SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
Wireless: Allow one SSID to bridge to tagged VLAN while another SSID bridges to untagged VLAN
As it is, I found I had to create an extra VLAN for WAP deployment and then bridge my two planned SSIDs to two tagged VLANs.
3 votes -
Config rollback to prevent lost device
It would be nice to have a feature whereby you could make changes but if lost connection to the device then restart to roll back config prior to changes. I guess similar to cisco's running config and startup config.
In the Cisco world, many times i've used a reload in 00:05 then made complex changes knowing that if a problem occurs and I lose the device it'll automatically reload in 5 minutes and i regain access.
3 votes -
Sophos UTM Manager: Call of SSH (UTM) over SUM
Connect from SUM with SSH over a HTML5 VPN to an UTM.
Similar to the existing WebAdmin call.
And don't forget the auto login as root user.3 votes -
SUM: Central Configuration of SSL Site2Site + Remote Access VPN
add Remote Access Profile configuration in SUM (!)
...just like:
click [Add remote access profile]
(1/3) for UTM fw72
(2/3) for users <AD user group definition>
(3/3) for local networks <local network, for example network reachable via site2site VPN>add SSL Site2Site VPN option in SUM (Configuration > VPN), same/similar style as IPSec Site2Site VPN
...so you do not have to log into WebAdmin on every single UTM.
imagine 50+ remote offices and you'd like to add a local (maybe testing-)network for SSL VPN users.3 votes -
3 votes
-
Prowl / Growl notifications
It would be awesome to have alerts and notifications delivered via Growl (or Prowl for iOS). It's a much faster and more obvious way to manage alerts!
3 votes -
AstaroOS: Restore Encrypted Backups via USB during Boot
Currently you can place a backup file on a USB stick, name it to restore.abf, and it will be installed during boot up.
Please provide the feature to permit the upload of an encrypted configuration file (.ebf) during the boot of the firewall by prompting for the password during boot which is entered via console (or ideally perhaps the LCD??)
3 votes -
SUM log traffic for automatic firewall rules
When we create an IPSEC VPN in SUM and use "automatic firewall rules" option, we can't edit the option "log traffic" for these rules and so we can't see the logs for these rules.
2 votes -
kbit
In flow monitor - Bandwith Usage Now - KB/s is displayed.
This is misleading, there should be kbit / s2 votes -
Sent email alerts from Sophos Central
Enable alerts to be sent to an email address. Although Sophos Anti Virus quarantines well sometimes the machine does not recover entirely from an attack. The last attack I dealt with was seen off but many parts of the OS needed attention to recover fully
2 votes -
Allow backups to be download on secondary SUM
If the SUM is the primary SUM on the UTM, you can set it to back up daily, etc.
The secondary SUM, doesn't have this option. It doesn't need to have control like the primary SUM, just get back ups.
2 votes -
Add the ability to use a Network Group for User Portal and Remote Access
Allow Network Groups to be used for both the User Portal and Remote Access VPN at the below locations. This need is due to having more than one circuit. When we have more than one circuit, we want to be able to allow 1 Public IP on each circuit to listen, however due to the current design, this is not possible.
User Portal->Advanced tab->Network Settings
Remote Access->SSL->Settings tab->Interface addressThank you,
Travis Grenell
Systems & Network Engineer III
Cisco, Microsoft, HP & Sophos UTM Architect Certified
Sophos Gold Partner
Snap Technology2 votes -
Add more scheduling options for firmware updates.
We manage hundreds of VFW's in our environment and cannot take the risk of running firmware updates weekly on all of them. Some are also global, so we may need to do them at different time schedules. It would be great if we could schedule them Monthly rather than weekly. Adding flexibility.
2 votes -
Manage
The ability to upload individual licenses to all linked/connected UTMs through a single SUM instance/interface. In a scenario where a user might have 50+ UTMs connected a SUM, uploading licenses to all them can be a tremendous hassle.
2 votes -
Make all Features which were requested for UTM and now available on Copernicus also available for UTM
If you follow up the new ideas for the past months all of them were requested for UTM but none of them are available. Every single idea was used to XG (Copernicus).
This is abolutely inacceptable. Especially as the UTM license model is based on a ongoing subscription.
2 votes -
Country Selection
Why There is Turkiye (Or Turkey) in your installation. We have Sophos licence for 6 years. Installation doesnt have Turkey. I am selecting other countries. Dont you like Turkey?
2 votes -
Users UTM
Hello,
There is some method for moving users (CSV file) to a UTM?
2 votes -
Safeguard Enterprise support for MySQL DB backend
Would be great to see Sophos support utilising a MySQL DB backend for Safeguard Enterprise as is possible with Mobile Control.
2 votes -
SUM: Central Certificate Managment
It will be nice, when it will be possible to organize own Certificates via SUM for all Sophos UTMs.
At the moment, I have to connect to all UTMs manual to install some root certifiacte manually (for example for this problem: https://www.sophos.com/en-us/support/knowledgebase/122257.aspx )2 votes -
UTM Cannot join SUM due to being Blacklisted. SUM needs to list Serial Number and GUID of Denied UTMs
If you blacklist a UTM in the SUM, and then do a factory reset on the hardware, the UTM remains blacklisted. This makes sense.
However, there is a major problem: You cannot tell what UTMs are blacklisted. The only details provided in the SUM is blacklisted UTM's IP and Hostname.
However, the blacklist apparently applies to more than the Hostname/IP combo and will be denied even after a factory reset and reconfiguration.
Therefore, you need to also show in SUM the blacklisted UTM's Serial Number and GUID. If provided it would be easy to determine which item to remove from…
2 votes
- Don't see your idea?