SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
RED: Add power-over-ethernet (PoE) to RED appliances
Our company uses PoE VoIP telephones. It would be a nice feature to be able to plug a PoE VoIP phone directly into the Red. This would provide much needed connectivity for our road warriors and employees that work out of their homes. Money would be saved since we wouldn't need to pay for dedicated business lines. A bonus would be that many commercial wireless AP's support PoE as well.
46 votes -
Splitting ports through RED tunnels
It would be very nice if we had a feature to split ports (TPC/UDP) to pass through the RED tunnels. For exemple: Ports 80/443, should pass through RED tunnel, to be handled by Web Filter, and any other port will pass directly to the local internet link.
1 vote -
Implement RED 802.11 Port Security
Implement 802.11 port security on RED. RED device would pass authentication requests to the UTM or another NAC server for validation. This would allow only trusted devices to connect to the RED and pass traffic to the UTM.
3 votes -
RED: 1:1 NAT Support for RED devices
two remote LANs with the same IP range/netmask cannot be connected to the same central ASG by using RED devices in the remote offices. ASG wouldn´t be able to route the traffic on the central ASG correctly.
All examples have in common (which is likely), that several of the "remote LAN's" will have the same IP ranges (e.g. surely 192.168.1.0/24 and 10.1.1.0/24 will be used often).
As the RED device bridges the LAN to the central ASG, there is no possibility to route the network traffic correctly on the central ASG.
So we need a SNAT/MASQ mechanism on the RED…
42 votes -
Comment field for REDs
Would be great to have a comment field for every RED-box. Everytime I want to know, which device is online, I have to copy the ID and go to my Excel-Sheet. Would be very nice to put some details in a comment field, like location, branch-office or what else...
2 votes -
Hardware: Support for Huawei e303c USB 3G Dongle for RED devices
Add Huawei e303c USB 3G Dongle to the compatible list for RED devices.
3 votes -
RED: Hardware USB Security Dongle
Dongle support for RED, which allows you to place a special file on a USB drive (generated by the ASG) which will only open the tunnel only in case the dongle is plugged in the USB port; so the RED can be left at the location without risking invaders.
If you want to physically restrict access to the RED (such as going home) you bring the dongle with you.
3 votes -
Reporting: Display 3G / UMTS line usage for RED
It would be nice to have an Report about all the REDs and how long they use the failover 3G connection. This would be helpful to reduce costs with UMTS-Dongles with on demand contracts and to debug problems with the primary connection.
6 votes -
RED: Kensington physical lock for RED devices
Protect your RED device from theft with a physical cable like you can with notebooks This is one way to secure this small device better
4 votes -
RED: NAT / Masquerading Support
Add Masquerading Support for RED Devices. If someone has RED devices in Split Mode in use, and surf locally (without filters / security) this only works on routed / NAT'ed uplinks. Cable modems or 3G / UMTS Sticks do not allow traffic directly to Internet due missing Masquerading (Internal vs. public IP)
3 votes -
some RED debugging
for a working RED, the ASG Webadmin should show currently connected USB devices (=UMTS sticks or...) in the status screen - for debugging, "is a stick connected" as well as "which stick is this?" and "is it recognized/supported by the RED firmware?" would be helpful.
4 votes -
RED: Configure UTMS/3G failover (or keepalive)
At the moment it is not possible to use multiple failover options for UMTS. This means that it can take up to 2 minutes for the UMTS to startup if the wired line fails.
I have some customers which want to use the RED and also would like to use the failover, but it needs to work quicker.
It would be a good enhancement if the client gets an option how long the Astaro will wait till the failover takes please, and has an option to keep the UMTS connection open(to help reduce connectino setup time)
10 votes -
13 votes
-
RED: Power over ethernet support
A powerswitch via ethernet would help to reset a red.
2 votes -
RED: Configurable port for communications
If the RED could communicate (establish a VPN) on a port other than its default, this would allow easy integration into a network with a locked down firewall without having to involve local IT resources.
Since ports 80 and 443 are often left open in small network environments, the device could be even more easily drop-shipped for installation.
5 votes -
RED to working thru captive Portals
I travel alot... and I would love to extend my network into my hotel room. Systems like iBahn, which is found in alot of US hotels use a captive portal, RED needs a way to work with those portals and then connect to the gateway unit... even if it means a little web app in the unit its self... PLEASE work on this...
5 votes -
RED: Uplink via WiFi
RED rocks. It's simple and it works. I would like to see an option where the uplink would not have to be a hard cable to an Internet connection. Make it an option where the WAN link could be WiFi
18 votes -
RED: Notify of Duplicate Networks
While playing around with RED, we've recently had the problem that we accidently used a network 192.168.x.x/24 for the RED network that was already used for another VPN connection. That caused some trouble because we could not find why we did not get a connection through RED.
So it would be great if Astaro could implement a feature that checks if a network is already used somewhere (VPN, routing, etc.) and throws out a warning if someone uses it elsewhere.
3 votes -
Troubleshooting for RED
to be able to do basic troubleshooting on RED devices it would be fine to include CLI access and some basic commands like:
tcpdump
traceroute
ping
telnet (for Port checks)
...this would be fine, if something fails between remote location and central device. It would be nice to be able to prove functionality for other involved parties.
12 votes
- Don't see your idea?