SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
Web Security: Exceptions support for Unscannable Files
we should add execption for Block unscannable and encrypted files as this field can be enable/disable form http proxy but i think i will always keep it enable and let add execption to user or director (to send and recive password protected file )
7 votes -
Web Protection: Block all file extensions but Whitelisted types
I am able to blacklist .pdf extension but i am not able to whitelist them.
Customers need to only allow some kinds of downloads.
Something like SRC 10.0.0.1 should only be allowed to download http://www.example.com/example.pdf is really complicated.It would be great if i could just specify types of files to allow vs. having to block all the bad ones.
10 votes -
Web Protection: Add a Web Manager (similiar to the Mail Manager)
It would be nice to have a Web Manager interface that is similar to the Mail Manager. It basically would have the same functionality but would be based on individual URLs and sites visited instead of individual emails. It would include the ability to add an individual URL or domain to a global or policy specific blacklist or whitelist in the same way an individual quarantined email can be deleted, released and so on.
Management wants an easy way to add individual URLs and sites to blacklists and whitelists.
2 votes -
Web Security: Customizable Content Filter Override Time
Currently the bypass filter time limit implemented in Version 8 only allows you to bypass a website for 15 minutes. However, according to the Child Internet Protection Act, schools and libraries that receive funding MUST allow all websites to be unblocked for adults for the duration of their session. Currently our Library can not use the Astaro until we can find a way to extend this time limit for staff bypassing websites beyond 15 minutes to approximately 90 minutes. A field where a variable time limit can be entered would be good so that libraries or other educational institutions can…
8 votes -
Web Protection: Per-User Bandwidth quotas by Category
– like entertainment (200 MB), Educational (100MB) etc… usage assignment to users.
4 votes -
Web Protection: Per-Profile "Target Services"
We need to differentiate the services that the Proxy can manage based on Proxy Profile.
10 votes -
Logging: Option for forensic web logging
Very sensitive customers need to log the complete HTTP transaction (the request and response with the HTML provided by web server during the transaction). Even if it's very I/O demanding, it's a key feature that is mandatory to have to chance to sell just WEB Security in government offices, banks and customers that manage classified information
2 votes -
Web Security: Specify Max "Connections" per-user
Limit user connections to proxy with connection exceeded error reported to user. This would be very helpful in educational environments.
1 vote -
Support Multiple streams for Downloads (Download Managers)
Add support to the web proxy for multistream downloads, if requested by the client software ie. Free Download Manager, Getright etc.
4 votes -
Web Protection: Show AV Engine/Version on Block Page
I would like to see the virus engine used as well as the pattern version displayed (or at least the option) when a virus is detected in a download.
1 vote -
Web Security: Content-Blocked Image needs to Scale
Enhance the HTTP so when image content is blocked from a webpage, a scaled "content blocked" image is inserted/injected in it's place. Often web pages have click advertising which gets blocked in the catagories, and you will get just a small X where the blocked image is supposed to be. Some users think that the page has not loaded properly and reload the page. By having have a scaled "content blocked" imaged injected into the stream, it would clearly show the advertising imaged being blocked by the content filter.
4 votes -
Authentication idle timeout
The maximum length of time the user can stay authenticated when idle (not passing any traffic to
the external network).2 votes -
Web Security: Increased Cache Options
i wish to have more configuration options in http/s cache settings.
for example cache all from microsoft updates for x days/weeks/years, cache every gif, jpg, png, css for x days/weeks/years
or do not cache php, asp, js.
14 votes -
Notifications: Notify on Blocked URL by Filter
Whenever a url is blocked by the url filter, have an email notification sent to appropriate admin users to advise who's trying to access blocked content.
12 votes -
Web Protection: Scan Dropbox files
Implement a Dropbox (https://www.dropbox.com/ and similar) filtering and scanning functionality for those that use this type of exchanging files.
9 votes -
FTP Proxy: Profiles Support
i need a ftp proxy profile mode where i can set different profiles for different networks.
6 votes -
Authentication: Support for FTP Proxy and AD/eDir
A big ISP in France asks to have a chance to authenticate users against the FTP proxy (exactly as we do for http proxy) against an external database such as AD.
customer said in this case that no matter if the proxy send to the credential in clear text between user's client and AxG.
12 votes -
Web Protection: "Web manager" for filtered HTTP proxy items
Another idea from a customer:
Similar to the Mail Manager, there should be a "Web Manager" which is allowed to release items that were blocked by the HTTP proxy.Example:
Someone downloads an passwort-protected zip file via proxy. After the download, it cannot be scanned because the file is protected, and is blocked. But the user needs that file. Now the admin would look at the blocked items and release it.3 votes -
Allow Multi-Category White / Black Lists
We need a way to specify more complex content filter rules since the addition of multiple categories.
Allow the content filter to have blacklisted and whitelisted categories at the same time, and allow them to decide which one "wins".
For instance, if a user wants to blacklist Games, but allow Educational, they could. They could also allow Shopping, but block Intimate Apparel. Currently if you select only 1 category, the site will be blocked even if you have whitelisted others it matches.
4 votes -
Reporting: Cache Statistics
To visualize the cache efficiency it would be cool to display some cache stats as cache hit and cache miss percentage, WAN bandwidth savings etc.
This would be a really cool addition to the IMO good caching algorithm in V7.500
20 votes
- Don't see your idea?