SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to add site name to grey space between "UTM" and user who is logged in.

    When managing multiple UTMs it would be nice to have the interface show you in a very obvious way which UTM you are logged into . The grey space between the UTM version and username would be good place for that as it is persistent across all menu options.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. install license by USB, like the restore.abf

    Some of our customers use OSPF on the UTM to connect their network. Sometimes they miss to renew the license ...
    If we got notice of that, we can help them for maybe 10-30 days with a temporary license until they get the real new one.
    But the problem is, the UTM is not accessible from anywhere (SSL VPN or Network) because the routing instance is dead.
    My idea is to send them the temp file, they put it on a usb and reboot the UTM.
    If the utm searches for such a file it can easily be installed.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. SUM: Central Configuration of SSL Site2Site + Remote Access VPN


    • add Remote Access Profile configuration in SUM (!)
      ...just like:
      click [Add remote access profile]
      (1/3) for UTM fw72
      (2/3) for users <AD user group definition>
      (3/3) for local networks <local network, for example network reachable via site2site VPN>


    • add SSL Site2Site VPN option in SUM (Configuration > VPN), same/similar style as IPSec Site2Site VPN


    ...so you do not have to log into WebAdmin on every single UTM.
    imagine 50+ remote offices and you'd like to add a local (maybe testing-)network for SSL VPN users.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow DNS-groups or Availability Groups on Centralized Management

    If a SUM is hosted inhouse and external UTMs connect only Hosts/DNS-hosts are allowd as destination system (SUM).

    If the main WAN connection fails, configuraton can not the altered using the SUM (e.g. to redeploy VPN tunnels to a backup connection (so switch the Tunnel interface))

    It would be helpful to have DNS-groups or Availability groups enabled for this purpose.

    I understand that the SUM has to be unique for the management to work. So this might be an issue that requires the admin to understand what he does, but the current configuration options do not allow easy failover

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. grace period for expired license

    Please, provide a fixed grace period after the license expiration (5, 10 or more days).
    This prevents to disable the features licensed if for any kind of reason the admin was not able to install the new license.

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. ADD rollout of wireless profiles & settings by SUM

    actually it is not possible to deploy wireless settings through SUM

    this should be added!

    including: Wireless Networks, Accesspoint Groups, HotSpots, Vouchers & Profiles

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Change object type on SUM for network definitions.

    Change object type on SUM for network definitions.
    For example: On a SUM-Server it would be very useful to change an object from a Host to a DNS-Host or DNS-Group. This would give administrators the possibility to change objects without revisiting any UTM where this object being used.
    Of cause there are situations where it is tricky to do it because some configuration fields just allow certain objects but an error message could be helpful here.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Extended change log

    The changelog in the main management tab is limited in it's length - and is also cluttered up by logins without changes and failed logins.

    It would be a good thing to have a complete list of changes throughout the overall history of the ASG (on perhaps another place like "Support"->"Advanced" ) for a complete review of all changes.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add an option for timed reboot/shutdown

    Sometimes a customer calls because they need the UTM shutdown before the city turns of electricity or something. Or some kind of problem requires are reboot, but as Internet works nobody wants to reboot "now", but rather after office hours.
    It would be great to be able to time this.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. WebAdmin: Management role for site-to-site VPN

    In the Astaro Webadmin there are managment rules, but not a dedicated one for Site2Sitemanager. Please add this.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Configure Quarantine Manager from SEC

    A feature where the "Configure user rights for Quarantine manager" can be configured/ managed from the Enterprise console. Currently this is only managable from the Endpoint Client.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. SUM: Suppot network ranges in SUM

    Sophos UTM9 supports network ranges, but SUM does not.

    0 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Web Based User Password and Certificate reset.

    One of the challenges in a very large environment is when a user has to reset their password and doesn't remember their old one. For our environment we have to go and manually delete the cert for the user and change their password in AD.

    What would be Nice is if there was a one stop shop for this though the Web Gui like the Recovery system. Where it allows a Tech to reset BOTH AD and Certificate passwords for the user. Or at least delete the Certificate so that when the user logs in after changing their password it…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. SMC: Only whitelisted apps allowed in Apple App Store

    Currently, although there is a possibility of whitelisting/blacklisting apps in SMC, there is no way of actually allowing App Store on the device and restrict the downloading/installing of apps. To have full control of the device, you have to actually implement a policy of disabling the App Store itself.

    Ideally, the App Store should be available and only whitelisted apps are allowed to be installed. This would also allow the users to update the installed apps. The current solution is a drastic push policy to allow App Store, ask users to update apps and ask them to call back when…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. add an option to specifiy when the UTM checks for updates, not just how often

    I have a few clients that have metered internet connections (satellite). However, they have an download window from midnight-5am, where any traffic is not counted towards there monthly limit.

    Right now I can specify how often the UTM checks for pattern updates, It would be great if I could specify an exact time to do it so I could have it update during that window to save them bandwidth.

    thanks!

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Monitoring: Add Zabbix / Nagios client

    A lot of us (at least with bigger environments) are using systems like Zabbix or Nagios to monitor their stuff.

    An direct integration of the clients into Astaro would it make a lot easier to integrate the Astaro boxes into it. SNMP alone does not provide a lot of values which are interesting to monitor. Like:
    - Packet filter violations
    - IPS stats
    - VPN Users online
    - and much more

    283 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide variables to show the authenticated user name, group membership and filter assignment

    Provide variables to show the authenticated user name, group membership and filter assignment when customizing the Web Message->End-User Message description. This would allow the user and admin to quickly see that the user was authenticated properly and the group membership is correct.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. 29 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  7 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Save Button for Changes

    Changes in the GUI shouldn't be active immediately. There must be a save button to activate changes. It is very important to prevent mistakes and you can change several setting and activate all at the same time to not lose the connection.

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.