Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Web Appliance: Ability to disable "certificate error " error message in the blockpage

    A customer don´t wants the "certificate error " error message in e.g. the blockpage to be displayed, as this only confuses users.

    As soon as a user requests a blocked HTTPS website, besides the Reason and the Site, the blockpage shows:

    ---
    If your browser displayed a certificate error before displaying this page, you may need to install the web protection certificate authority. Click here to download it.
    ---

    This message is shown, no matter if HTTPS scanning and/or certificate validation is active.
    It shows even if the appliances CA already is installed on the browser.
    In that case when…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. ability to edit templates from GUI

    HTTPS Web Filter web message page for an Untrusted Website is providing our end-users with a hyperlink to add their own exception. Customer wants to be able to edit template to remove or alter the exception link
    case ref 5976126

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Times at which websites were being accessed

    Ability to not only view sites visited & the amount of time spent, but also the times at which the sites were being accessed

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Per site global bandwidth usage

    Reference community post :
    https://community.sophos.com/products/web-appliance/f/5/t/76569

    Client would like to be able to specify a single URL/website and look at the TOTAL bandwidth/volume/bytes consumed for everyone globally going through the web appliance.

    There is a fairly similar log but they cannot specify a single URL and can only go by top allowed/block websites.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. automatically download file after scanning

    it will be nice if file can be automatically downloaded after scanning without click on the "Click here to retrieve file".
    Another to raise this request is a file scanned by Sandstorm would be downloaded automatically.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Captive Portal after SSO authentication

    Customer has various generic user AD accounts. After the client has authenticated with the WSA via SSO, they would like the option to present a captive portal for accounts which belong to certain AD security groups - so that the individual user can log in instead of using the generic user account. It is deployed with Static IPs for Captive Portal at present

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. Custom Block Pages: Add a "local time" variable

    The customer asked for a variable that contains the local time instead of GMT, e.g. %%DATETIME%%, the only one available at the moment is this - %%DATETIME_GMT%% which cannot be changed from GMT.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable Kerberos Support for Windows Clients

    Currently all authentication between Windows machines and the Sophos Web Appliance occurs using NTLM, we would like to move to using only Kerberos.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Option for letting clients disable the gateway

    Its sometimes very bad when users cant visit certain sites because they dont allow proxies/vpn´s

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. more refine option for syslog and ftp backup for transaction log

    would be nice to have a option to export the transaction logs only when there is a issue . As regular backup is taking lots of space in syslog server.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. A way to search logs within web appliance console

    I want to be able to search for destination IP addresses within web appliance

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to put mime types as trusted in local site list

    Website's audio streaming cannot start when HTTPS scanning is enabled. Found that the stream is treated by SWA as mime type "Application/octet-stream" and when the site is put to Trusted in the Local Site List, the streaming can go on. Customer does not want to trust the whole site domain though. They want the AV to Trust only when its that mime-type so audio can go on BUT they want other parts of the site to be scanned.
    #5864911

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  13. Upstream proxy settings not copied across to other SWA managed by SMA

    A Platinum customer has a large number of upstream proxy redirections which are set on the SWA5000. They wanted both SWA5000 and SWA5000b to have the same synced copy managed by the Management appliance.

    The settings are found under Network/Hostname/Upstream Proxies/Advanced options.

    It would be nice that upon joining the SMA1000 with the first appliance, that the option to upload the proxy list to the SMA1000 be allowed
    and then for the SMA1000 to have a configuration area for the same to push out to all web appliances in the management pool.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow individual users to be able to download certain extensions from individual websites

    We would like to be able to allow individual or a group of users to be able to download a file type from a certain website only.

    for example if ZIP files are blocked from being downloaded, however we have three users that often download from dropbox. We would like to allow these three users to be able to download ZIP files from dropbox only.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email alert when a set threshold of High risk sites have been visited.

    The appliance should generate an email alert when a threshold(configurable by the administrator) of High risk sites have been visited. This should take in account for sites categorized as High Risk by Sophos as well as if the user overrides the category via local site/additional policy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add web application for "Cloud and NAS solution"

    Requirement to block home cloud / home NAS solution websites from the corporate network. Some of these like Mynetgear.com is classified as a ‘Business’ site. A lot of vendors have similar websites to access storage solutions at
    home or other networks.

    Can we able to add these on web application under default policy

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Email Alert when traffic drops below threshold

    We would like to have a new Email Alert Option for when web traffic (i.e concurrent users, throughput, latency, etc.) drops below a selectedThreshold during set hours.

    If there is an error/misconfig in either PAC file or GPO settings that is supposed to direct endpoints to the Gateway, traffic will gradually start dropping and it could be days or weeks before the error is discovered. This could lead to a malicious download that would have been blocked had the traffic correctly gone through the Gateway, as happened to us.

    An email alert for this reduction in traffic will enable administrators…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. realtime website browsing alerts

    Being aware in real time of visited web sites that have malicious code, virus’s or other security issues means we can react quicker to block these sites at the appliance.
    If a site has been infected then blocking it before access is paramount as other yet unknown and undetectable infections may also reside on that site. In much the same way as SAV alerts in real time, having admins informed of infections in real time is critical.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add the possibility to create local user

    Allows the option on Sophos Web Appliance to create and manage local user. In some case, it is not possible to create AD user so a way to create local user on Sophos Web Gateway is needed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  20. create exception for for specific domains in AD SSO

    Create exception for specific domains in AD SSO in which this domains will automatically redirected to Captive Portal

    This would be helpful to the customer's set up in hospital in which they use shared PC in which once they enter this specific domain it will automatically redirected to Captive Portal

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.