SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. RADIUS

    RADIUS support for ssh access.
    There are a lot of things which you can only do on a shell. Either with ssh to the box or with the serial console. One example might be tcpdump /cc commands/ grep.
    However, logon does only work with loginuser and or as root. Having multiple admins, you never know who does what. And this is a nightmare for auditing or troubleshooting reasons.

    Therefore, I would recommend to enable RADIUS authentication (or other authentication) for ssh and console access.
    I really would prefer a behaviour like most other network devices:
    Logon to the box based…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Central Management option to name the unit being added to the SUM server.

    Currently the hostname is used to identify the UTM in SUM. You then need to go into that unit on SUM and edit the Registration with a Friendly Name. It would be nice on the UTM under Central Management to add a Registration Name. This name would then be used in the SUM Server to identify the UTM.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. ACC to produce exportable asset list report of all hardware under management

    It would be useful in these days of security auditing to have the ACC produce an asset report of all hardware under management including all serial numbers of ASGs / Sophos UTM devices within clusters

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. WebAdmin: Configuration Changes Commit/Rollback Support

    Hi,

    If should be great to save an history of the configuration each time an administrator save something and maybe create a restore point to rollback to the initial configuration if something does not work after some modifications.

    Thanks,

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Management: Enable UPS sharing

    It should be possible to make the UTM the UPS master and other servers obtain notifications from UTM or UTM becomes a client of another UPS server offering informations.

    187 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    26 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. Authentication: Import DNS hosts lists from AD OUs

    When importing objects from AD Astaro does not differentiate between users and computers in AD. If I sync an OU that contains computers, they are imported as user accounts which doesn't make sense. Couldn't there be an option to import those computers into the network definitions as DNS hosts? This way it would be easier to create specific rules for PCs on the network without having to create all the definitions.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Astaro Command Center - VMWare FUSION support

    Astaro Command Center - Please Provide VMWare drivers and integration components for FUSION so Macintosh Users using VMWare can use this product. Currently you only support VMWare's esx and vsphere.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Management: Full Change Log Publishing

    Please start publishing complete change logs for new firmware releases. It is ridiculous to have to hunt for hours in the forums to find some answers. Complete change logs are a must have feature for production use -- I need to know what was changed across versions to a) judge impact on prod b) be able to quickly diagnose issues arising after upgrade (happens all too frequently)

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Backup: Partial Backup/Restore

    Allow a user to create and restore backup files that contain only parts of the configuration.. users would be able to selectivly make use of various parts of the configuration in other firewalls, allowing for easier rollout of multi-site locations. As well, they can restore only parts of a backup file that are required, thus allowing for faster recovery and without affecting all areas of the box.

    68 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Management: Archive backups like logs

    UTM only supports automatic backups sent by email or to a UTM Manager repository.
    It would be great to export them via SCP, FTP, Network Share like log files can.

    31 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. WebAdmin: Activate configuration at specified date and time

    It would be a good thing to have to possibilty to predefine e.g. firewall rules, vpn connections, clientless vpn connections, users or whatever and activate them at a special day and time.
    For example a bunch of new emplyees start their work at 1st of march - so the admin can predefine their users, rules and remote connections for them to be active 8am at 1s of march.So he will not forget that things during the daily business at 1st of march.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Prowl / Growl notifications

    It would be awesome to have alerts and notifications delivered via Growl (or Prowl for iOS). It's a much faster and more obvious way to manage alerts!

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. AstaroOS: Restore Encrypted Backups via USB during Boot

    Currently you can place a backup file on a USB stick, name it to restore.abf, and it will be installed during boot up.

    Please provide the feature to permit the upload of an encrypted configuration file (.ebf) during the boot of the firewall by prompting for the password during boot which is entered via console (or ideally perhaps the LCD??)

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. Notifications: set notifications per user/group

    It should be possible to address notifications to different users or user groups.

    For example:

    IPS warning to user a@exmaple.com

    Base system notifications to user b@example.com

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. "Reset to Defaults" - Button for IPS and WEB-Contentfilter

    Would be riskless, do an automated backup first !

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. WebAdmin / User Portal Help access control

    Would like to have the possibility to control the accessibility of WebAdmin / User Portal Help, because right now it is accessible without a valid authentication.
    I think the best way would be to get only access to the online help with a valid authentication and maybe also by a selection of allowed users/groups/etc..

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Up2Date threshold time

    There should be an option to define a Up2Date threshold time limit before installing a new pattern (instead of download intervall).

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. Insert Comment to the Subject of an Emailed Backup Filel

    It would be very helpful if the backup comment (Management > Backup/Restore > Create backup > Comment (optional)) will be included in the subject when sending backup files via mail.

    Current subject when sending a backup manually:
    [<hostname>][INFO-010] Configuration Backup File

    Suggestion:
    [<hostname>][INFO-010] Configuration Backup File (<Comment that was entered while creating the backup>)

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Management: Auto-Populate Networking Definitions via Scan

    By scanning the local IP-space of connected/configured internal (non-gateway) interfaces, discovered IPs should be auto-added to the definitions list using their hostname as the title (if available) otherwise just fill in the IP for both the address and the name.

    This saves admins having to define their objects from scratch, and they can always delete the object definitions they don't want/plan to use. This should be done either automatically, as part of the wizard, or on request.

    24 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
1 2 3 4 5 6 8 Next →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.