Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Separate Web Gateway Role from Help Desk read

    I'd suggest removing the Web Gateway logs readability and search from the Help Desk and Read-only Roles. I need help desk folks to be able to troubleshoot the end-point by disabling the tamper protection, call into support, etc. What I don't want is the ability for all the help desk personnel to see and search the browsing history of any user, especially VIPs. Is there already a way to do this?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Web

    Audit/System configuration log in order to determine when changes are made by a user. The log should be able to identify time of access to the web appliance, who accessed it, and what changes to the appliance, policies, and other configurations were made by that user. The report/log should also would be useful if the Administrator could export the log (i.e PDF, CSV, etc)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  3. Reports which file type is blocked.

    Currently if a user has a problem with a certain site because a file type is blocked it is not displayed in the reports.

    So have to investigate this in the syslog if you have set it up or call Sophos support which takes too much time.

    Can the reason for the file type block be added in the reports?

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Email Applicance - Possibility to remove Disposition-Notification-To and Return-Receipt-To headers

    Product "Email Appliance" is not available so posting it hear instead.
    Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
    I would like to remove those 2 headers (only for certain recipients) and sent the mail through.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. To upgrade the Sophos Virtual Web Appliance hardware version to VMX10

    Hi Team,

    There are various problems in terms of performance of Sophos Virtual Web Appliance hardware version vmx4.

    Its always better to be on latest version for better efficiency and performance.

    Our environment recommended to upgrade the Sophos Web Appliance hardware version from vmx4 to VMX10 but Unfortunately the vmx10 officially you have not tested the hardware version 10 with the Sophos Web Appliance.

    and its not recommended as of now. could you please test the vmx10 version and make it officially supported

    Regards
    Tajudeen

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Not able to access money control

    sir,
    I am not able to connect with some of the sites like moneycontrol.com, karvyonline.com. these sites are only for stock trading nothing else. And I am investor in share market and I want to watch those sites regularly as it is my field of studying and also I am having financial interests in them. kindly remove the blockage to access them, so could I use them.
    thanking you

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  7. Deactivate encrypted file blocking by URL

    Hi guys,

    at the moment it is only possible to block ALL encrypted and unscannable files under Filtering Options -> Misc

    It would be great to get an option in the Exceptions to deactivate the blocking for encrypted files by URL.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Implement some basic security features.

    The standard Web Gateway install exhibits the following behaviour that really should be fixed.

    Revoked leaf certificate - treats as trusted.
    Bad HPKP pin - treats as trusted.
    SHA-1 signed certificate - treats as trusted.
    Invalid SCT - treats as trusted.

    I mean come on, not checking for revoked certificates is pathetic in what's meant to be a security product.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. download size

    Set the maximum Downlaod-Size of File in Rules.
    We want to set a Rule for Users or IPs that control the max. Size of a Download-File. e. g. is not allowed to Download a File with over 25MB.
    In SiteKiosk we can set this Option, but when the Sophos Web Appliance is used as Proxy, the Download starts and get the hole File (e. g. 100MB) and then SiteKiosk can say: No, Download is to large ...

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Generic block option

    Generic Block for local site list.

    This came up when trying to block a website for all our sites except for one.
    Additional policy was created to allow the site, but to block other sites we changed the Category to something that was blocked. This does not indicate the correct reason.

    Unable to use global block tag as it has higher precedence.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. Have the ability to modify the Syslog output format

    The ability to modify the syslog output would be a great feature so that we can tailor that output to a format that works best with our SIEM.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Include Source IP on Syslog Output

    Currently, only the username is included in the syslog output. Please add in the source ip as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Gateway Reporting - Total Browse Time By User

    Being able to run reports on individual users for total browse time during a day, or other period of time, is a pretty standard report on most any other web filter and is painfully lacking in the Cloud Web Gateway. This is a pretty common request from HR departments to get an idea if someone is not managing their time appropriately. The report should be based on activity to get an idea of how long someone was actively browsing web pages.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  14. email stamp

    Adding the ability to add a stamp to email above the text as a warning example "Warning Do not open attachment or click on links from people you do not know or untrusted sources"

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sophos Email Appliance - Report improvements

    Reports improvements such as:
    Internal Mail Hosts - the amount of mail coming from each internal host
    Mail Delivery Servers - amount of mail through these

    Trusted Relays - amount of mail through these

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Sophos Live Connect

    Hi everyone, I have enabled Sophos Live Connect on the management server but I have the problem that the list of enabled and then removed clients is not updated, it always stays with the old rumbling entries. Is there a chance to remove these old rumors?
    Thank you.
    Francesco

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Website Tags - Options to Warn / Audit

    It would be very useful for testing custom URL tagging if we were able to audit, in addition to allowing and blocking, clicks through to URLs we have tagged. This would allow us to deploy large changes at a large scale with no impact while we observe the potential impact.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Web appliance status to show free disk space

    Following an outage that impacted end users through appliance not accepting connections resulting in web pages being inaccessible, requesting functionality to display used and free disk space on (virtual) Web Appliance. It would also be useful to be able to query this using SNMP (see separate Idea submitted by another user in 2012) and/or receive email alerts when disk free space was below a set threshold.

    Background is that disk was so full that even after expanding virtual disk, the inbuilt appliance function to expand the disk would not execute because it could not write the necessary scripts to the…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to search logs with IP address or domain of a site visited by a user utilizing the CWG.

    One of our largest platinum service CWG client who is using cloud web gateway services globally requests this feature to be added as soon as possible as this is hindering their global response capabilities.

    They are not able to filter logs under logs section of CWG dashboard on Sophos Central by entering destination IP or domain a user has visited.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. SSL inspection by pass for non-standard domains

    non-standard domains and sub-domains are ignored for SSL inspection exemption. This makes it hard to exempt corporate trusted domains. example would be "server.itn.shell"

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.