Customer would like a comment field for IP Addresses or ranges of IP addresses under user "Additional Policy: Select Users" dialog box under the "Manual Entries" section. The ability to add a short comment would allow for better referencing and documentation of IP address

Customer would like a short comment field to allow for better referencing and documentation of IP address added to exclusion list.

Advanced partner would like a feature request for the Sophos Web Appliances, which was in direct result to a conversation with an existing customer within the education sector.

Currently, the SafeSearch feature is a global option, allowing you to turn it on or off for all users.

Could we please:

• Give the Administrators the option to turn this on or off per policy (Using Additional Policy Controls)

Or

• Give the Administrators the option to remove certain sites from this safe search. IE, exclude YouTube but allow all other sites to be used with the SafeSearch facility turned on.

Allow the functionality to output syslog to multiple servers. This would allow the customer to generate redundant logs from the source, rather than duplicating them after thefact. This is especially helpful in UDP scenarios.

We require the ability to disable certain alerts, at present you only have the option to have email alerts on or off and this is no way of amending what is and is not alerted upon

The current number of destinations displayed is 5 per user. To increase the usefulness of this report increase the limit or allow the user to select the number of destinations to include in the report.

Customer would like to be able to have scheduled reporting on a specific group for a specific website.
So they only want a specified website in the report for who ever accessed it within the group.

Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed on a per site/per user basis. In other words, permit Bob and only Bob to download MSI files from microsoft.com and only microsoft.com.

As per support request 3725151, streaming media will not play unless the site is set to trusted on the web appliance's local site list. This is getting very cumbersome to manage with the amount of sites now containing streaming media.

Allow download options need to be set at the additional policy level and not at the current global policy setting level.

When adding new users to groups that are used in Additional Policies we have to manually Sync Directory Services to reflect this group membership change. We would like the ability for an Administrator to define a schedule for Active Directory Synchronization.

This will over time provide meaningful management reports on usage patterns based on category classification of sites visited. With the proposed approach from a company perspective if the identification and classification of uncategorised sites of the most common sites (say top 10%) if this was automated overtime your classifications will have higher classified detection rate.

per case 3616231

We would like to block users from accessing Streaming Media regardless of the site category. we are currently blocking users from Streaming Media through the categories on default policy. The issue I have with it is that the web appliance doesn’t block videos on different categories websites. Example: www.mlb.com is a category Sports. This website contains videos which is considered streaming. We cannot block just the video portion of the website. We have to either allow or block the entire website. We would like to just block video and allow the text of mlb.com.

When HTTPS scanning is enabled, Skype fails to work because it is trying to send non-HTTP traffic over the SSL tunnel.

It is essential to be able to scan https sites and also essential to be able to support messaging apps, in particular Skype and iMessage. For Skype – maybe even setting up a simple SOCKS proxy on the Web proxy might do the trick, we do not need to examine or track the contents of the Skype messages." case 3693911

The company regards security as
it's upmost priority, holding major contracts with the MOD. As such the company
needs to demonstrate good risk management, especially regarding the threat of
data leakage. As more and more partners work in collaborative environments and
require our employees to access these environments the company feels some level
of control is required. Currently these environments are not recognized by the
Sophos appliance as threats and consequently gives no access
control.

A customer of ours has raised a request to be able to block custom filetypes, for example - defining ".nzb" files as an additional filetype to be blocked or warned against.

Can we have a button which gives us an option to turn on/off the defaulted trusted sites set by sophos labs.

Reason being if a customer has setup a rule to say block all exe , if the site is default trusted by labs the user can download the exe. Some customers do not want any site trusted.