SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Automated VPN Config download for Deployment

    On the webadmin interface under Definitions&Users --> Users&Groups i can download the vpn config for the users. I ned this feature as an automated process, who drops the vpn configurations e.g. once per day on an ftp server or an smb share. This is very important for bigger Companys who must to deploy the ssl vpn client automaticli via Deployment Solution or GPOs to the Users.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  2. Feature Request: Capability to Define the Number of Permissable Concurrent SSL VPN Connections

    I need a way to specify the maximum number of concurrent SSL VPN connections to our AWS SOPHOS UTM9 Security Appliance to meet a NIST 800-53 Rev4 FedRAMP requirement. I am permitted to to allow concurrent connections, but must either limit them to no more than three, or disallow them completely. Since Sophos SSL VPN leverages Open SSL, this feature does not currently exist in the product. It would be very beneficial to our development team if Sophos could implement this feature.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable the ability to Connect VPN site to site tunnels on different local IP addresses

    Enable the ability to select different IP addresses so that you can accept different site to site VPN tunnels on different IP addresses. Possibly a drop down box with the individual IPs in rather than just being able to select external interface

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. change the ssl vpn client to include auto connect.

    I have several larger clients who would like to use the SSL vpn except they require the VPN tunnel to always be "always on" as long as there is internet access. Other vpn vendors such as Cisco permits this behavior.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. notification for SSL VPN connection

    UTM should send notification when someone is connecting on remote access SSL VPN

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. Czech keyboard support for HTML 5 VPN portal (RDP, SSH)

    Add Czech keyboard support or transfer local keyboard layout to RDP and SSH sessions.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  7. Mobile access via ssl, hide Mobile Client/download

    it must be possible to hide the download of mobile clients from the PlayStore / I-Tunes in the userportal

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. Failed logins displayed WAN IP

    when failed logins UTM gives a log by WAN IP - suggest must have a way to find out or masked the WAN IP from the AD users when connecting. Thanks!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  9. Notification OTP session time out

    By default VPN session is droppedafter 8 hours when OTP token reaches end of validity. Causing loss of data for users. Suggest a 5-10min popup warning from the VPN session icon in the system tray so user can save data and close session and then open renewed OTP VPN session.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  10. Use of the per app VPN for SMC Central via UTM as a VPN Gateway

    Please can we look into the possibility of being able to have Central SMC and UTM - Using the Per App VPN Option and the UTM as a VPN Gateway

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  11. HTML5 VPN Portal: Support for Windows RDSH Servers which are member of a RDSH Farm using a RDSH Broker

    Sophos UTM 9.201-23 does not allow you to publish a Windows RDSH Server Farm using the HTML5 VPN Portal. The vast majority of our users would only need access to the RDSH Farm and therefore would never need to install a VPN Client if the HTML5 VPN Portal could handle using Remote Desktop Protocol to a Windows Remote Desktop Session Host Farm. The initial login screen loads without issues. However, as soon as the user successfully logs in, the connection redirection to a different member of the farm breaks the connection. The HTML5 VPN Portal is not understanding that the…

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. Multiple AWS VPC site-to-site VPN connection

    If you have multiple accounts to AWS. And you need to have site-to-site VPN to different AWS VPC, you can't dot it in UTM9. You are stuck with only one connection to one account VPC.

    This is really drawback of UTM9. Have to find a solution, otherwise I will discontinue with UTM and go for another product which allows this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  13. add sslvpn option for domain search in addition to domain

    add openvpn option for domain search in addition to domain using "dhcp-option SEARCH" to allow for resolving multiple domains on a vpn connection

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  14. SSL VPN - Connecting for authentication before logging into user profile

    like the native Windows VPN (PPTP) connection that allows you to connect through VPN before logging into any profile.
    This allows us to remotely create profiles on domain computers that are at remote sites.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  15. Update Web Browser for HTML5 VPN

    The HTML5 VPN web browser is Firefox 17.0.

    This browser is literally more than 4 years old, at the time of this suggestion. It has many known security vulnerabilities, and is not compatible with a great many newer sites. This absolutely needs to be updated, and kept up-to-date with firmware updates. Using a 4-year-old browser in current firmware is beyond unacceptable.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  16. Autocreate Users on VPN Authentication

    If a user is not a local user, and authenticates via radius to connect to the VPN, that user will not appear in the "Online Users" list that's presented when an Admin clicks the Remote Access item in the menu. Allowing VPN connection to autocreate a local user record, as logging in to the user portal or web admin does, would fix this. Thanks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add new feature to Sophos UTM VPN that extracts the last login date of users.

    We have been managing many users on the Sophos VPN. We face a challenge on day to day basis, and that is, we are not able to restrict the users' access who have left the organization or are not anymore, a part of the team and that is primarily because we are not able to track the last login date of users.

    If you add the new feature to UTM that would extract the last login date of the users, we plan to lock the user's access who have not logged in to the Sophos for a stipulated period of…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  18. Configure Dead Peer Detection based on connection

    Currently Dead peer detection (DPD) for IPsec connections is configured under 'Advanced' and can be only switched off for all connections. There is no technical reason to do so because the underlaying strongSwan allowes configuration based on each connection. Image a large installation with over 50 VPNs and only one remote gateway where RFC 3706 is not correctly implemented. Please move this option to 'Connection' or 'Policy'.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  19. openvpn ssl vaidates against cn should validate against fingerprint

    openvpn ssl validates against cn should validate against fingerprint or the whole certificate - if i lost my laptop and password - delete user from utm and readd with the same cn - i can still remote in using ssl

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  20. create some OpenVpn like SSLCLient, without any configuration

    It would be great if it was possible to get an unconfigured copy of the SSL VPN Client (like the openvpn client) so it can be preinstalled on computers in MDT/WDS, and the VPN config file would be implemented afterwards.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.