Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Secure Web Gateway

Suggest, discuss, and vote on new ideas for Sophos Web Gateway. Complete web protection everywhere.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow access to specific URLs with the rest of the domain blocked

    It should be a feature to be able to allow access to certain pages within domains that are blocked.
    For example block google docs as a whole but allow access to a specific URL for access to a document without having to open up access to the whole of Google Docs.

    3 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
    • Bandwidth Throttling Based On Category

      It would be very helpful to be able to throttle bandwidth usage to sites in certain categories.
      For example limiting the bandwidth to sites such as YouTube.

      3 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
      • Notification page should show either tag or no reason at all instead of initial category

        When using tags for blocking specific sites, the notification page shows the initial site category, but not the tag.

        As an example - a customer blocks websites of TV channels - e.g. www.galileo.tv - on the basis of a tag "Block_TV_Sender".
        www.galileo.tv is originally categorized as "Business", which is a category the customer doesn't block.
        With the customers setup a user sees a notification page "Reason: Business Sites are blocked" when requesting www.galileo.tv, although Business Sites are allowed, but "Block_TV_Sender" are blocked by tag.

        It would be usefull to either see the actual blocking reason, or no reason at…

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
        • email appliance Customising Message size exceeds fixed limit

          Is possible customising error message "Message size exceeds fixed limit"?
          Thanks

          1 vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Ability to add an Image as a Footer on Outgoing mail. The image file in the form of .jpeg, .bmp, .png, etc.

            We want the ability to add an image footer to advertise an event such as an exhibition to all outgoing email.

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
            • sharepoint

              Support sharepoint in controlled web application.

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
              • Sandstorm "Suspicious Downloads" link on Dashboard

                When clicking "Suspicious Downloads" in the "Sophos Sandstorm" section of the Dashboard, the link should lead to a report showing the file names and according URLs of these suspicious files, and also the user who requested the file.

                3 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                • Local site list: Select all

                  The ability to select all, even from a filtered point of view would be very helpful when dealing with large amounts of sites per TAG

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                  • Local site list: Update sites not just add

                    The ability to not just add single or multiple but update too. For example updating the TAGs for the site on mass.

                    Currently this involves deleting the entries and readding the entries which can cause down time

                    My example is the Office365 IP/URL list. Updating these to Custom category, over 1500 entries.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                    • Office365

                      Create a TAG that updates with the IPs and URLs of Office365 by product, eg EXO, LYO, Identity, etc

                      This will prevent a manual task of allowing IPs or URLs almost daily for services, or equally removing those which are no longer in use.

                      There is an XML available on MS that provides this info with all updates.

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                      • Splashtop App

                        Dear All,

                        We installed Sophos Web Gateway on a computer and we use Splashtop Business to connect to other remote computer.

                        For this Computer, we want to block all the connections except the access for Splashtop.

                        So, we created a Policie, and blocked all the settings except Splashtop.

                        We had the Ip address and the domain of Splashtop's servers but he changes many times.


                        I don't want to add every months the new ip address or the domains.

                        is it possible to Add Splashtop Business in App Filters, like Google APP?


                        Thank You

                        Vivien Pegane

                        2 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                        • TLD blocking Function

                          Please add a feature that allows us to block TLD's. Currently we have to manually import a list of TLD's then tag them as being blocked. This also requires us to continuously add new ones as they are released. A feature allowing us to block them and keeping them automatically updated with new ones would be great.

                          2 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                          • LocalSiteList: entries and possible subdomains

                            hi.. due to a customers proposal/feature request:

                            This is how it is at the moment:

                            --> if a LocalSiteList entry for domain.com is created, all subdomains are handled in the according way. So www.domain.com or blabla.domain.com is 'covered' as well.

                            --> if a local site list entry for subdomain.domain.com is created instead, only an exact hit is being treated according to this entry! For example blabla.subdomain.domain.com will not be covered by this entry!

                            It really would be helpful, if someone (adding such an entry) could decide and configure with a checkbox, if subdomains should be covered as well by this…

                            2 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                            • Allow Bridge mode on the VM version

                              Allow the VM version to be built with the bridge mode functionality. Most servers these days come with four or more NIC's, plenty of ports to do bridge mode with a normal server without special hardware. Multiple VM's and host machines can be used for redundancy or some type of manual bypass could be used if the single VM fails. Would allow easier conversion of sites that use bridge mode and also allow them to use this as a backup method if hardware fails and they are waiting for replacement parts.

                              2 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                              • Enable wildcard for subdomains under a fqdn

                                We'd want to allow wildcards to enable local site rules to apply to subdomain names - for example if we add an entry *.nhd.weebly.com or *.s3.amazonaws.com that are allowed in a given policy, then any domain name below that would also have the same allow policy applied, unless explicitly not allowed.

                                For a given local site list policy, if we blocked weebly.com and allowed *.nhd.weebly.com then 123456.nhd.weebly.com would also be allowed without needed an explicit entry.

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                • LastPass

                                  In Sophos Central > Web Gateway > Application Control > Password/License recovery tool section, please add LastPass password manager

                                  4 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Please add "WeTransfer" as WebAppliacation in SWA

                                    "WeTransfer" should be available in WebAppliaction on the SWA.
                                    Please add the Web Application control for this webservice on the SWA!
                                    (Due to customers request Sophtrac 7041991)
                                    Thanks for considering!
                                    Kind regards...

                                    4 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Update HTTPS Scanning onward Hello

                                      Currently once HTTPS scanning is enabled, the onward TLS Hello from the Web filter advertises all available suites, which decreases the security of the user agent configurations. Either there should be a GUI option to remove older Cyphers or the filter should copy the advertised suites from the users client hello

                                      2 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Not blocking many adult websites

                                        web security is very bad

                                        even after selecting option to block adult content, its not blocking many adult websites

                                        http://www.freebunker.com
                                        http://www.imagesnake.com
                                        http://www.imgcarry.com
                                        http://imgprime.com

                                        and may more
                                        please fix it immediately

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Web Appliance  ·  Flag idea as inappropriate…  ·  Admin →
                                        • More Granular Control Over Granting Access to File Sharing Services

                                          Rather than an all or nothing policy it would be extremely useful to be able to have more granular control over the level of access provided for file sharing services such as Dropbox. By more granular I mean being able to provide access to specific folders rather than the whole service. I have been advised by Sophos technical support this is currently not possible hence my request.

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Web Policy (Appliance and Endpoint)  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.