In the pop-up legend for charts in "Logging & Reporting -> Hardware" when scrolling to see exact values on the graph at a point in time should have the order to match the catagory in the chart. This is shown and described in the top image in the attached file. The second image also shows the order should be change so the "log" is on the bottom. Changing the order will also make it clear which line in graph matches what item being plotted.

Both charts show that the color code for items in the legend do not match the color for the item. The ball indicating the position is green. It would be easier to see if the color of the usage matched the color of the item and not the ball.

Hi @ all

I notice that the Report in PDF-Format are not quiet the same as the HTML Format.
I opened a case, it is this one:

This is regarding your service request number 9320931.

Thank you for your patience.

I have discussed this internally and it seems this is an architecture/limitation from the firewall. If you believe that this feature should be available on the UTM for the better improvement then we would request you to raise a feature request on the link https://ideas.sophos.com/ and this feature would be introduced in our next updates.

Please contact us for any further assistance.

Regards,

Romik Gupta
Sophos Technical Support

So i opened an Idea.
I think if someone makes only PDF Reports they did any Information for the Viruses.

Bye
Timm

could it implemented, that the utm can be monitored by snmp - in all variants of working, activated modules by snmp or api.

it is in this century not possible to monitoring deeper details of the utm. basically, there are any point s reachable - but it makes not the needings of an working utm with reds, vpns and else without any deeper investigations.

Of course, be a partnership with paessler, like it was made by other software creators.
So, it could be set as a given sensor in the PRTG gui, supported from Sophos / Paessler - it will spare many hours of work.

For an industrial remote connection, we need restrictive configuration options. with a UTM firewall, we would have to be able to interrupt remote access from the firewall. It would be great if each dialed connection could be disconnected after a certain time, as an example of an hour. with increasing internet attacks, we unfortunately have to pay more and more attention to possible entry gates.
Will it be possible to find such a feature in Sophos firewalls in the near future? Especially for our purposes, with the SG115 UTM. At best a script that would install this feature?

Translated with www.DeepL.com/Translator

As far as I can see, there are no checksums provided for firmware downloads for Cyberoam UTM devices. Providing hashes using a known strong algorithm (e.g. SHA256) is standard practice, and is especially important for firmware upgrades for critical security infrastructure. This is trivial to implement and it would be nice to have a link to hashes added in the notification banner for firmware upgrades. Bonus points for signing it with a GPG key.

It's possible that these are available, but they should be more apparent and be located in the same place as the firmware file or with the release notes.

As far as I can see, there are no checksums provided for firmware downloads for Cyberoam UTM devices. Providing hashes using a known strong algorithm (e.g. SHA256) is standard practice, and is especially important for firmware upgrades for critical security infrastructure. This is trivial to implement and it would be nice to have a link to hashes added in the notification banner for firmware upgrades. Bonus points for signing it with a GPG key.

It's possible that these are available, but they should be more apparent and be located in the same place as the firmware file or with the release notes.

We recently migrated our AWS VPN's from their 'Classic' to their 'New' style. We had major issues with this (and not a lot of documentation from either Sophos or AWS on what the issue could be).
AFter having 4 Sophos engineers look into the problem, it turns out that the new AWS VPN uses NAT-T which was being caught by the UDP flood protection, as it's between two 169.x.x.x IP's at either end of the tunnel.

Since importing an AWS VPN config is supposed to be largely 'hands off', creating all the BGP and VPN settings in the background, it would also be good if it could automatically create a NAT-T exception in UDP flood protection.

I believe this will help avoid a future headache for someone else who's following the Sophos documentation to 'just load the config file and import it, job done'.