It would be useful to highlight banners with a choice of colours for background and text to catch a users attention.

Today, Sophos Web Appliance records HTTP URLs, caller (using LDAP) and timestamp.

I'd like to request that it should also record HTTP headers.

We are existing clients who'd like to audit HTTP calls and we need the headers to be included.

Currently the SMTP settings on the Sophos email appliance do not support the Microsoft limits. Example: The Maximum number of recipients on the Sophos email appliance only supports 1000 recipients while Microsoft supports 10,000. Can we upgrade the Sophos Email Appliance to support these settings: https://technet.microsoft.com/en-us/library/exchange-online-limits.aspx

Without including all quarantined emails in the digest, how would an end user know if they had a message trapped by the appliance that may be legitimate?

Currently it's not possible to add a route to a single IP address (CIDR /32), but the smallest destination CIDR address is a /31. In some circumstances it's mandatory to use a route to a single IP address.

Enable feature for soft restart while updating/adding new WAF policies and changes occured in existing WAF policies. Since compete WAF restart may annoying the existing service availability to the customers. number of Financial transaction services being run through reverse proxy which could lead in trouble when you edit or delete any existing WAF rule or services.

I would like to see the ability to block custom file extensions and not just the predefined ones.

I would like the appliance to send emails securely. That is, I could use ssmtp, tls, starttls, for sending alerts and reports.

Currently you can only use SMTP.

regards

Currently if a user has a problem with a certain site because a file type is blocked it is not displayed in the reports.

So have to investigate this in the syslog if you have set it up or call Sophos support which takes too much time.

Can the reason for the file type block be added in the reports?

Product "Email Appliance" is not available so posting it hear instead.
Sometimes we receive e-mails which have the headers "Disposition-Notification-To: " and "Return-Receipt-To: " set.
I would like to remove those 2 headers (only for certain recipients) and sent the mail through.

Hi Team,

There are various problems in terms of performance of Sophos Virtual Web Appliance hardware version vmx4.

Its always better to be on latest version for better efficiency and performance.

Our environment recommended to upgrade the Sophos Web Appliance hardware version from vmx4 to VMX10 but Unfortunately the vmx10 officially you have not tested the hardware version 10 with the Sophos Web Appliance.

and its not recommended as of now. could you please test the vmx10 version and make it officially supported

Regards
Tajudeen

Set the maximum Downlaod-Size of File in Rules.
We want to set a Rule for Users or IPs that control the max. Size of a Download-File. e. g. is not allowed to Download a File with over 25MB.
In SiteKiosk we can set this Option, but when the Sophos Web Appliance is used as Proxy, the Download starts and get the hole File (e. g. 100MB) and then SiteKiosk can say: No, Download is to large ...

Generic Block for local site list.

This came up when trying to block a website for all our sites except for one.
Additional policy was created to allow the site, but to block other sites we changed the Category to something that was blocked. This does not indicate the correct reason.

Unable to use global block tag as it has higher precedence.

The ability to modify the syslog output would be a great feature so that we can tailor that output to a format that works best with our SIEM.

Currently, only the username is included in the syslog output. Please add in the source ip as well.

Hi everyone, I have enabled Sophos Live Connect on the management server but I have the problem that the list of enabled and then removed clients is not updated, it always stays with the old rumbling entries. Is there a chance to remove these old rumors?
Thank you.
Francesco

non-standard domains and sub-domains are ignored for SSL inspection exemption. This makes it hard to exempt corporate trusted domains. example would be "server.itn.shell"