SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 8822269 -

    Hi Team, I would like to have the ability to Export Network Usage between specific times. Unfortunately the Daily Network Usage graph is (now-24hours).I would like the ability to choose a specific day last week.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  2. http log

    In order to facilitate analysis by our CASB of traffic and traffic amounts to and from shadow IT, please provide the number of bytes up & down information in the SG proxy logfiles (like already done by XG as “sent_bytes=*** recv_bytes=xxxxxx).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to specify "container" log group for AWS Cloudwatch logs

    Currently, when using the log to AWS Cloudwatch, logs are just dumped into top level /var/log/<blah> groupings. Not only does this clutter up the Cloudwatch logs view, but it makes it impossible to have multiple UTMs logging to the same AWS account.

    What I'd like to see is a way to have a prefix or container log-group e.g., UTM1/var/log/messages etc... so that all the logs are grouped under a single category.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. DNS Request Logging

    It would be great to have a full history of DNS requests. Many organizations filter TCP/UDP:53 at the edge, and employ Split-Brain DNS configurations. For smaller organizations which rely on the built-in DNS server of the UTM, it would be nice to have full logging of DNS requests; this would make for better analysis of SIEM data as well.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. DSM for Qradar

    The DSM will enable the IBM Qradar SIEM to parse logs from the Sophos UTM.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. IPS-Log: suspicious dns query should say the complete FQDN which was "suspicious".

    The IPS-log-output for "reason=_INDICATOR-COMPROMISE Suspicious .top dns query_" should the FQDN be included which was tried to resolve.
    Regards, Daniel

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  7. Network Protection set marked for Logging

    In Network Protection please give us the possibility to enable/disable logging for marked firewall rules. For example an entry in the drop down menu under "Action", where you already can enable/disable/delete the Firewall Rules.
    It's pretty frustrating if you need to enable logging on one or more rules and the page reloads each time, specifically at the auto-generated rules.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos Sandstorm Activity dashboard - show non-malicious activity count for previous days

    in the Sophos Sandstorm Activity dashboard, it would be nice to display the activity count for more then the current day. We can then measure Sandstorm's level of activity (malicious as well as non-malicious detections). Thanks

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add column for Message ID Message in Log Viewer

    The Log Viewer needs a column for the Message ID Message. In other words what does the Message ID means. Example 08001 this tells you nothing unless you know what it means.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. log file

    granular rules to control log file deletion were highly apprecitated. I wish I could set different values for each log category.
    For example to comply with EU-GDPR you would set log file deletion after 7 days and for packetfilter or IPS after 30 days.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  11. Logging : Modify the form of the logs sent to syslog

    For Webserver Protection, the ability to add or remove fields from the logs to be sent to the syslog server. (for exemple, the field about "cookie", which contains a number of important characters)
    But also to be able to modify the number of characters of a request so that the logs are not truncated

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  12. It is possible to implement the configuration download in notepad how we can do in Cisco devices?

    It is possible to implement the configuration download in notepad how we can do in Cisco devices? So it will be very useful to know the setup if any new person manage the device.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  13. search

    When displaying the results of a search of a log file, display the search terms used in the popped up window.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  14. log filtering aprovement

    When I look in a live webfiltering log and filter this log on "action="block"" I like to see only log rules of blocked connection and not the first 10-20 rules with all log rules at every reload of the filter.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  15. Unified logging

    Compared to MS Threat Management Gateway 2010, analyzing log files on UTM is a chore. TMG had several advantages:

    1. Unified firewall, waf and proxy logs.
    2. Logs were store in a single file or an internal/external SQL database
    3. The interface for analyzing log data was capable of easily creating very complex queries with point and click.
    4. Logging was on by default.
    5. Data was broken into columns automatically, did not require parsing a very long text string.
    6. Easily exported to Excel for further analysis

    I would like to see some of this implemented in UTM. Viewing…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  16. Logging: Anonymization of the original data

    The Anonymizationtool anonymized only the webreports not the original data (Livelog etc.)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  17. Use SUM as Log Server/Archive

    It would be very helpful if I could use a SUM Server as Remote Log File Archive. With this feature I could centralize all Logs of all my UMT's. A addon feature to search in e.g. Webfilter Logs of multiple UTM's at the same time would also be very nice!
    And if I do complex searches or log files are very big, the load will move away from productive UTM's.

    Thanks in advance,
    Pascal

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  18. remote syslog log selection

    When new logging types are released by Sophos (e.g. restd) they have to be manually enabled in Logging and Reporting > Remote Syslog Server > Remote Syslog Log Selection even if Select all was previously utilized. Instead, it would be great if Select all was persistent instead of a single-use toggle and those log types were then automatically sent to the remote syslog server upon update.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  19. Output option based on status cord

    We use HTTP proxy AD SSO. When AD SSO is used, httplog is filled with lots of status cord 407. We're pestered with increase of I/O caused by output of status cord 407.

    Because it's AD SSO, it's no doubt to request authentication. It's meaningless to output this in log intentionally. We don't want to output status code 407. So we propose addition of log output option by a status cord.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  20. ipv6 mail manager

    Make it possible to search for IPv6 in mail manager

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.