I want to appoint an origin of transmission address of the isolation report email from Sophos UTM.
=========================
Sophos UTMからの隔離レポートメールの送信元アドレスを指定できるようにしてほしい。

I want to appoint the format of the isolation report email from Sophos UTM.
In the case of an HTML form, I am garbled.
I want the format conversion function of the isolation report email.
=========================
Sophos UTMからの隔離レポートメールのフォーマットを指定できるようにしてほしい。
HTML形式の場合、文字化けする。
隔離レポートメールのフォーマット変換機能が欲しい。

For those who manage several SG UTM Firewalls it would be very useful to be able to change the name in the sender field of the notification emails sent by the Sophos Firewall in order to immediately identify the Sophos Firewall that sent the notification without opening the email.
Now you can see in your Mail Client simply "Firewall Notification System".
It would be very useful for those who receive notifications on their smartphone to identify the Firewall without having to open the email

There is no Monitor/Notification which would send information for harddisks going to fail in a few days/week. Maybe using S.M.A.R.T.?

And there ist no notification about failed single disks, only in RAID like "CRIT-060 Raid degraded: harddisk replacement needed".

Please add a notification for single disks (without RAID) in case of failure or a few days earlier.
Thank you.

setup a report that can email a user when they have used a percentage of there network traffic quota. Example: "You have used 50% of your Monthly Data Allowance"

The SUM server often sends an email notification on behalf of a managed UTM with the subject: [INFO-913] Global resource level limit exceeded, but doesn't say what limit has been exceeded. It's necessary to logon on to the UTM and check through the logs to determine what caused the alert. It would be good if the notification from the SUM contained some additional information to save time on identifying the cause.
Thanks.

If the sender send me an e-mail with a forbidden file extension he gets the following notification:
"Betreff: Message delivery incomplete

Your message to the following recipients was quarantined:

<xyz@web.de>, quarantine reason: File Extension (zip)

Please contact your IT administrator for further assistance."

The idea would be change this text of the alert.

Please make the admin notifications subject editable.

Some service-systems can't handle the square brackets at the notification header.
Customization for the design of this header would be helpfull in those cases.

(btw. it would definitely help already, if there would be just one dropdown field, where you can change the square brackets into a normal bracket, a pipe or a simple slash).

Thanks
Felix

Add denied outbound emails to Total Control email. Otherwise sender (Outlook/Exchange) is blind to the failure.

The notification from IPS about web browser - MS Edge iare not carried similar to IE or FireFox.

This cause tousand of @ from IPS. Normally I can disable such category on Notification Tab, but for exapmle RIG Exploit Kit (Network Trojan) also shares the same category (CRIT-852), which about it I prefer to have awareness.

CRIT-852] Intrusion Prevention Alert (Packet dropped)
Message........: BROWSER-IE Microsoft Edge SIMD memory corruption attempt
Message........: BROWSER-IE Microsoft Edge Array.concat type confusion attempt

email notification if user has reached or downloaded more than 500 MB for instance . so the admin will know that someone is downloading more than their daily usual data.

When logging on an UTM via SUM, the Web Admin Login Event info-005 is not triggered and there is no mail.

Reflexion should have a more robust notification system. For instance, if an incoming message is deferred for more than x minutes I should be notified. or if x number of incoming messages are deferred I should be able to send a notification. The list goes on.

The fact Reflexion is an important part of my client's ecosystem and isn't able to provide important data is very problematic.

WARN-129, among others, is not available in the notifications section.

To keep the list short, a custom text form or dropdown would be nice:
Simply enter or select the unlisted ID you want to configure for notifications and add it to the list of common IDs.

When UTM have Standby interface, and Internet on Active WAN interface lost, will be interesting have Email and SNMP notification to Admin and Monitoring tool.

For our users it will be comfortable to have the Sophos Sandstorm messages during file download analysis in german.

The Avira Scanner died on the Customer's UTM for the 2nd time.

It then fixed itself a week after.

Customer did not receive any notification to say that only 50% of his AV scanning was functional (dual scanning turned on).
Dashboard was showing a green tick next to antivirus.
The only reason why customer noticed the issue was because they had issues with other module and they were going through the logs via backend.

The alerts from the Reflexion state that it cannot connect to the client server need a follow up email stating that it has re-established the connection to the server. If gives us warnings and leaves us hanging and we have to manually check on it. An email stating that it has reconnected and spooled email is being released would save a lot of work especially after business hours.

add username to WARN-070 notification. (too many bad logins)

The description of the intrusion doesn't match the list of attack pattern group names.