At this moment, there is no option to make a API GET call for all the routing table of the UTM.
Including the IPv4 Default GW for an interface.

This is very important for thirdparty environments that using and analyzing the routes and the access-lists of the network devices of the production environment.

Being able to test WAN Interfaces by isolating from the network traffic temporarly. That would be very helpful to identify slow internet connection and causes.

When we create an IPSEC VPN in SUM and use "automatic firewall rules" option, we can't edit the option "log traffic" for these rules and so we can't see the logs for these rules.

In flow monitor - Bandwith Usage Now - KB/s is displayed.
This is misleading, there should be kbit / s

Add a method to check the real time bandwidth usage for firewall rules.

So users can distinguish which rule uses the most bandwidth and set the proper QoS for it.

Currently when configuring SNMP v3 for network monitoring, the encryption is automatically set to AES, but does not identify the strength of the encryption. It has been found through testing that the AES encryption being utilized is AES 128, which is below the requirements for regulations such as Payment Card Information (PCI) and the Health Insurance Portability and Accountability Act (HIPAA) compliance. It would be greatly helpful to allow for the selection of the AES encryption level when configuring SNMP v3 for network monitoring.

We would like to see the ability to create firewall rules that take over if the primary WAN connection fails over to a secondary WAN connection. This would be useful for businesses like ours who has a nice primary connection but a significantly smaller backup connection. For example we let the employees stream media during normal operations however with many streaming if it fails over to the backup WAN connection it causes a huge bottleneck for us.

It would be nice to improve the AD Sync Client with following features:
- AD Sync on OU level
- Sync Computer Objects in Security Group Object and apply a Synced Security Group Object as Computer Group in the Sophos Central Web-GUI. Like this is with the User Objects already implemented.

create one common user into the SFM for access all synchronized UTM GUI

In SUM, include the capacuty to configure SANDSTORM

Currently, to change a scheduled operation in the SUM Gateway manager, you have to delete the schedule and recreate it entirely. It would be nice to be able to simply edit the operation.

Within SUM, we would like the ability to properly manage Scheduled Tasks using Organization Units.

When looking at the objects I can assign to a Scheduled Tasks, I only have individual computers or _Any_. I do not want to manually add firewall to this list everytime I add one to our SUM. the ability to add Organization Units to this window would help a lot with management.

5 should do the trick. Plenty generous, and free advertising of your MDM product.

The ability to upload individual licenses to all linked/connected UTMs through a single SUM instance/interface. In a scenario where a user might have 50+ UTMs connected a SUM, uploading licenses to all them can be a tremendous hassle.

With SUM you cannot deploy an exception for special user agents.
Would be very nice to make all UTMs at once "MS Office Click-To-Run" compatible. Currently you have to add a local exception like "Coming from these user agents: OfficeClickToRun
Microsoft-Delivery-Optimization/10.0"

I'd like to see an additional option for Mgmt -> Backup/Restore -> Automatic Backup.

This could be a flag named "only if changed" and should send out / create the backup of the config only if there where changes (e.g. by comparing the hash or file size e.g.)

Add an internet speed test (using something like speedtest-cli or a nagios check_speedtest-cli) to the management interface support tools. This check should bypass DPI, IPS/IDS, AV, etc. so users can tune the security services for optimal protection and speed. This could also be used as a reference when setting up QoS or even as variables in QoS settings as internet traffic speeds often are increased without user knowledge and the current QoS bandwidth settings are static. Periodically check internet speeds and report in the network graphics and executive reports.

Add Network Usage graphs to dashboard. The current day network usage graphs should be able to be added to the dashboard just like the concurrent connections.

When installing a new license you do not get a warning when the license is for another environment (hostname) or when the license disables currently active modules. It would be nice when you would get a warning.