SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Detect port scans using an XG and automatically block the source IP

    The XG firewall should be able to detect port scans when they occur and then have the ability to block the source IP.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. L2TP over IPsec via IPv6

    L2TP over IPsec is currently only working via IPv4. Please support IPv6 as well.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Sophos Central - Allow file exclusion per computer not just per user

    We want to be able to exclude files from scans on a per computer basis. We have some machines that are running software which is picked up as a PUA. We don't want to exclude the executable from ALL PCs, or from just one user, as other users will use the affected computer.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Pi-Hole

    I'd like to see Pi-Hole integrated into the UTM. Pi-Hole is an application that allows you to filter DNS requests based on settings you can set yourself. Its very light weight and should integrate very well within the UTM.

    17 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sophos Firewall: Probing of PSK into VPN IPsec tunnel for each Gateway by Respond only

    Make it possible to have for each IPSEC Remote Gateway its own PSK if mode is on respond only with same endpoint details

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Security heartbeat for utm 9.x

    It would be great if you iplement the new security heartbeat into the utm 9.x also.

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Packet Inspection of TCP UDP like Palo Alto does - Application Based Inspection

    That ones those spent time with that stuff already know how easy it it, to open connections with BotNet Servers or with any other device just by opening an mos likely "common opened" port. BotNet Control, WebFilter, AV.... cant detect those traffic in most cases. We tested it ourselfs and were wondering that those old well known metasploit traffic is not detected.
    Only the https connection made by metasploit was detected (aprox after 10 seconds) and was terminated. But could be endless reopened for 10 additional seconds and so on.

    Its much more than easy to overcome an Sophos UTM…

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Block IP's using Blacklist/Blocklist Service

    Support the use of Blacklists/blocklists. Note that this feature was requested at link below and apparently Sophos thought that ATP would satisfy the need, however it does not provided the requested functionality, Therefore I am re-posting this as a new suggestion.

    The old suggestion was marked as implemented by the ATP feature; however ATP is not what was wanted and generates too many false alerts. This is the prior feature request: http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/1982075-network-security-block-malicious-botnet-bad-ip-s

    Plain and simple: We want support for blocklists. Such as those found here: https://www.iblocklist.com. I would also like to specify a blocklist per network. So for example…

    97 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    20 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Better Firewall Rule Search

    In the search area, it would help to find a Rule, if we can filter from Source net to Destination net.
    For example: Show me all Rules from internal to DMZ, or internal to Any, DMZ to VPN...

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Expire date for firewall rules

    Firewall rules should have an optional expiry date. This is useful, if a firewall rule has only been approved for a certain period of time.

    With this feature the firewall admin no longer needs to schedule in a separate calendar the removal of a temporary rule and then perform a manual task.

    This results in a cleaner ruleset and less effort for the firewall admin.

    37 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Firewall Rules counter

    Add a feature that is common and very useful on most firewalls, The display of active counters on firewall rules. This is a quick and useful way to trouble shoot firewall rule issues.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Country Blocking Problem

    Hi everybody,
    Country Blocking is not working correctly. Sometimes ip adresses are not resolved to a country, they appear in the log files as "unknown" and they were not blocked. So some days ago someone tried to connect to our ftp server from sweden, althogh every country is blocked accept of germany.
    Please fix this or integrate a button "unknown" -> deny or something similar.
    Sorry for my englisch ;-)

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. NOT filtering for firewall rules (and anywhere else with rules)

    Could we have the Firewall interface modified to allow us to apply an inverse rule - that is, filter traffic that does not match the criteria we have put forward. Especially since IPtables can do inverse filtering just fine.

    It'd be nice if we could also do the same in the Exceptions tab for various protections, that would make them much more powerful.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. add support for regular URL address such as www.example.com for country blocking exceptions

    When working in country blocking exceptions, the only way to get it work is to enter a websites ip address. Adding support for regular an address such as www.example.com.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Country Blocking By Top Level Domain Not IP

    Right now country blocking only blocks by IP address, so if I block .ga (Gabon), but the website is registered with a U.S. ip address, the website is allowed for end users.

    Solution: add an option to block countries by top level domain (ex. .ga for country Gabon) without having to create a rule to create a black list and try to use a expression to block based on every domain. Reference ticket #8225803 - Kerry Albert
    Channel Sales Engineer
    Kerry.albert @ sophos.com

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Snort Auto-Block Upon Detection Threshold

    This is a feature that a few Snort additions offer, and would improve quality of life with UTM quite a bit (it's the main feature I miss from pfSense). Allow users to configure a threshold for number of Snort alerts triggered, and amount of time to block an address. When the threshold is exceeded, a firewall rule is set up with an expiry in the future however long the user defined. Waking up to 200 e-mails about a person trying to exploit a server is getting old.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. When creating firewall rules they should be enabled instantly

    Why don't newly created firewall rules activate automatically? Invariably I forget to go to the end of the list and switch the rule to on after I create it. At least take me to the end of the list after it is created if you can't default them to on. I'm not creating a new rule just so it can sit there disabled, why would it default that way?

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow SNAT and Web protection work simulatneously

    currently web protection is being prioritized over SNAT. we are getting feedback that on the future patch upgrade to have a feature that will allow SNAT to work while web protection is enabled

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add a option to rotate the SSID password on certain time

    There should be an option to choose the SSID password rotation. It should throw an email to specify users with new & old password information. A password can pick from a text file or admin can define some numbers of the password.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improve reporting for Advanced Threat Protection

    Presently ATP reports the IP of the advanced threat. It does not report the DNS name.

    In most larger networks, all DNS requests go through an internal DNS server, Domain Controller or whatever. Therefore any alert from the ATP will identify the DNS server as the requesting host.

    For Windows DNS logging the brief logging does not capture the IP address returned from the resolver, only the DNS name submitted. Whilst it is possible to turn on complete logging which will return this information such logging is very, very verbose, and it is generally impractical to have permanently turned on.

    20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.