Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Administrator audit log

    An audit log of all the actions and policy changes performed with the username, date and time.

    51 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. Reporting: Real-time view of traffic/connections in GUI.

    Customers would like to be able to see what connections are occurring through the appliance an any given time to be able to look at load issues or to troubleshoot issues with out the help of support.

    45 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Multi AD Support

    Some customers have more than one AD domain not trusted each other

    36 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. SNMP monitoring on the Web appliance

    Implementing SNMP to get all critical information from CPU, HDD, Memory and NW Card. If it is possible to get the counters from the status page that would be very nice.

    We must have all our systems in production in our network monitoring system to get the relevant information needed for SLA and capacity planning. SNMP is the preferred method for doing this.

    35 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. Provide Automated Feedback to Customer Regarding their URL recategorization Request

    Several customers have taken issue with our URL recategorization page:https://secure2.sophos.com/en-us/threat-center/reassessment-request.aspx and the fact that they receive no feedback regarding their requests. They would like to be notified when the request has been processed and information regarding if it was approved or denied. Other vendors do provide this feature.

    26 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Using wildcards in Local Site List

    Customer would like to be able to use wildcards when blocking sites. For example, they would like to be able to block all websites with the string "poker" in them.

    25 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Web Appliance: Allow skype with the HTTPS Scanning on

    When HTTPS scanning is enabled, Skype fails to work because it is trying to send non-HTTP traffic over the SSL tunnel.

    It is essential to be able to scan https sites and also essential to be able to support messaging apps, in particular Skype and iMessage. For Skype – maybe even setting up a simple SOCKS proxy on the Web proxy might do the trick, we do not need to examine or track the contents of the Skype messages." case 3693911

    24 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow individual users to be able to download certain extensions from individual websites

    We would like to be able to allow individual or a group of users to be able to download a file type from a certain website only.

    for example if ZIP files are blocked from being downloaded, however we have three users that often download from dropbox. We would like to allow these three users to be able to download ZIP files from dropbox only.

    23 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to block content based on YouTube content / category rating

    Similar to Youtube for Schools, allow customers to allow or block based on YouTube content / category ratings. This has been requested by a 3,500 user Government prospect:

    https://support.google.com/youtube/answer/146399?hl=en

    18 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Categorization: Dynamic categorization for objectionable content

    Dynamic categorization is required to allow blocking of sites that contain objectionable content but are not categorized as such.

    For example, in some cases customers find that allowing Uncategorized sites exposes users to objectionable content, but blocking Uncategorized sites blocks sites they need to access.

    There are also situations where objectionable content might appear on categorized sites, which can be particularly problematic for school environments.

    17 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  11. automatically download file after scanning

    it will be nice if file can be automatically downloaded after scanning without click on the "Click here to retrieve file".
    Another to raise this request is a file scanned by Sandstorm would be downloaded automatically.

    15 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to clear DNS cache via Web Interface.

    Ability to clear DNS cache via Web Interface.
    A simple button similar to the Clear Cache button to clear DNS information.
    At the least a option on the console (CLI) could be added to clear this.

    If important business related websites change
    IP addresses the SWA will continue to use old DNS/IP information until
    cleared or TTL is reached. This causes major issues if the SWA is the only
    internet gateway. Clearing/Refreshing DNS requires a Sophos Console Support
    session. Clearing the cache should be a simple process.

    15 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. ATP: Send alert on ATP incident

    A customer has requested be below:

    I like the new Advanced Threat Protection applet on the Sophos web filtering management appliance but I think that it would be very useful to add a system alert for Threat Detected.

    We have several SMAs that manage web filtering across several different environments so it would be very useful to receive an email when a new threat has been detected instead of having to manually visually check each SMA.

    13 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. Category request: Split the Proxies & Translators Category

    Customer requested that these two items be split into separate categories as they would be unrelated for the most part.

    13 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to whitelist Youtube channels

    Ability to whitelist complete you-tube channels in the WebAppliance

    12 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. X-Forwarded-For feature for web appliance

    organisation uses the Google Apps suite quite heavily. We put so much load to them that they end up putting Captcha verifications on searches as per this doc: https://support.google.com/websearch/answer/86640?hl=en

    A way to mitigate these things from happening in scenario’s where organisations may have all of their traffic exiting one or two public IP’s is to implement the X-Forwarded-For into the HTTP header. It means that the web server in question (eg Google) can differentiate between one client and the other.

    12 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →

    We have implemented a back-end feature to add X-Forwarded-For headers to HTTP requests in version 4.2.0 of the Web Appliance. At present it must be enabled by Sophos support but we are considering adding it as a UI option in the future.

    Note that this feature only works for non-secure HTTP so it may not help for the Google situation where the default is for traffic to use HTTPS. This is because with HTTPS, the headers are all part of the secured, encrypted communication within an SSL tunnel. There is no equivalent protocol that would work on SSL traffic.

  17. Report Scheduler - Schedule a single report

    Customer would like to be able to schedule only a single report in the Report Scheduler, rather than a 'Package' of reports.

    For example, their managers receive scheduled reports, but are only interested in seeing users by 'Browse Time'. However, they cannot schedule a report that ONLY includes 'Browse Time'. Instead they have to schedule the Policy Compliance report which includes other data like 'Policy Violators'.

    They do not want their managers to be sent 'Policy Violators' data. This report 'scares' them. They are non-technical users and do not necessarily understand that people are sometimes unwittingly violating the policy.

    Therefore…

    12 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to bypass HTTPS scanning for certain internal IP/IP range.

    As it would be impossible to push out a SSL certificate to a guest network, or to custom non-pc system, this would allow customer to still use HTTPS scanning for the rest of the network

    12 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Web Appliance: Granular Help desk role options

    It would be fantastic to have the ability to lock down each section inside of Web Appliance so that certain activities could be delegated to Junior Admin staff (such as only the ability to add entries to Local site list in Group policy section or only access to specific option into the Policy configuration, etc.), without exposing the entire configuration of the WSA to them.

    9 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to search logs with IP address or domain of a site visited by a user utilizing the CWG.

    One of our largest platinum service CWG client who is using cloud web gateway services globally requests this feature to be added as soon as possible as this is hindering their global response capabilities.

    They are not able to filter logs under logs section of CWG dashboard on Sophos Central by entering destination IP or domain a user has visited.

    8 votes
    Sign in
    (thinking…)
    Sign in with: sso facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 16 17
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.