SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Create a search tool that checks all logs, so I don't have to search each log individually to see what component is blocking something

    Create a search tool that checks all logs, so I don't have to search each log individually to see what component is blocking something

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  2. Output Interpreter

    I'm missing the "Output interpreter" which you can find on Cisco homepage. Cisco is providing this feature on their homepage. The Output interpreter can interpret the log which you have from the router and much more.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  3. Logging: Search within Search Engine Logs

    Would it be possible to support searching with asterisk within the search engine logs? So when some people had searched for "i want a new job" or "better Jobs" I want a search within the log with "jobs" and I can see all those search terms from the users.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add User Agent in reverse proxy logs.

    We had this information in our previous firewall and was helpful to know what agents are running probes.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. Customer wants more control over the reports in the UTM

    Customer wants more control over the reports in the UTM: statistics from DB about Network usage per User, usernames, machine name, IP - more detail below:

    Detailed description of Feature request for Reporting subsystem
    1)
    Name: Show user names in Network usage report, instead NXDOMAIN, when use Transparent proxy with Browser auth
    Business requirements (reason for feature): Network usage report used for internal billing of Internet usage
    Importance: 1 = Critical

    Customers can’t use external systems, which based on Syslog, because there is no information about amount of data in Logs: SMTP, POP3, etc
    Customers don’t have access to DB,…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. Additional fields in syslog messages - allow correlation with other logs

    For "reverseproxy" syslog messages, please include enough details to uniquely match the UTM's logs with other device logs (upstream firewalls, netflow, real webserver logs, etc).

    The current log doesn't include the local IP and port used by the UTM to make the request of the real web server and it doesn't record the source port used by the true client. This makes it hard to differentiate multiple requests coming from a single NAT IP address

    The resulting log would look like this:

    srcip='1.2.3.4' # existing
    srcport # add this to record the source port used by true client
    localip='9.8.7.6' #…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. Reporting: Flow Monitor 2.0

    In the Flow Monitor, it would be nice to be able to click on a Host/Client, and list all of their connected Host/Clients, ports that they are using, and bandwidth used for each of those. Currently The Flow Monitor only list total traffic used by a Client/Host, but for more information the text logs have to be searched.

    It would also nice to be able to have fine grain control of that traffic (throttle and blocking) in real-time from inside the flow monitor. Options like Temporary blocks, or data caps, would all be bonus too.

    49 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  9. Please add country name to firewall log when blocking country

    Sometimes you have to identify and resolve country blockings but ar not able to get the country with searching IP databases. Would be very nice when log names the found country. Perhaps this can be combined with other request depending mail logs.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. iview

    in iView reporting (eg. 10.176.200.27:8000, not the port 4444 one), user would like to have the object name based in Reports > Web Usage (such as Top Web Hosts). at the moment, in UTM, we can see IPs and Objects, but in iView, only IP based data shows there, since the user has no AD, then object based data reporting is need.

    related case number: 4857872

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  11. Flow Monitor: Ability to show outbound traffic only

    At the moment when you click on the Out or In bandwidth in Dashboard, you are taken to the tabular view of the Flow Monitor. This shows Total bandwidth only.

    Need to be able to show only outbound or inbound traffic. We are saturating our outbound limit and there is no way to find out which client is culprit.

    Apparently this functionality used to exist.

    So, if you click on the Out bandwidth in Dashboard, it should take you to the flow monitor showing outbound traffic. If you click on the In bandwidth it should show Inbound traffic in the…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  12. Logging: Syslog Support of RFC 5424

    Basically exactly as the title says. The logging to external syslog as it is now does not follow either RFC 3164 or RFC 5424.

    Since the RFC 3164 was replaced by RFC 5424 it would be nice to have the option to select the format of syslog messages that are sent to external syslog server to follow this RFC standard. Right now if the external syslog is following the RFC standard and receives a syslog message from ASG which is NOT RFC compliant the message is malformed and not stored correctly which naturally causes a lot of problems.

    20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  13. Log of traffic based on outgoing interface

    Create a menu showing the kind and amount of traffic based on incoming/outgoing interface in a scenario with more uplink interfaces

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  14. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  15. Option to configure Log Severity \ Format

    Currently the Web Server Protection logs\syslog are very difficult to understand\parse.

    I have a website hosted in my server facility with a huge traffic and I cannot analyze the log properly.

    You should add an option to control the log severity and format.

    This would be a great improvement to your product.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  16. FTP SITE CHANGE

    changing the way the FTP site works

    Essentially as the .md file in the FTP directory is from the same FTP site, it doesn't mean or validate anything (e.g. cannot be relied upon to validate the trustworthiness of the file). Reason being if the site is spoofed (e.g. via DNS) then we cannot validate the identity of the remote server, given it is clear-text FTP (no mechanism to validate the site's identity, such as via SSL/TLS). Further, if the site has been compromised, an attacker merely has to place the MD5 hash there for the malicious ISO file they replaced.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  17. Detailed process usage log

    Problem: I have spikes in CPU usage at random times that cause outages in phone service. There is no way, that I know of, to determine what caused these spikes.

    Solution: Log snapshots of all Process's running, along with other information that can be used to determine cause of high CPU spikes. This would allow users to look back and see what process were running and what they were doing to cause a CPU/memory spike.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  18. need a Health Summary - summary of errors from all areas of UTM

    A summary of all errors would help to identify deficiency in rules, conflicts after multiple rounds of firmware updates, etc.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  19. search across ALL Logs as single search

    Need to be able to search all logs in a single search effort. When attempting to troubleshoot an attack or UTM problem a Wild Card or other search of all logs would best serve the troubleshooting process. Need controls of All Logs in day increment as searching all logs forever would be time consuming versus a aid to the daily / weekly troubleshooting process.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  20. I'd like to see a way to port logs over to CloudShark in one click

    I'd like to see a way to port logs over to CloudShark in one click

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.