SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
usability improvement : improve labels
Improve information labels in the local console : "virus data date" is not concerning virus identities but update date of the detection engine.
Translations are also concerned by that. May be the network console too.2 votes -
A Tool to Generate a backup file from a Template for import and export of Standard Templates for UTM.
I want to be able to manage a number of standard Templates.
When I have all the extra client information (the variable info from one customer from another) I want to be able to import this as a flat file (whatever format (csv)).
This will then be feed into the pre-configured Template and come out as a backup file (abf) ready to be imported into the UTM.
This will let those who manage lots of customers the ability to build a complex unit quickly and be able to deploy standards across multiple customers.
This will save time by not having…2 votes -
Remote uninstall / shutdown
Sophos should include a feature to allow an administrator to remotely shutdown or uninstall the client from the enterprise console. Most other enterprise AVs have such a feature. It isn't always easy to walk to every machine or obtrusively RDP into a workstation. The process should mirror installing through the enterprise console, silently and remotely.
2 votes -
Sort Domains in various fields
It would be nice if we would be able to Sort the Domain-Lists in fields like Webserver Protection - virtuell Webserver
Web Protection - Filtering Options
etc.2 votes -
Allow a comment to be added to the mac address table.
Allow a comment to be added to the mac address table so that you can record what devices the address is for. This makes it easy to manage the list if a device is to be removed.
It would also be nice if the wireless clients list could look up the comment and display it next to the record so you could see the device in the list.
2 votes -
Delete activity logs
I would like to have feature like to delete the activity logs, not sure how long it is available or it is eating CPU, in that case we must have feature unnecessary log files which we can see in the Management.
2 votes -
Sophos SMC console feature to remove device applications when installed by end users
Currently there is a limitation with the SMC console - device applications cannot be uninstalled remotely when the end user has installed it from the device.
We would like to see a feature from within the SMC console to manage all device applications - providing the ability to uninstall applications on devices e.g ipads/iphones whether they have been installed by the end user or not.2 votes -
Encrypt any password that is entered, so it doesnt show plain text in logs.
any password that is entered is stored in plain text in the change log. This should be shown as an encrypted password, or the ability to delete the change log.
2 votes -
Set backup run time
With the automatic backups currently you cannot specify the time that the backup runs.
Could this be added to standardise when the backups are run as they currently run at random times between UTM's.2 votes -
Display Current Time/Date on Up2Date Screen
I often find when I schedule a UTM to update its firmware, that I'm having to bounce back to the dashboard to ensure that the time/date of the UTM is correct, I never take this for granted. So my idea is to simply put the system date/time at least on the Up2Date screen, if not just at the top of the screen in general.
2 votes -
Web Based User Password and Certificate reset.
One of the challenges in a very large environment is when a user has to reset their password and doesn't remember their old one. For our environment we have to go and manually delete the cert for the user and change their password in AD.
What would be Nice is if there was a one stop shop for this though the Web Gui like the Recovery system. Where it allows a Tech to reset BOTH AD and Certificate passwords for the user. Or at least delete the Certificate so that when the user logs in after changing their password it…
2 votes -
alow in-place migrations with USMT ‘Hardlink’ data migration on encrypted drives
We have a requirement to perform in-place migrations of workstations numbering in the tens of thousands. A major barrier to performing these migrations has been the controllability of Sophos Safeguard versions
5.x and 6.x. Our engineering organization has developed some workarounds that enable certain in-place migration scenarios where Safeguard is involved, but other scenarios that have been deemed critical to the success of our mission have remained unaccomplished
due to limits placed on our ability to control Safeguard.During our past meeting with Sophos engineers, we posed some questions regarding these in place migration scenarios in an effort to receive…
2 votes -
ACC to produce exportable asset list report of all hardware under management
It would be useful in these days of security auditing to have the ACC produce an asset report of all hardware under management including all serial numbers of ASGs / Sophos UTM devices within clusters
2 votes -
Notifications: set notifications per user/group
It should be possible to address notifications to different users or user groups.
For example:
IPS warning to user a@exmaple.com
Base system notifications to user b@example.com
2 votes -
"Reset to Defaults" - Button for IPS and WEB-Contentfilter
Would be riskless, do an automated backup first !
2 votes -
Insert Comment to the Subject of an Emailed Backup Filel
It would be very helpful if the backup comment (Management > Backup/Restore > Create backup > Comment (optional)) will be included in the subject when sending backup files via mail.
Current subject when sending a backup manually:
[<hostname>][INFO-010] Configuration Backup FileSuggestion:
[<hostname>][INFO-010] Configuration Backup File (<Comment that was entered while creating the backup>)2 votes -
Remove the diffie-hellman-group1-sha1 in ssh service/port-22
Hi Sophos,
We recognized that our product is using insecure key-exchange "diffie-hellman-group1-sha1". "diffie-hellman-group1-sha1 is used only has a size of 1024 bits. This size is considered weak and within the theoretical range of the so-called Logjam attack.
We would like to remove diffie-hellman-group1-sha1 in ssh service/port-22,
Please kindly provide a step or your action to remove it.
1 vote -
Reboot AP from command line or crontab (scheduled task)
I've 3 AP connect to a UTM, i would reboot them but not manually with the aweetool, with a schedule task (crontab, rc.local, shutdown -d [time] ecc..., at the moment do this isn't possible..
This "feature" is very important for a correct connectivity ofthe AP, because
every one/two/three months you are forced to restart them manually.
The awetool is useful but yu need to connect to UTM by ssh, start the tool, find the AP and reboot it MANUALLY.
Give the possibility to create a crontab for do this wil be very very useful, we'll apreciate it.
thanks1 vote -
Allow network traffic quotas on XG to be applied directly to rules rather than users or groups.
Would be nice to apply network traffic quotas to a rule rather than just users or groups. This would allow IoT or headless devices to be cut off after exceeding a quota.
1 vote -
port 25
The default port to email a backup copy of the settings is Port 25.
Many ISPs block Port 25.
It would be helpful if an alternate port could either be chosen or selected such as Port 587.
1 vote
- Don't see your idea?