SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. DNS over TLS

    Please implement support for DNS over TLS queries to supported resolvers (like the new Quad9 resolvers). Very important privacy feature, imho.

    30 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      4 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
    • 7 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        2 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • AD Sync - username change

        Sadly when the UTM sync users from ad and the username has changed, this is not synced. We would wish to have a sync of everything that´s synced the first time also in future syncs.

        7 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
        • Fix snmpd.conf to include sysServices

          When querying any of our UTM devices running 9.509-3 for iso.org.dod.internet.mgmt.mib-2.system.sysServices _1.3.6.1.2.1.1.7.0_ we receive the error "No Such Instance currently exists at this OID"

          This is causing an issue with some network management applications that use the value of sysServices to determine which OSI layers the device supports

          At a minimum, the value would need to be "4" to identify the UTM is rulling as a route mode firewall.

          # Test on device with unmodified snmpd.conf
          snmpget -v 3 -l authPriv -u USER -a SHA -A {Password} -x AES -X {Password} X.X.X.X SNMPv2-MIB::sysServices.0
          SNMPv2-MIB::sysServices.0 = No Such Instance currently exists…

          4 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
          • Email Protection : TLS Version and Ciphersuite selection

            Dear Sophos Team,

            please add an TLS Version selector to the Email Protection settings, like it's already done in "Webserver Protection > WAF > Advanced".

            In addition, please add an Ciphersuite Selector, so advanced users can specify further down which ciphersuite ( ECDH-* / DHE-*/ AES-*/ .. / ) they want to use.

            8 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • Support for TLS 1.3

              Support the latest version of TLS protocol for improved security and performance. TLS 1.3 is huge step forward for web security and performance.

              17 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • email appliance: "search export" scheduled and sent by email

                the ability to schedule and export search results in the email appliance "search" section to excel or similar format AND send it via e-mail to an smtp address

                3 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                • Add Intelligent Notification for IPSEC Tunnel Up/Down

                  Hello Sophos,

                  For many of our customers, we had configured a number of IPSEC Tunnels and enabled the notification when a Tunnel goes Up/Down. Due to Dead Peer Detection (DPD) the tunnel going down due to inactivity and coming up again, Which sends a number of Up/Down notifications which are useless for us.

                  1. Shouldn't Sophos be smart enough to recognize the status change is due to Dead Peer Detection and do not send a notification?

                  Or

                  2. An alternate solution to the problem is if you can introduce an alert which sends a notification only when a tunnel is…

                  26 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                  • Logging : Modify the form of the logs sent to syslog

                    For Webserver Protection, the ability to add or remove fields from the logs to be sent to the syslog server. (for exemple, the field about "cookie", which contains a number of important characters)
                    But also to be able to modify the number of characters of a request so that the logs are not truncated

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
                    • Add newo

                      Add plugin or client for SPX encryption for Post Office Client
                      -GroupWise 18
                      - Webmail Outlook
                      - Lotus Domino
                      - GroupWise Web Client

                      4 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Generate Report For Blocked Websites Visited

                        Generate Report For URL of Blocked Websites Visited under Web Filtering Reporting

                        2 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • sd wan

                          Please tell us does Cyberoam supports SD WAN Feature.

                          Fortigate UTM supports same.

                          Secure direct Internet access for Cloud Applications for
                          improved latency and reduced WAN cost spending
                          Effective, cost-efficient and high performance threat
                          prevention capabilities
                          WAN Path Controller and Link Health Monitoring for better
                          application performance
                          Security Processor powered industry’s best IPsec VPN and SSL
                          Inspection performance
                          Centralized Management and Zero Touch deployment

                          Our clients are asking for SD Wan feature.

                          Please update us for same.

                          4 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                          • SAML2 for XG firewall

                            It would be nice if the XG Firewall products would support SAML2 for SSO "as service" able to contact 3rd party "Identity provider" for authentication

                            2 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                            • Secure & Up-to-Date Password Storage for Internal Users

                              Hi there,

                              currently, passwords of internal users are stored as md4 hashes. According to Wikipedia, this hash function was already severely broken 10 years ago: "As of 2007, an attack can generate collisions in less than 2 MD4 hash operations" [1]. IMHO, this is a severe security issue, especially for a security device such as a firewall.

                              While it's technically true that access to password hashes requires administrative access, those hashes should still be protected, even in case of compromise. This also facilitates insider attacks, and so on...

                              Therefore, I strongly suggest that password storage follows well-established security principles: Use…

                              16 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                              • Purely Block YouTube Mobile App in Sophos UTM

                                Sophos UTM Application Control cannot block YouTube Mobile Application Purely After New YouTube Updates.

                                3 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                                • Web admin notification via SUM

                                  When logging on an UTM via SUM, the Web Admin Login Event info-005 is not triggered and there is no mail.

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                                  • New hardware ! New HCL

                                    For a long time there was no update on compatibility of iron. The new hardware already has already updated equipment with new drivers. Please add drivers for Lenovo SR530,

                                    1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add OSPF Interface Mode "passive".

                                      Add OSPF Interface Mode "passive". This is a Basic OSPF Interface feature which put the Interface Network into the OSPF but not usinf the Interface for route Distribution. There should be three modes "active,passive,disabled" .

                                      6 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Client Isolation between Clients connected to same AP

                                        Actually there is only a client isolation between Clients which are not connected to same Sophos AP.
                                        There should be a solution where all clients are isolated, even when they are connected to same AP.
                                        Meanwhile the restriction should be mentioned in the online help of wireless protection.

                                        1 vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Huawei P8 Lite Fitbit Flex Connection 2

                                          Huawei P8 Lite Fitbit Flex Connection 2
                                          Hello
                                          A friend recently gave me her old bracelet Fitbit Flex 2. It is reset but we are unable to connect it to Bluetooth with my Huawei P8 Lite while we get there with other devices... Have you ever encountered this problem? Solutions?
                                          Thank you, everyone.

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 169 170
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.