SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Web Application Security: User-created/Custom Rules

    For those saavy enough to create their own rules, it should be possible to craft and deploy custom ones.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Web Server Protection: Information stripping from Office Documents

    It would be nice if the UTM could automatically remove metadata and other hidden informations from office documents that users forget to cleanse from files which are offered to download on my servers (i.e. https://office.microsoft.com/en-us/excel-help/find-and-remove-metadata-hidden-information-in-your-legal-documents-HA001077646.aspx)

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Web Application Security: White / Blacklist Support for Visitor IP's

    I would like to see an option to deny or allow certain ip adresses that can access the webservers. Not only based on country but on the ip adres itself.

    35 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  14 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Adding Time Events to WAS

    Please add Time Events to WAS so it's possible to only allow access within timeframes as is possible in Packet Filter rules.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Web Server Protection: Transparent reverse proxy

    Please provide the option to use reverse proxy also with transparent mode. This way permits to have the real remote host IP traced on the web server log files instead of the IP of the firewall. Now without transparent mode, every web analyzer software is not able to give real traffic reports...

    49 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Web Server Protection: Regular Expressions (REGEX) Filtering

    I d like to have the ability to add regular expressions in WAF Profiles just like in the normal WebSecurity.
    For example allow String "user=BGates" but not "user=BClinton"

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Email and SNMP Notification for Web Application Firewall

    Add Email and SNMP Notification for Web Application Firewall (HTTP/S Reverse Proxy) when the ASG found a Virus in Web Application Firewall traffic.
    This is very useful for the Network Administrator to find any Security holes.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. HTTPS Reverse Proxy

    When using ASG to terminate SSL sessions (SSL Offloading), it’s sometimes needed to get the client certificate (mutual authentication) and pass some SSL info such as SSL Session IDs and Client-SSL Certificate information (e.g. certificate fingerprint and serial number) inside HTTP header to be used and processed by the protected web applications.
    An example of this use; let’s assume that I have a plain-text web application with certificate-based user authentication, so, it’s necessary to have such features in my WAF appliance.

    21 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Reverse Proxy: Authentication Offloading like TMG

    will there be a feature like Authentication / captive portal (e.g. the proxy settings"transparent with authentication" ) for enabling a reverse proxy?
    This would be so usfull for small installations with no frontend exchange / DMZ.
    (juniper calls this "webauth" )

    179 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Planned  ·  Angelo Comazzetto responded

    We are hard at work on this feature and will deliver the first implementation of front end authentication as part of our Web Server protection (reverse proxy) in UTM 9.2. The public beta will begin in October. Stay Tuned!

1 2 3 4 5 6 8 Next →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.