SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Dark Mode on XG v18

    Why not implement the Dark Mode on SophosXG v18?

    Or Just add a customization label under general settings?

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  2. LZO Compression in SSLVPN is deprecated

    Hi,

    the compression used in utm is marked es deprecated. When you use .ovpn file on Mac with "Tunnelblick", you get this warning with a new ordered firewall. uncool...

    https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#Option:--comp-lzo

    54 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Native Windows 10 SSLVPN UWP VPN plug-in

    Can we get a Windows 10 VPN plugin like the other vendors have done to allow SSLVPN over the standard Windows 10 VPN client.

    This would solve all the deployment problems with the legacy client, No more saving passwords in text files, no more TAP adapters, no more messing with shortcuts to make the process transparent.

    Here is an example of how easy deployment is with a plugin to the built in

    Add-AppxPackage -Path "C:\VPN.Appx"
    $xml = "<MobileConnect><Port>4433</Port></MobileConnect>"
    $sourceXml=New-Object System.Xml.XmlDocument
    $sourceXml.LoadXml($xml)
    Add-VpnConnection -Name "Work Network" -ServerAddress https://vpn.work.com:4433 -PluginApplicationID SonicWall.MobileConnect_cw5n1h2txyewy -CustomConfiguration $sourceXml -RememberCredential $true

    You can even configure the VPN connection…

    29 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. Disconnect SSL VPN User Sessions

    If I have to disconnect SSL VPN User Sessions, it would be fine, when I have a button.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. Rename inappropriate HA-terminology

    It's clear, that master/s.l.a.v.e as terminology is negatively predestined. The role could be renamed to something like primary/secondary or maybe also just active/standby?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  6. Please make the ISO installer UEFI bootable

    Some systems no longer support legacy boot options. UEFI is a necessity for these systems. I am unable to install Sophos UTM as a result of not having it be UEFI compliant.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
  7. Vpn for security

    I've been using nordvpn and I love it. Bought a 2 year subscription on one of the Xmas sales. Been using it on Windows and Android, super easy to use.

    There are online comparisons of major plans out there. Be careful though, there is a lot of misinformation / fake news / affiliate sites out there so it's a bit hard to know who to trust. It's pretty technical, but as a start recommend you read https://www.reviewsed.com article on impossible task of creating best of VPN lists. It gives a good overview of some of the issues, and what VPNs…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. TLS 1.2+ support for User and Admin Portal

    UTM doesn't support anything higher than TLS 1.1 For the User and Admin portals. This is a huge security fail for a security appliance.

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. 2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Recommended VPN

    Good Morning, Good afternoon and good evening to everyone out there....

    I would like to get a vpn software as I hope to travel to China in December and would like to be able to access google maps when I'm over there as last time I travelled it was barred. Can anyone recommend any good VPN software to purchase or download ? I already read many reviews on websites like https://www.techlectual.com

    thanks

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support Microsoft Authenticator App for OTP

    Support MS Authenticator App for OTP so customers with Office365/MS365 only need 1 authenticator app on their device

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Reboot AP from command line or crontab (scheduled task)

    I've 3 AP connect to a UTM, i would reboot them but not manually with the aweetool, with a schedule task (crontab, rc.local, shutdown -d [time] ecc..., at the moment do this isn't possible..

    This "feature" is very important for a correct connectivity ofthe AP, because
    every one/two/three months you are forced to restart them manually.
    The awetool is useful but yu need to connect to UTM by ssh, start the tool, find the AP and reboot it MANUALLY.
    Give the possibility to create a crontab for do this wil be very very useful, we'll apreciate it.
    thanks

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. country blocking for crimea region

    Please implement the crimea region in the country blocking options.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. otp

    Fix Password Compatibility Issue

    Passwords ending with 6 or more numbers cause the Auto-create OTP token feature to fail. This limitation should not exist. Until it is fixed it should be noted in the documentation and attempts to use an incompatible password should produce a clear error message

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. WebProxy_SSL-Scanning: Change the Certificate Subject Name...

    Please implement the possibility to change the Certificate Subject Name, for the certificate which is delivered to the clients, when doing SSL-Scanning.

    The Certificate Subject Name is currently the IP address of the requested URL. Unfortunately, a lot of linux systems have a problem, if the Certificate Subject Name is the IP and not the FQDN of the requested URL.

    Could you please change or implement this?

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Quarantine mail contains only reason "File-Extension" but not which extension exactly

    We have configured the system to quarantine emails with certain extensions.
    However, the recipient then only sees the quarantine reason "File Extension" in the notification. It is urgently desired that he also sees directly which file extension it is. The admin only sees this in the mail manager

    21 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Testing E-Mail delivery

    I got problems with sending EMails via my Sophos UTM firewall to specific EMail addresses. The EMail delivery in general works, i got only problems with specific Email addresses. Therefore, an EMail testing feature via web interface (with verbose output) would be great!

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Call 1-888-823-4450 to know about cash app refund

    The reason for refund can vary from sending the money to the wrong person to entering the wrong amount of money into a payment request. There is a specific way to request a refund on the Cash App card. Here we have introduced the detailed procedure to request for refund. But make sure you don’t skip any step so that you can end up getting the refund successfully.

    Tap the Activity tab on your Cash App home screen
    Select the Payment
    Select Refund
    Press OK
    You are likely to get a refund this way. In case you are unable to…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Remove the diffie-hellman-group1-sha1 in ssh service/port-22

    Hi Sophos,

    We recognized that our product is using insecure key-exchange "diffie-hellman-group1-sha1". "diffie-hellman-group1-sha1 is used only has a size of 1024 bits. This size is considered weak and within the theoretical range of the so-called Logjam attack.

    We would like to remove diffie-hellman-group1-sha1 in ssh service/port-22,

    Please kindly provide a step or your action to remove it.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Stop SSL VPN from storing users' passwords in client PC's memory

    Currently the Sophos SSL VPN client logs this warning in its log when connecting: "WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this"

    This appears to be a security risk, since a malicious program could conceivably obtain the user's login credentials.

    I opened a ticket with Sophos support for this, but they confirmed there is no way to make the UTM add this option to the .ovpn files when it creates the client installer bundle for a user. The user CAN manually add it to their .ovpn file, but it's not feasible to…

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 186 187
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.