Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow or block user agent strings in HTTP headers

    For customers without our Endpoint Application Control, provide the ability to allow or block user agent strings in the HTTP headers to control applications like web browsers, etc.

    This has been requested by a 3,500 user Government prospect

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to block content based on YouTube content / category rating

    Similar to Youtube for Schools, allow customers to allow or block based on YouTube content / category ratings. This has been requested by a 3,500 user Government prospect:

    https://support.google.com/youtube/answer/146399?hl=en

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  3. Proxy: Selectively specify Upstream proxy

    Ability to specify "direct" in the selective UpstreamProxy setting to disable a general Upstream-Proxy

    If a general Upstreamproxy is set, you can not specify single hosts for direct access.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  4. Alerts: Specify SMTP Port Used by SWA for Email Alerts

    We have created a new port different than 25 for SMTP traffic to help keep that port secure and standard for a few systems that we have. This port number also currently
    requires some type of authentication to access this port. We did create a secondary port that allows anonymous SMTP traffic to pass through the Exchange server. Unfortunately there isn’t any current method of applying authentication to the Web Appliance or altering the SMTP port. Seems like this was just looked over as a feature since we can even change the port and authentication methods with other pieces of…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  5. HTTPS Scanning: Opt-in selection by site or category

    I would like to request the ability to choose which web sites HTTPS scanning is applied to.

    At the moment the only option it to turn HTTPS scanning on and then compile a list of exceptions.

    We had been running our SWA (Sophos Web Appliance) environment without HTTPS scanning for a year. However a few months ago Google changes the way their search page worked and redirected all
    traffic to a secure HTTPS version of their site.

    This change forced us to switch on HTTPS scanning as it was the only way that we could continue to enforce Google Safe…

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  6. Local Site List Alerts When Entry is Redundant

    The idea would be to automatically, periodically review the Local Site List entries and flag those (with a check box option to autoremove?) entries that are no longer needed as they no longer differ from the Sophos provided data. This would primarily impact LSL entries to set a category for uncategorized sites that are subsequently categorized. This would assist admins to reduce the number of entries in their local site list.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  7. Direct URL Submission to Sophos from the Admin GUI

    Include the ability to submitted a recategorization request to Sophos directly from the Search -> User Submissions -> Sites page. This would make it much easier for admins to submit URLs to Sophos.

    This could be expanded to provide management capabilities for these requests. If sent to Sophos, they go into a submitted state, checked against the data periodically and then moved to a completed state once the categorization has been updated.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  8. Include Local and Sophos Data Results in the URL Tester

    Currently in the SWA admin GUI, the "Test URL" input box provides output regarding the current risk classification and categorization. This result includes any changes done in the local site list. Customer is requesting that we display both the current local overrides and the current Sophos data results if they are different.

    This would assist customers in determining if their recategorization requests have been successful with out viewing each entry under the local site list page.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  9. Provide Automated Feedback to Customer Regarding their URL recategorization Request

    Several customers have taken issue with our URL recategorization page:https://secure2.sophos.com/en-us/threat-center/reassessment-request.aspx and the fact that they receive no feedback regarding their requests. They would like to be notified when the request has been processed and information regarding if it was approved or denied. Other vendors do provide this feature.

    26 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow exclusions when defining networks by CIDR range

    We would like to add CIDR to a local subnet, but to be able to exclude a specific IP address or a subset. For example

    1) 192.168.0.0/24 -192.168.0.65
    - which would add 192.168.0.0/24 range to the local subnet, except for 192.168.0.65 (for a single appliance).

    2) 192.168.0.0/24 -192.168.0.12-16
    - which would add 192.168.0.0/24 range to the local subnet, except for 192.168.0.12 to 192.168.0.16 (for multiple appliances in the same subnet for load balancing / fault tolerance)

    The alternative is to add in all the included addresses in the CIDR range individually, which is time consuming.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  11. Disconnect currently logged on user from using the internet

    When a user is connected through the web appliance to internet, it sometimes is useful to be able to immediately disconnect him.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  12. Category request: Split the Proxies & Translators Category

    Customer requested that these two items be split into separate categories as they would be unrelated for the most part.

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  13. Report: Browse Time By Site

    Browse Time By Site which will allow us to show the browse time for each user for a particular site

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  14. Proxy: Support for TLS 1.2

    Support for TLS 1.2 connections in Web Appliance.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  15. WCCP: Specify alternate service IDs for HTTP and HTTPS

    When configuring WCCP, the admin should be able to specify an alternate service ID for use with both http and https, without contacting Sophos support for assistance (currently only available with http redirect).

    We have implemented WCCP with an ASA firewall. It only supports service IDs to be used once on the appliance. When configuring WCCP on multiple interfaces, alternate service IDs are required.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to remove authentication from captive portal and present a web usage policy to accept/deny instead

    Feature Request Summary: Modify the Captive portal to allow and accept/deny button instead of the username/password field.

    What would you like this new feature to be/do? I would like to have to ability to control whether I want to present a user/pass or accept/deny depending on my application. For example, I’d like to pass my guest VLAN traffic through that, and present a terms of service and then accept/deny, but would like my SSO to fail over to the captive portal
    with the ability to login for users that SSO fails for.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  17. Policy: Option to reset the default policy or choose from pre-defined policies

    We would like to be able to reset the default policy to defaults and to have some pre-defined policies to choose as a starting point for building up their own.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  18. Reporting: Produce a Web Appliance policy report

    It could be very interesting to export the policy configuration stored on WS on pdf or xls, csv format in order to analyze the global behavior on wide environment. Actually the XML files exported by backup action are not human readable!

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  19. Category: CDNs

    We have always had an issue with websites which use CDN ( content Delivery Network) to host their media.
    Majority of the times the sites are incorrectly categorised and we would need to go through the tedious task of sending a request for it to be reviewed. More often than none, these request get rejected and we need to put a manual override
    in place.
    Would it be possible to create new category called CDN so we can out a default access level and avoid any future issues with sites with CDNs.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  URL Categorization  ·  Flag idea as inappropriate…  ·  Admin →
  20. Proxy: FTP Filtering via Sophos Web Appliance

    We would like to get visibility over native FTP traffic, not just FTP over HTTP. Some organizations still make extensive use of FTP to share files and data with customers or suppliers.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.