Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Reporting: Reports for a specific website for a specific group

    Customer would like to be able to have scheduled reporting on a specific group for a specific website.
    So they only want a specified website in the report for who ever accessed it within the group.

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
    • Better security on web admin gui access

      Customer observed some vulnerabilities of Sophos Web Appliance which make it a high risk for hacking.

      1. Access to Sophos Web Console - Since the IP address of SWA written in the
      Proxy settings of the Internet browser, it is very much simplier to copy it
      by any user and will just type in the URL
      https://x.x.x.x (x.x.x.x - IP address of the SWA written in the Internet
      Browser proxy settings). We suggest that access to SWA console must be in
      different port (example:
      https://192.168.1.100:4434)

      2. Unlimited attempt to access accounts in the Sophos Web Console - We don’t …

      6 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        2 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
      • Reports summarized by organizational departments instead of individual users.

        per case 3727737

        This would improve delivery of reports to upper Management as they would like to see more breakdown of reports by department as they have no idea which department the user works in. Having this breakdown can help management drill down to specific departments.

        How would you rate the importance of this feature?; 1 = Critical, 5 = Nice-to-have:4

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
        • Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed

          Allow creation of Additional Policies and/or Local Site List Entries that allow specific downloadable file types to be allowed or disallowed on a per site/per user basis. In other words, permit Bob and only Bob to download MSI files from microsoft.com and only microsoft.com.

          2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
          • Improve streaming media on iOS devices.

            As per support request 3725151, streaming media will not play unless the site is set to trusted on the web appliance's local site list. This is getting very cumbersome to manage with the amount of sites now containing streaming media.

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
            • "Download Options" configurable in user policy

              Allow download options need to be set at the additional policy level and not at the current global policy setting level.

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
              • AD: Custom schedules for AD Sync

                When adding new users to groups that are used in Additional Policies we have to manually Sync Directory Services to reflect this group membership change. We would like the ability for an Administrator to define a schedule for Active Directory Synchronization.

                2 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                • Reporting: Report on Uncategorized Web Sites

                  This will over time provide meaningful management reports on usage patterns based on category classification of sites visited. With the proposed approach from a company perspective if the identification and classification of uncategorised sites of the most common sites (say top 10%) if this was automated overtime your classifications will have higher classified detection rate.

                  per case 3616231

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                  • Policy: Block users from Streaming Media or video regardless of site Category

                    We would like to block users from accessing Streaming Media regardless of the site category. we are currently blocking users from Streaming Media through the categories on default policy. The issue I have with it is that the web appliance doesn’t block videos on different categories websites. Example: www.mlb.com is a category Sports. This website contains videos which is considered streaming. We cannot block just the video portion of the website. We have to either allow or block the entire website. We would like to just block video and allow the text of mlb.com.

                    3 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                    • More detailed download reporting

                      We've had a customer request the ability to drill down further in the download reporting in Reports > Policy & Content > Downloads as at current the actual downloads / users cannot be viewed, only the size of downloads for a specified period.

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                      • Web Appliance: Allow skype with the HTTPS Scanning on

                        When HTTPS scanning is enabled, Skype fails to work because it is trying to send non-HTTP traffic over the SSL tunnel.

                        It is essential to be able to scan https sites and also essential to be able to support messaging apps, in particular Skype and iMessage. For Skype – maybe even setting up a simple SOCKS proxy on the Web proxy might do the trick, we do not need to examine or track the contents of the Skype messages." case 3693911

                        24 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                        • Include HTTPS transactions in the Site Visits By User report.

                          When HTTPS scanning is not enabled, the web appliance has no ability to see what goes on in that tunnel once the HTTPS connection has been established. This means that we can see the initial connect but not what requests were made or the bytes associated with any further requests made inside that tunnel. For this reason, I understand a design decision was made not to include any HTTPS traffic in that report.

                          Customer has requested that we provide the option to include this type of data in the Site Visits by User report even if the accuracy of the…

                          2 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                          • Option to remove old connected endpoints

                            We've had multiple customers requesting the option to remove old endpoints from the connected endpoints list on the WSA.

                            7 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              1 comment  ·  Web in Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                            • Include Sharepoint into the data leakage component of the web appliance

                              The company regards security as
                              it's upmost priority, holding major contracts with the MOD. As such the company
                              needs to demonstrate good risk management, especially regarding the threat of
                              data leakage. As more and more partners work in collaborative environments and
                              require our employees to access these environments the company feels some level
                              of control is required. Currently these environments are not recognized by the
                              Sophos appliance as threats and consequently gives no access
                              control.

                              3 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                              • Define custom filetypes

                                A customer of ours has raised a request to be able to block custom filetypes, for example - defining ".nzb" files as an additional filetype to be blocked or warned against.

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                • Display an 'Acceptable Use Policy' page without requiring login

                                  Our customer is currently using WebMarshal for their web filtering solution and will be moving to the Sophos Web Appliance. One of the key Information Governance requirements is that they currently have a landing page when a user launches IE which advises users of the acceptable usage policy for web browsing over their network. This landing page is only displayed once every 24 hours per user session.

                                  I believe there is no equivalent with the Sophos Web Appliance unless you use the 'Captive Portal' option which would prompt the user for authentication before they are allowed to Web browse.

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    1 comment  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Consolidate update alerts for managed appliances

                                    I’d like to put in a feature request wherein web appliances that are connected to a central management console only email out once with a list of appliances that have not updated rather than each and every box sending an email every night.
                                    The current system is very loud and annoying to those who don’t subscribe to automatic updates and I think the same point can be made with just one email.

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Admin can choose not to trust default trusted sites

                                      Can we have a button which gives us an option to turn on/off the defaulted trusted sites set by sophos labs.

                                      Reason being if a customer has setup a rule to say block all exe , if the site is default trusted by labs the user can download the exe. Some customers do not want any site trusted.

                                      4 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Categorization: Dynamic categorization for objectionable content

                                        Dynamic categorization is required to allow blocking of sites that contain objectionable content but are not categorized as such.

                                        For example, in some cases customers find that allowing Uncategorized sites exposes users to objectionable content, but blocking Uncategorized sites blocks sites they need to access.

                                        There are also situations where objectionable content might appear on categorized sites, which can be particularly problematic for school environments.

                                        17 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
                                        • "Allow user feedback" that is anonymous

                                          The American Civil Liberties Union successfully filed suit against a school district for not allowing anonymous submission for changes to blocked web sites. I am requesting that under “Allow User Feedback” that the request come in anonymously even when Active Directory / eDirectory authentication is enabled.

                                          What would you like this new feature to be/do? Allow anonymous submission for changes to blocked websites when “Allow User Feedback” is enabled and LDAP authentication is enabled.

                                          How will this new feature address your business requirements? It will allow us to comply with the legal requirements of the United States and Washington State.

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.