Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Website Tags - Options to Warn / Audit

    It would be very useful for testing custom URL tagging if we were able to audit, in addition to allowing and blocking, clicks through to URLs we have tagged. This would allow us to deploy large changes at a large scale with no impact while we observe the potential impact.

    2 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
    • Allow access to specific URLs with the rest of the domain blocked

      It should be a feature to be able to allow access to certain pages within domains that are blocked.
      For example block google docs as a whole but allow access to a specific URL for access to a document without having to open up access to the whole of Google Docs.

      3 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
      • Bandwidth Throttling Based On Category

        It would be very helpful to be able to throttle bandwidth usage to sites in certain categories.
        For example limiting the bandwidth to sites such as YouTube.

        3 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
        • Splashtop App

          Dear All,

          We installed Sophos Web Gateway on a computer and we use Splashtop Business to connect to other remote computer.

          For this Computer, we want to block all the connections except the access for Splashtop.

          So, we created a Policie, and blocked all the settings except Splashtop.

          We had the Ip address and the domain of Splashtop's servers but he changes many times.


          I don't want to add every months the new ip address or the domains.

          is it possible to Add Splashtop Business in App Filters, like Google APP?


          Thank You

          Vivien Pegane

          2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
          • More Granular Control Over Granting Access to File Sharing Services

            Rather than an all or nothing policy it would be extremely useful to be able to have more granular control over the level of access provided for file sharing services such as Dropbox. By more granular I mean being able to provide access to specific folders rather than the whole service. I have been advised by Sophos technical support this is currently not possible hence my request.

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
            • Web Control: Option for live connect in web policy

              When in a large International MPLS connected networks, allow for remote sites to live connect via their local break out internet connection rather than all web browsing traffic being pushed to the appliance via the connected links. Thus being able to benefit from full categorisation and reporting.

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                1 comment  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
              • when the firewall appears, allow it to have a option for turning it on or turning it off.

                When the firewall appears, allow it to have a option for turning it on or turning it off.

                2 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                • When content is blocked, the log should detail the specifics

                  When web content is blocked (IE: mal/jsredir-ae detected) which can be targeted in internet explorer. The specific details need to be shown in the logs. Our own site has such a problem.

                  " Malware detected: 'Mal/JSRedir-AE' at 'www.harrisdigi.com';
                  threat " Without the page loading, we cannot submit the sample. if the call was detailed we could identify the file, script, or offending plug-in.

                  The same issue exists with clients when they report a site that used to be accessible. They request an exception or to turn off the service. this weakens the product.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                  • Enhance the Web Filter Action

                    Dear Sir/Madam,
                    I had a problem with the Filter action and how we can add the URL in “ Allow these websites”. When I checked with the support to troubleshoot this problem . We eventually reached to the point that sometime if I want to allow a certain website like: www.sabb.com, I have also to add additional URL related to this URL like:
                    ssl.google.analystics.com , member-hsbo-group.com and www.googleleadservice.com.

                    I told the support this is not practical way to add to “ allow these websites” , it is difficult to find in the logs every time and find which…

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                    • reconnection the client AV with the Web Appliance and Enterprise Console should be easy

                      Customer have 300+ connected endpoints currently only about 100 are active because of some issue with the GUID’s and SWA not liking existing one. They install sophos ESC via a login script when a machine
                      logs onto the domain. The enterprise console enables Web Control on the endpoints. Enpoint control is enabled on the SWA. This was working for for about the first 6 months on installation then around October 2014 a lot of the connected endpoints in SWA were showing as inactive. Manually uninstalling SESC and re-installing would show them as active again and web filtering would be enforced.…

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                      • Classification of Search-Engine Results

                        The http-proxy should classify search engine links to the classification of the final target site under consideration of the local-site-list

                        Explanation
                        Search Engines have their own URI-Classification. To track user-selection they do not reference the original target URI, but a tracking relocator of the search-engine.
                        This tracking URI should have the same classification as the target URI.
                        When computing this classification value, the proxy should take into account any local re-classifications done thru the local-site-list, and assign this one value to the tracking relocator URI

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                        • Reverse DNS lookup on IP requests.

                          When the customer performs a remote desktop session in TeamViewer it sometimes attempts to connect to an IP address rather than to a URL. When running a reverse DNS lookup on the IP we can see the correct TeamViewer domain (which is allowed by policy but the IP is blocked for being uncategorized).
                          I have special group of users allowed to access TeamViewer servers (for desktop sharing). Unfortunately a lot of TV servers are not categorized, as TV application access them with IP addresses not with names:

                          When a request comes in for an IP address, attempt an RDNS lookup…

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Decomissioned systems running full web control should automatically be removed from dashboard after no activity for some time

                            Automate or add the ability to remove systems that are no longer in use which were previously running full web control from the connected endpoints display within the web appliance dashboard section. Once an endpoint running full web control registers with the web appliance the entry is never removed.

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                            • Display an 'Acceptable Use Policy' page without requiring login

                              Our customer is currently using WebMarshal for their web filtering solution and will be moving to the Sophos Web Appliance. One of the key Information Governance requirements is that they currently have a landing page when a user launches IE which advises users of the acceptable usage policy for web browsing over their network. This landing page is only displayed once every 24 hours per user session.

                              I believe there is no equivalent with the Sophos Web Appliance unless you use the 'Captive Portal' option which would prompt the user for authentication before they are allowed to Web browse.

                              2 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                1 comment  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                              • "Allow user feedback" that is anonymous

                                The American Civil Liberties Union successfully filed suit against a school district for not allowing anonymous submission for changes to blocked web sites. I am requesting that under “Allow User Feedback” that the request come in anonymously even when Active Directory / eDirectory authentication is enabled.

                                What would you like this new feature to be/do? Allow anonymous submission for changes to blocked websites when “Allow User Feedback” is enabled and LDAP authentication is enabled.

                                How will this new feature address your business requirements? It will allow us to comply with the legal requirements of the United States and Washington State.

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Using wildcards in Local Site List

                                  Customer would like to be able to use wildcards when blocking sites. For example, they would like to be able to block all websites with the string "poker" in them.

                                  25 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    3 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Don't see your idea?

                                  Feedback and Knowledge Base

                                  icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.