requests this feature to be added as soon as possible as this is hindering their global response capabilities.
They are not able to filter logs under logs section of CWG dashboard on Sophos Central by entering destination IP or domain a user has visited.8 votes
Implementing SNMP to get all critical information from CPU, HDD, Memory and NW Card. If it is possible to get the counters from the status page that would be very nice.
We must have all our systems in production in our network monitoring system to get the relevant information needed for SLA and capacity planning. SNMP is the preferred method for doing this.37 votes
Adding the ability to add a stamp to email above the text as a warning example "Warning Do not open attachment or click on links from people you do not know or untrusted sources"2 votes
Currently, only the username is included in the syslog output. Please add in the source ip as well.1 vote
An audit log of all the actions and policy changes performed with the username, date and time.52 votesPlanned · AdminRich Baldry (Product Owner, Web Protection, Sophos Features & Ideas Laboratory) responded
This will not be ready in the timeframe previously outlined, but is very much in our plans.
Being able to run reports on individual users for total browse time during a day, or other period of time, is a pretty standard report on most any other web filter and is painfully lacking in the Cloud Web Gateway. This is a pretty common request from HR departments to get an idea if someone is not managing their time appropriately. The report should be based on activity to get an idea of how long someone was actively browsing web pages.1 vote
Some customers have more than one AD domain not trusted each other37 votes
This feature did not make the cut for our upcoming releases but will be considered in the future.
- Don't see your idea?