Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. automated backups require a more secure method than FTP

    As part of our PSN submission it came to light we were using ftp to backup our sophos ESC appliance. It was required that we use a more secure method such as sFTP which the sophos ESC appliance doesn't support. We have had to stop using automated backups.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. UI: Improve Additional Policy UI performance

    Improve the UI performance of the SWA when using a large number of policies.

    The GUI is slow to refresh on a system with 150+ additional policies. They have a large number of policies because this is a central SMA which manages policies for a number of schools.

    It can take over 25 seconds to move an additional policy one place in the additional policies list.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Syslog: Log all system data, not just web traffic

    Advanced logging is needed to troubleshoot issues.

    Currently syslog only logs events such as what sites user’s visit. We need to be able to see when the appliances are rebooted, any errors that are occurring, amount of current connections on each appliance, incoming web requests, and basically anything Sophos Support can see from the backend.

    This feature would help us greatly in troubleshooting issues we are currently seeing. It is frustrating to have to contact Sophos Support when issues are occurring do to the impact to our user’s while we wait on support. If we were able to see this…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Web Appliance acts as an ICAP client to a third-party DLP solution

    ICAP (Internet Content Adaptation Protocol) support to give the capability of working with DLP products to block PAN data at the network edge.

    This will give customers the capability of blocking PAN (Primary Account Number) data at the network edge in the event PAN data is passed thru a unsupported internet browser.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow static ARP entries

    Static ARP entries would almost eliminate the threat of ARP poisoning

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow mDNS/Bonjour on the local LAN to work in the browsers.

    Allow mDNS/Bonjour on the local LAN to work in the browsers. The web protection currently blocks them for no apparent reason.Put an option in the software to allow mDNS to work, it IS the age of iOT after all.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  7. Web appliance automatically clear usercache

    Submitting on behalf of client. On the backend of the web appliance if you can automate the user cache to purge older users that have authenticated. Currently anything in the user cache is kept permanently - if there is no new authentication and coming from the same IP this would cause incorrect reporting data.

    For example any users thate authenticated and is still in the cache over 'x' amount of months/days should automatically delete.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. Web Appliance: Support Intermediate Certificates for Certificate Authority

    Customer would like to use a custom Certificate as Certificate Authority.
    According to an internal KBA "Customer Upload of Signing Certificate" the CA Certificate needs to be a top-level Root CA.
    The customers CA Certificate is not a top-level Root CA, so he needs to be able to also import an Intermediate Certificate, and therefor requests this feature

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Alter time frequency related to SWA to SMA sync jobs

    As an admin I would like to increase time frequency related to SWA to SMA sync jobs.
    Issue come up when SMA and SWA are connected through MPLS, when managed SWAs are several, these operations overwhelm the MPLS line.

    The goal would be to have the possibility to alter the sync frequency so these data could flow into low peak times.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide option for user to add quarantine reason on sophos email appliance

    Company and Contact Information

    Company: Motability

    Contact: 01279632141

    Sophos Partner (if applicable):

    Sophos Product Information

    Sophos Product: Sophos Email Appliance ES1100

    Version in Production: V 4.0.0.0

    Feature Request Summary We was wondering if there was a way to add our own field in the quarantined for reason We want to add DKIM to the
    check list

    This is so we can narrow down our searches for DKIM emails as we are getting a few blocked now and would like to be able to do a quick search each day to keep an eye on them

    How will this new feature…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Upstream proxy settings not copied across to other SWA managed by SMA

    A Platinum customer has a large number of upstream proxy redirections which are set on the SWA5000. They wanted both SWA5000 and SWA5000b to have the same synced copy managed by the Management appliance.

    The settings are found under Network/Hostname/Upstream Proxies/Advanced options.

    It would be nice that upon joining the SMA1000 with the first appliance, that the option to upload the proxy list to the SMA1000 be allowed
    and then for the SMA1000 to have a configuration area for the same to push out to all web appliances in the management pool.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. NTP Time Sync

    Currently all virtual appliances sync their time with the virtual host on boot, if this time is wrong then the time on the appliance would also be wrong. If this gap is too large then NTP will not try and sync the time causing authentication failures. The suggestion would be to allow the NTP sync tool to overwrite the inherited time or set the time. I think this could be done by using the -g trigger for the initial sync on boot. Returning afterwards to the standard options.

    This has been raised by one of our major distributors (case #5352751)

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Filetype Detection: .docx file type needs to be added for better granular controls

    in Web Appliance, .docx file type needs to be added for better granular controls . currently doc file, xls etc has controls individually, but not for new versions of those MS Office files, please consider. they are filtered as zip files at the moment. SUG77189 has mentioned this point

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. log a user off from Captive Portal

    The ability to log a user off from Captive Portal, when multiple users use the same workstation, or IT needs to do testing.

    Customer would like the ability to log a user off from the Sophos Web Appliance (Captive Portal) or have the ability to access a web page ie http://ws1100/logoff.php and log the current user off.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. HTTPS Scanning: Opt-in selection by site or category

    I would like to request the ability to choose which web sites HTTPS scanning is applied to.

    At the moment the only option it to turn HTTPS scanning on and then compile a list of exceptions.

    We had been running our SWA (Sophos Web Appliance) environment without HTTPS scanning for a year. However a few months ago Google changes the way their search page worked and redirected all
    traffic to a secure HTTPS version of their site.

    This change forced us to switch on HTTPS scanning as it was the only way that we could continue to enforce Google Safe…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. Reporting: Produce a Web Appliance policy report

    It could be very interesting to export the policy configuration stored on WS on pdf or xls, csv format in order to analyze the global behavior on wide environment. Actually the XML files exported by backup action are not human readable!

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Admin can choose not to trust default trusted sites

    Can we have a button which gives us an option to turn on/off the defaulted trusted sites set by sophos labs.

    Reason being if a customer has setup a rule to say block all exe , if the site is default trusted by labs the user can download the exe. Some customers do not want any site trusted.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. IPv6 Support

    We've had multiple customers requesting updates on when the web appliance will include IPv6 Support.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Link activity search items to policy test

    When currently viewing user activity, there is no way to see easily see why an access is permitted or denied. Currently, one needs to take the URL and user information and manually go over to Policy Test and then test to URL to see why a particular action was taken. It would be much better if the reason was available directly from the search activity. For example, clicking on the status entry could pull up a page similar to the results page of Policy Test, and say what the risk level is, category, tags, policy result, policy, and reason.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. End-user pages: Custom error pages based on policy

    Having the possibility to create and/or customize all error pages / block pages / warning pages based on a specific policy.
    In fact, having the configuration of the error page on the policy.

    For example, if user toto is part of an additional policy "policy1", then user see the block page of the policy1, if he is part of the additional policy "policy2", then user toto see the block page of the policy2.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.