SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SSLVPN: Upgrade to latest OpenVPN

    Implement the latest OpenVPN build in our SSL offering.. The latest version of OpenVPN allows for support of Vista64, along with giving us the chance to add options like saving names and passwords, auto starting the client etc..(some is already possible but requires the ovpn build to have a flag switch set, so if we rebuild might as well have vista64 support as well via this new version)

    35 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  2. Definitions: Group in group support for objects

    Allow the creation of groups inside other groups as having it in ASG V6. These kind of nested groups must be expanded by mdw. we have to make sure that customers use it wisely and do not create 50.000 packet filter rules accidentally. The feature should thus allow for some sort of pre-counter, whereby if the user creates a packetfilter rule using groups, the logic should alert them that as a result of what they do, the results will be 200 (eg) rules created to the table. This logic should also be applied to some sort of fixed size, perhaps…

    31 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Make Time Events Span Midnight

    The way it is now it is more complicated than it needs to be when specifying rules based on time events that span midnight. For instance, if I want to control weekday usage, I need to make a rule for Monday through Friday, say, 22:00 to 24:00, then another rule for Tuesday through Saturday 0:00 through 5:00. Maybe allowing me to specify 22:00 to 29:00, or something. I'm not sure how to implement it, but I think it could be much "smarter" about spanning midnight.

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Customizable Category Buckets for Manual URL's

    It is a good idea to have the option to create a custom subcategory in web proxy content filtering feature. There are times when the existing subcategories are too broad define granular policies and the existing "Always" block/allow wont do any good.

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Web Protection: Policy testing tool

    Provide a tool whereby an Admin can supply an IP, username, URL, and time period, which then gives back the matching profile name/number/details and result (blocked or allowed, and why).. Allows administrators to test their profile configuration easily without having to do manual testing by users at their workstations, constantly logging in and out etc...just streamlines the whole process for deployment and troubleshooting.

    27 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. WebSecurity: Captive Portal for Authentication

    Provide a portal-style page where the client can authenticate (vs the popup box) which allows for customers to post a disclaimer, instructions, and other information.. Makes the usage of an authenticated proxy easier and allows for posting of rules, AUP's, legal information etc...which must be first accepted before surfing can commence.

    26 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Gert Hansen responded

    This request has been implemented and is included in the 7.500 beta version released today. we are very interested in your feedback. Please check it out and post your feedback at http://www.astaro.org

  7. Up2Date: Automatically create backup before installing

    As part of the Up2Date process, create a backup automatically when installing any system up2date.. Eases reinstallation if needed, and otherwise provides protection if the up2date process does not go smoothly as planned.

    23 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Button to flush DNS cache

    Add the ability to flush the DNS cache of the Astaro DNS proxy.. Allows customers to manually flush the cache vs waiting for the timeouts when such changes are needing to be populated to the users immediately or in certain circumstances.

    21 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Gert Hansen responded

    We have added a button to the DNS configuration page to flush the dns cache of the ASG. This feature is available it the 7.500 beta version released today. Please check it out.

  9. Authentication: Remote Group Membership for Remote Access and Packetfilter

    Be able to use eDirectory and Active Directory groups inside the remote access and inside the packetfilter ruleset. This requires the AUA process to add the authenticated ip address of a user to the matching groups he is part of. Customers can use remote authentication and remote group management in every area of the product. This way the config of the ASG must not be modified if a new user gets added to the eDir or AD and therefore reduced the configuration overhead.

    21 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Gert Hansen responded

    HI folks, this has already been added to V7.300. Not sure how it ended up here :). thx Gert

  10. WebAdmin: Add Group Support to NAT rules

    Allow the usage of groups in more available areas, such as in Static, Policy rooutes, so that anyplace a definition can be specified and it makes technical sense, groups will be allowed as well.. Further integrates groups and reduces the amount of configuration an administrator must do by allowing us to extrapolate many things from a single group.

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    This has been completed in ASG V8. Groups can now be used in NAT rules, Routing, and other areas where it is technically possible to do so.

  11. WebAdmin: VPN Tunnel Display Enhancement

    Improve the VPN tunnel overview to allow for better management of multiple tunnels without overcrowding the display.

    22 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. Network Security: Trackable NAT Rules Effectiveness

    Add a hit counter by logging the NAT connections, so that customers can determine how effective their NAT rules are as implemented. Useful if they have a nat rule never being used after looking at the activity, esp for troubleshooting.. Allows easier troubleshooting and correct configuration of NAT rules by offering the ability to review them and how active they are.

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Gert Hansen responded

    We have now implemented a ‘log’-flag to the NAT rules. Enabled, the first packet of the connection will be logged, showing that this particular nat rule has been matched, this has been added to the 7.500, check out the beta now.

  13. Installation: Extend installer to support more than 4GB RAM

    As RAM is getting cheeper and cheeper customers want to use more RAM, therefore we need to extend the installer to automatically install the 'big-smp' kernel if 4GB or more RAM has been detected in the software version.. support bigger machines, higher scalability

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
  14. WebAdmin: Import / Export support for List Box Widget

    Currently it is only possible to add single string entries into these widgets, adding 20 or even more entries is time consuming. Therefore we need to extend the widget to have an additional import/export/change functionality. Possible would be that the while data will be displayed in a single 'textarea' field where customers can cut'n'paste stuff in and out. We had a similar functionality in V6 in the black- and whitelist.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Gert Hansen responded

    we have now added two icons right besides the ‘plus’ icon to import and export the list entries from the list box widget into the 7.500 release which has been gone to beta today, please check it out and give feedback at http://www.astaro.org

  15. Allow Backend Authentication through user protal

    Instead of forcing people to authenticate to create the account through relay. Allow users to be automatically created when logging into to the user portal. That way instead of assigning each user to the user portal you can assign a group (backend auth users).

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. senderbase scoring

    Allow for senderbase scoring profiling for trusted senders. This way you can turn spam down even more! It's a must have!

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Configurable WebAdmin Shortcut Keys

    Provide the ability for admins to specify the shortcut key combinations to be used, vs the previously hard-coded ctrl+ keys.. Allows avoiding conflicts with existing key shortcuts on a user system, (like copy/paste).

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Gert Hansen responded

    This request has been implemented. You will find a new tab called ‘user preferences’ under WebAdmin Settings where you can change the shortcuts to your prefered one. This feature is included in the 7.500 beta version released today. Please check it out and post your feedback at http://www.astaro.org

  18. Mail Security: Ability to Whitelist / Pass Unscannable Messages

    I have some senders that often send password encrypted zips, that get quarantined because they are unscannable. I have had to create a white list that excludes antivirus completley for this sender to avoid them being quarantined, when what I actually want is the facility to still run it through the antivirus engine and pass it on with a warning if it could not be scanned.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    Hi, we have added unscannable content handling, you will find the option under the av scanning options in mail security —> SMTP.

  19. Web Security: Block Anonymous Proxies

    Some users will use services such as anomizer, hidemyass, etc to bypass web restrictions. Creating a category of sites that provide these services would make it easier to prevent users from "bending" the rules.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Configurable DHCP Lease Time

    Allow admins to configure the built-in ASG's DHCP server lease time.. Gives astaro a commonly asked for feature which makes the DHCP server more viable to use vs. an outside server with its extra functionality.

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.