Allow a comment to be added to the mac address table so that you can record what devices the address is for. This makes it easy to manage the list if a device is to be removed.

It would also be nice if the wireless clients list could look up the comment and display it next to the record so you could see the device in the list.

It would be nice to have a feature whereby you could make changes but if lost connection to the device then restart to roll back config prior to changes. I guess similar to cisco's running config and startup config.

In the Cisco world, many times i've used a reload in 00:05 then made complex changes knowing that if a problem occurs and I lose the device it'll automatically reload in 5 minutes and i regain access.

Have a way of blocking IPs or throttling them from the bandwidth usage graph

With the automatic backups currently you cannot specify the time that the backup runs.
Could this be added to standardise when the backups are run as they currently run at random times between UTM's.

introduce feature to limit upload limit for internet users by system administrators

introduce feature to limit upload limit for internet users by system administrators

Now all devices are clasiffied as non-comliant unless told by SMC, so all devices must be managed by SMC to be able to connect to wifi. Which is not always the case.

Be identify as a FW/UTM vendors with editors like Tufin, Algosec and Firemon,
to get a connector pre-configure in their tools.
Really usefull for heterogeneous environment or MSP customers.

Connect from SUM with SSH over a HTML5 VPN to an UTM.
Similar to the existing WebAdmin call.
And don't forget the auto login as root user.

I would like to vote for a report that can be send out once a week that displays the ChangeLog entries so that you can monitor the changes made and send them out to some business devision to become some how compliant to auditing requirements.

any password that is entered is stored in plain text in the change log. This should be shown as an encrypted password, or the ability to delete the change log.

Add last seen date to Sophos active ip address list.

I would like to have feature like to delete the activity logs, not sure how long it is available or it is eating CPU, in that case we must have feature unnecessary log files which we can see in the Management.

Please add Norwegian keyboard to html5 vpn portal

Sony Austria uses SGN MC on Terminal Servers, which are deployed every week.
The want to preconfigure the MC to avoid the SGN MC config wizard every week at every machine.

When managing multiple UTMs it would be nice to have the interface show you in a very obvious way which UTM you are logged into . The grey space between the UTM version and username would be good place for that as it is persistent across all menu options.

Some of our customers use OSPF on the UTM to connect their network. Sometimes they miss to renew the license ...
If we got notice of that, we can help them for maybe 10-30 days with a temporary license until they get the real new one.
But the problem is, the UTM is not accessible from anywhere (SSL VPN or Network) because the routing instance is dead.
My idea is to send them the temp file, they put it on a usb and reboot the UTM.
If the utm searches for such a file it can easily be installed.

- add Remote Access Profile configuration in SUM (!)
...just like:
*click* [Add remote access profile]
(1/3) for UTM fw72
(2/3) for users <AD user group definition>
(3/3) for local networks <local network, for example network reachable via site2site VPN>

- add SSL Site2Site VPN option in SUM (Configuration > VPN), same/similar style as IPSec Site2Site VPN

...so you do not have to log into WebAdmin on every single UTM.
imagine 50+ remote offices and you'd like to add a local (maybe testing-)network for SSL VPN users.

If a SUM is hosted inhouse and external UTMs connect only Hosts/DNS-hosts are allowd as destination system (SUM).

If the main WAN connection fails, configuraton can not the altered using the SUM (e.g. to redeploy VPN tunnels to a backup connection (so switch the Tunnel interface))

It would be helpful to have DNS-groups or Availability groups enabled for this purpose.

I understand that the SUM has to be unique for the management to work. So this might be an issue that requires the admin to understand what he does, but the current configuration options do not allow easy failover