Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. User/device throttling based on Username/IP/MAC address/Hostname

    eature Request Summary – user/device throttling / prioritization allowing admins to set up polices on a per computer (hostname, MAC or IP) AD user/group basis to restrict download speeds to conserve bandwidth. Also be able to prioritize traffic like windows updates lower during high traffic/production times

    How will this new feature address your business requirements? – More users are using MORE bandwidth. Example: If there’s a class researching a topic on youtube and a study hall playing games, I would like to easily place a throttle on the gamers that gives the youtube users more priority. Example 2: user brings…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. Higher resolution sizing of GUI

    Customer would like the GUI to scale for higher resolution monitors so they can see more infromation on the search and reporting screens.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. SWA . please add option to add RBLs like URLHAUS

    Hi Team,

    as an extension, it would be highly useful to implement an option for adding additional RBLs in Webappliances (for example URLHAUS -> urlhaus(DOT)abuse(DOT)ch ).

    Thanks for considering and
    kind regards,
    Stefan

    (this feature request was brought based on customers support case #9415978)

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  4. Disable deprecated SSL/TLS Versions

    When using SSL-Inspection, it should be possible to deaktivate outdated TLS-versions like TLSv1.0 / 1.1.
    It is recommended to disable SSLv3/ TLSv1.0 / 1.1 in the browser settings. This setting is useless, however, as the SWA always uses SSLv1.2 in the direction of the client.
    So it can happen that a website with TLSv1.0 is requested, which is transferred to the client, on which TLSv1.0 is deactivated, with TLSv1.2.
    That's a security problem.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. Request to have the helpdesk role in web appliance to manually synchronize the AD

    Hello Team,

    We have the partner here requesting to have the helpdesk role in web appliance to manually synchronize the AD. This will allow the customer to no need to call the partner just to request to manually synchronize the AD if there are changes done on AD. For your assistance please. Thank You.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Email Appliance - Modify/Delete Header "Received from" showing local hostname and its local IP

    Email Appliance - Modify/Delete Header "Received from" showing local hostname and its local IP
    sample header:
    Received: from (local hostname) (unknown [local IP]) by mail.customer.domain (Sophos Email Appliance) with ESMTP id DDBB55220751_D330E57F for <external email eg. gmail>; Sat, 20 Jul 2019 12:51:35 +0000 (GMT)

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. False Positives on Blocked Sites Report

    The "Blocked Sites" report indicates HTTP errors as a "block" in the report. Certain server codes like 500 Internal Server Error, should not be included on the report or shown as an "error" rather than a "block" event. This falsely leads you to believe policy is actively blocking the URL.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  8. White-List emails by subject\keywords

    Hello,

    Please allow White-listing\Blacklisting of Email by Subject Line and\or Keyword.

    Our HR gets emails from personal emails address all of the time for users replying to job postings. As these emails come from their personal email address @aol.com @gmail.com it in not feasible to white-list all these personal address. All the address however have "application" in the subject line. If we were able to white list emails with "application" keyword in the subject this would greatly increase our HR departments ability to get and analyze these emails instead of having to release them from quarantine every day.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Email Gateway - Enable policy to hold password protected attachments for release by an administrator.

    I want the ablility to configure my policy to hold attachments, from users.
    An administrator could then go in an release the held attachment.

    I personally would like to hold all password protected files including zip files since Mail Gateway can not scan them and allows them to go directly to user. If an email contains the file's password a user could then open then scanned files.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Under email appliance allow wildcard entries to group editor

    Hello Team,

    We have customer here requesting to revert back the feature under email appliance to allow wildcard entries to group editor. For your assistance please.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. I suggest that the Sophos Email Appliance be able to support the Microsoft limits for email.

    Currently the SMTP settings on the Sophos email appliance do not support the Microsoft limits. Example: The Maximum number of recipients on the Sophos email appliance only supports 1000 recipients while Microsoft supports 10,000. Can we upgrade the Sophos Email Appliance to support these settings: https://technet.microsoft.com/en-us/library/exchange-online-limits.aspx

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. All emails that are quarantined should be included in quarantine digests. This includes but not limited to DKIM verification failures under

    Without including all quarantined emails in the digest, how would an end user know if they had a message trapped by the appliance that may be legitimate?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Only shows Content of the message while it is in the queue, once delivered and appears in the mail logs, no way to see detail in GUI.

    Email appliance only shows content of the message while it is in the queue, once delivered and appears in the mail logs, no way to see detail in GUI. It is very useful and more secure to allow admins to view the content of a message in the mail log. This would enormously helpful in assisting users, so that they didn't have to forward the suspect email back to help desk, exposing the threat further. Users simply informed that they received an email they were suspicious of, and who it was from.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow pop-ups/in-screen pages to be presented with warn/quota/proceed

    When a warning page, block page, or quota page is presented for a background site such as a content delivery server or image content the browser does not display this page. If possible customer would ideally be able to see this quota/proceed page within the page rather than the website loading unformatted and with no images.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. more granular bandwith reporting per Domain and Subdomain

    Client asked for an option in reporting, where he can see a more detailed bandwidth usage based on URLs and if applicable subdomains to check the total bandwidth/volume/bytes/hits consumed for everyone globally going through the web appliance.

    At this point, bandwidth for domain xyc.com already can be checked, but cannot differenciate the bandwidth usage for (examples) abc.xyz.com, bca.xyz.com and cba.xyz.com

    Thanks for considering!

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. Whitelisting only seems to work for IP address and not DNS names

    We recently tried to whitelist a VPN connection in Secure Web Gateway, using the DNS name did not whitelist the VPN, we had to put the actual IP address in to the whitelist to get it to work.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Show correct error page when Uncategorized category is blocked

    When a user attempts to visit an invalid URL (does not resolve in DNS) and the Uncategorized category is set to Block on the WS, the user will incorrectly be shown a “Blocked due to category” error page. While the URL is likely ‘Uncategorized’, it would be more correct to show the user a splash screen for “Server Error Page” that explains “The web address you entered could not be found.” The “Blocked due to category” error page allows the user to submit a request for access to a URL that doesn’t exist, creates additional IT work orders, and wastes…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Web Appliance Configuration

    It would be very useful to have a tool to download and view the configuration fo the web appllainces, mainly the policy configuration.

    Right now it seems the only way to get the policy configuration is to extract the policy.xml file from a backup but it's nearly unreadable

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Deactivate encrypted file blocking by URL

    Hi guys,

    at the moment it is only possible to block ALL encrypted and unscannable files under Filtering Options -> Misc

    It would be great to get an option in the Exceptions to deactivate the blocking for encrypted files by URL.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. download size

    Set the maximum Downlaod-Size of File in Rules.
    We want to set a Rule for Users or IPs that control the max. Size of a Download-File. e. g. is not allowed to Download a File with over 25MB.
    In SiteKiosk we can set this Option, but when the Sophos Web Appliance is used as Proxy, the Download starts and get the hole File (e. g. 100MB) and then SiteKiosk can say: No, Download is to large ...

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.