Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Reporting: Reports for a specific website for a specific group

    Customer would like to be able to have scheduled reporting on a specific group for a specific website.
    So they only want a specified website in the report for who ever accessed it within the group.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. Better security on web admin gui access

    Customer observed some vulnerabilities of Sophos Web Appliance which make it a high risk for hacking.

    1. Access to Sophos Web Console - Since the IP address of SWA written in the
    Proxy settings of the Internet browser, it is very much simplier to copy it
    by any user and will just type in the URL
    https://x.x.x.x (x.x.x.x - IP address of the SWA written in the Internet
    Browser proxy settings). We suggest that access to SWA console must be in
    different port (example:
    https://192.168.1.100:4434)

    2. Unlimited attempt to access accounts in the Sophos Web Console - We don’t …

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed

    Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed on a per site/per user basis. In other words, permit Bob and only Bob to download MSI files from microsoft.com and only microsoft.com.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Improve streaming media on iOS devices.

    As per support request 3725151, streaming media will not play unless the site is set to trusted on the web appliance's local site list. This is getting very cumbersome to manage with the amount of sites now containing streaming media.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. "Download Options" configurable in user policy

    Allow download options need to be set at the additional policy level and not at the current global policy setting level.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. AD: Custom schedules for AD Sync

    When adding new users to groups that are used in Additional Policies we have to manually Sync Directory Services to reflect this group membership change. We would like the ability for an Administrator to define a schedule for Active Directory Synchronization.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. Reporting: Report on Uncategorized Web Sites

    This will over time provide meaningful management reports on usage patterns based on category classification of sites visited. With the proposed approach from a company perspective if the identification and classification of uncategorised sites of the most common sites (say top 10%) if this was automated overtime your classifications will have higher classified detection rate.

    per case 3616231

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. Policy: Block users from Streaming Media or video regardless of site Category

    We would like to block users from accessing Streaming Media regardless of the site category. we are currently blocking users from Streaming Media through the categories on default policy. The issue I have with it is that the web appliance doesn’t block videos on different categories websites. Example: www.mlb.com is a category Sports. This website contains videos which is considered streaming. We cannot block just the video portion of the website. We have to either allow or block the entire website. We would like to just block video and allow the text of mlb.com.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Web Appliance: Allow skype with the HTTPS Scanning on

    When HTTPS scanning is enabled, Skype fails to work because it is trying to send non-HTTP traffic over the SSL tunnel.

    It is essential to be able to scan https sites and also essential to be able to support messaging apps, in particular Skype and iMessage. For Skype – maybe even setting up a simple SOCKS proxy on the Web proxy might do the trick, we do not need to examine or track the contents of the Skype messages." case 3693911

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Include Sharepoint into the data leakage component of the web appliance

    The company regards security as
    it's upmost priority, holding major contracts with the MOD. As such the company
    needs to demonstrate good risk management, especially regarding the threat of
    data leakage. As more and more partners work in collaborative environments and
    require our employees to access these environments the company feels some level
    of control is required. Currently these environments are not recognized by the
    Sophos appliance as threats and consequently gives no access
    control.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. Define custom filetypes

    A customer of ours has raised a request to be able to block custom filetypes, for example - defining ".nzb" files as an additional filetype to be blocked or warned against.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Admin can choose not to trust default trusted sites

    Can we have a button which gives us an option to turn on/off the defaulted trusted sites set by sophos labs.

    Reason being if a customer has setup a rule to say block all exe , if the site is default trusted by labs the user can download the exe. Some customers do not want any site trusted.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Reporting: Reports by Tag, showing results of search by Tag on Local Site List.

    Creating Reports by Tag, showing the same results of search by Tag, using "Show filters" option, on Local Site List, but with the original Category and Risk Class shown for each site found.

    Customer's business needs are:
    - when the employee who checks Appliance Reports for Italian law compliance went to Cariparma, when he saw that a huge numbers of sites could be added to Local Site List, assigning tags, recategorizing them and overriding risk class, he told them he needs the results of searching Local Site List by tag, thanks to 'Show filters' option, as a Report and with…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. WCCP to listen on port 2048 to work with Fortinet Firewall

    Customer would like to have the SWA listen on port 2048 so it would work with Fortinet firewall. This is to establish WCCP GRE Tunnel with the Fortigate Firewall.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable Data Loss controls by user/group

    At present, Data Loss controls (Webmail, Blogs & Forums posting) are globally configured for all users. Make them configurable by policy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. Send TCP-KeepAlive Packets

    When Scanning files the Appliance should send TCP-Keep-Alive packets in order for clients to see that the connection did not go stale.
    Customer would like to have a choice of either the patience page, tcp-keep-alive, or nothing. Selection could be made on the Configuration->Notification Page Options Page

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Change user request-email address

    When a user requests a page or want to have a category changed, the email address where the request is going to should be configurable (instead of going to the alert recipients in general)
    It also could be usefull for other customers using role based management to send user request mails e.g. to a helpdesk admin, and not to the appliance admin.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add hyperlink from PUA User Submissions to Download Options

    Add a visible hyperlink from PUA User Submissions section to Configuration -> Download Options. It is difficult for those new to the web appliance to know where already authorized PUAs are located. Especially since they disappear from User Submissions after a decision is made.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. IPv6 Support

    We've had multiple customers requesting updates on when the web appliance will include IPv6 Support.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. Advanced settings for "Search Term Alerts"

    Currently we're seeing a lot of customers that experience multiple emails when using the "Search Term Alerts" feature on the web appliance due to instant search which is enabled by default on sites such as google. Ie, customers are receiving an email for each letter typed into the search bar.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.