SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 18 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      4 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • Editable notification subject for admin notifications

      Please make the admin notifications subject editable.

      Some service-systems can't handle the square brackets at the notification header.
      Customization for the design of this header would be helpfull in those cases.

      (btw. it would definitely help already, if there would be just one dropdown field, where you can change the square brackets into a normal bracket, a pipe or a simple slash).

      Thanks
      Felix

      8 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
      • DNS over TLS

        Please implement support for DNS over TLS queries to supported resolvers (like the new Quad9 resolvers). Very important privacy feature, imho.

        46 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          6 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
        • Update SSL VPN to newest OpenVPN version.

          MacOS users with the newest version of Tunnelblick are starting to experience compatibility issues with the current OpenVPN version used by SSL VPN.

          8 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
          • SPX in SEA and UTM - support fo Russian and Azerbaijani languages in PDF

            Hello!

            At this moment SEA and UTM support the limited number of Languages

            https://docs.sophos.com/msg/sea/help/en-us/msg/sea/concepts/ConfigPolEncryptSPXMain.html?hl=spx%2Clanguage

            We highly need the support of Russian and Azerbaijani languages in PDF, this need for tens of thousands users.
            It's one of the killer features in SEA / UTM.

            5 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • Email Protection : TLS Version and Ciphersuite selection

              Dear Sophos Team,

              please add an TLS Version selector to the Email Protection settings, like it's already done in "Webserver Protection > WAF > Advanced".

              In addition, please add an Ciphersuite Selector, so advanced users can specify further down which ciphersuite ( ECDH-* / DHE-*/ AES-*/ .. / ) they want to use.

              21 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                3 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • fornite

                Add the application Fornite in the games list to be able to block it.

                thanks,

                4 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                • Support for TLS 1.3

                  Support the latest version of TLS protocol for improved security and performance. TLS 1.3 is huge step forward for web security and performance.

                  27 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • Different Scheduled Tasks depending on Organization Unit

                    Within SUM, we would like the ability to properly manage Scheduled Tasks using Organization Units.

                    When looking at the objects I can assign to a Scheduled Tasks, I only have individual computers or _Any_. I do not want to manually add firewall to this list everytime I add one to our SUM. the ability to add Organization Units to this window would help a lot with management.

                    4 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                    • Negate Email Malware "File Extension Filter"

                      With the "File Extension Filter" in the Malware tab one can only block specific file types, although having a white and black list would be a major benefit from a security perspective. We'd like to see the ability to block all file extensions by default for incoming email in combination with a custom whitelist that let's us decide which file types we would want to allow passing through.

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • sd wan

                        Please tell us does Cyberoam supports SD WAN Feature.

                        Fortigate UTM supports same.

                        Secure direct Internet access for Cloud Applications for
                        improved latency and reduced WAN cost spending
                        Effective, cost-efficient and high performance threat
                        prevention capabilities
                        WAN Path Controller and Link Health Monitoring for better
                        application performance
                        Security Processor powered industry’s best IPsec VPN and SSL
                        Inspection performance
                        Centralized Management and Zero Touch deployment

                        Our clients are asking for SD Wan feature.

                        Please update us for same.

                        11 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                        • new suggestion

                          The notification from IPS about web browser - MS Edge iare not carried similar to IE or FireFox.

                          This cause tousand of @ from IPS. Normally I can disable such category on Notification Tab, but for exapmle RIG Exploit Kit (Network Trojan) also shares the same category (CRIT-852), which about it I prefer to have awareness.

                          CRIT-852] Intrusion Prevention Alert (Packet dropped)
                          Message........: BROWSER-IE Microsoft Edge SIMD memory corruption attempt
                          Message........: BROWSER-IE Microsoft Edge Array.concat type confusion attempt

                          3 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                          • AD Sync - username change

                            Sadly when the UTM sync users from ad and the username has changed, this is not synced. We would wish to have a sync of everything that´s synced the first time also in future syncs.

                            8 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • Provide an official way to close port 25, 467 and 587 to WAN side of UTM aside from creating DNAT blackhole and disabling SMTP proxy

                              Kindly provide an official way to close port 25, 467 and 587 to WAN side of UTM aside from creating DNAT blackhole and disabling SMTP proxy (since customer is using this feature for outbound mail only)

                              3 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • The mail gateway should have an option to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to anyone before

                                The mail gateway should have an option to modify email contents to append Hyperlink-URLs in brackets after the hyperlink-text so that it is obvious to recipients' before they click that it’s going somewhere dodgy, even on mobiles.

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • SMTP - check sender mail domain

                                  When accepting mail messages, the sender mail addresses, the domain part, are not checked for existence. No queries are made as to whether the domain holds an MX record, for example. This should apply to both address fields, envelope and header.
                                  In this way, fake addresses of stations could be avoided.

                                  4 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • TLS 1.3 inspection

                                    TLS 1.3 makes MiTM difficult and requires more hardware resources but is needed for perimeter devices due to the increasing use of TLS for C2 communication and data exfiltration.

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Fix snmpd.conf to include sysServices

                                      When querying any of our UTM devices running 9.509-3 for iso.org.dod.internet.mgmt.mib-2.system.sysServices _1.3.6.1.2.1.1.7.0_ we receive the error "No Such Instance currently exists at this OID"

                                      This is causing an issue with some network management applications that use the value of sysServices to determine which OSI layers the device supports

                                      At a minimum, the value would need to be "4" to identify the UTM is rulling as a route mode firewall.

                                      # Test on device with unmodified snmpd.conf
                                      snmpget -v 3 -l authPriv -u USER -a SHA -A {Password} -x AES -X {Password} X.X.X.X SNMPv2-MIB::sysServices.0
                                      SNMPv2-MIB::sysServices.0 = No Such Instance currently exists…

                                      4 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
                                      • We need real time bandwidth per ip or user base.

                                        We need real time bandwidth per ip or user base.

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • vpn 360

                                          Add the VPN 360 apps in the list of vpn we can block please.

                                          thanks,

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 171 172
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.