SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
1 vote
-
vpn
Please block Star VPN. It is connecting on the user machines and they can browse freely.
Thanks1 vote -
Please block Star VPN under Proxy VPN
Hi there,
Please add Star VPN under proxy VPN.
Thanks1 vote -
Disconnect SSL VPN User Sessions
If I have to disconnect SSL VPN User Sessions, it would be fine, when I have a button.
1 vote -
TLS 1.2+ support for User and Admin Portal
UTM doesn't support anything higher than TLS 1.1 For the User and Admin portals. This is a huge security fail for a security appliance.
1 vote -
Reflexion
How Do I setup a scheduled report?
I would like a daily report emailed to me of any deferred messages for any of our customers.
I would like a Monthly report emailed to me of the users for each customer.
I would like a monthly report emailed to me of the blocked messages for each customer. Preferably by threat level.
1 vote -
Native Windows 10 SSLVPN UWP VPN plug-in
Can we get a Windows 10 VPN plugin like the other vendors have done to allow SSLVPN over the standard Windows 10 VPN client.
This would solve all the deployment problems with the legacy client, No more saving passwords in text files, no more TAP adapters, no more messing with shortcuts to make the process transparent.
Here is an example of how easy deployment is with a plugin to the built in
Add-AppxPackage -Path "C:\VPN.Appx"
$xml = "<MobileConnect><Port>4433</Port></MobileConnect>"
$sourceXml=New-Object System.Xml.XmlDocument
$sourceXml.LoadXml($xml)
Add-VpnConnection -Name "Work Network" -ServerAddress https://vpn.work.com:4433 -PluginApplicationID SonicWall.MobileConnect_cw5n1h2txyewy -CustomConfiguration $sourceXml -RememberCredential $trueYou can even configure the VPN connection…
1 vote -
SPX Encryption and DKIM in Email Appliance
There is already a known issue (SEA-749) for this but when can expect a resolution for being able to DKIM sign SPX Encrypted emails in the Sophos Email Appliance?
1 vote -
How to find out active openvpn-connections, documentation for UTM9 API
I would like to find out wether users are connected via openvpn or not. With a single request:
https://my.utm9/api/status/openvpn/openvpn-officemunich
to get:
{
"connectionname": "openvpn-officemunich",
"active": false,
"laststarttime": "2019-12-30 08:00:00",
"lastendtime": "2019-12-30 08:14:03",
"historydescription": "only last 24 hours are saved",
"history": [{
"start_time": "2019-12-30 08:00:00",
"end_time": "2019-12-30 08:14:03",
},
{
"start_time": "2019-12-29 23:10:00",
"end_time": "2019-12-29 23:14:03",
}]
}It is a great idea to have an API for Sophos UTM9 and to publish documentation here:
https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.ashx
This documentation is from 9/2017 and I hope to find more substantial info in this document or…
1 vote -
Option for checking always emails with file attachment via the sand box /sandstorm
Option for checking always emails with file attachment via the sand box /sandstorm
2 votes -
Multiple vlan support on pppoe interface
I it possible to create support of multiple vlans on one pppoe interface? We do need it for our internet provider Telfort/KPN/XS4ALL. PFsense does support it, but Sophos UTM (software) does not.
Internet is on vlan 6
IPTV on vlan 4
Connection PPPOE1 vote -
Add mobile app "Toggle" to Application Control in UTM.
Please add the mobile application "Toggle" to the list of Streaming Media in Application Control in the UTM. Staff are misusing the bandwidth to watch dramas during office hours and neglecting their duties.
2 votes -
vdsl
UTM should be able to use untagged VLAN 1 for VDSL - PPoE, when using the Sophos VDSL SFP transceiver, There are a number of ISP that deliver their service on untagged VLAN 1.
1 vote -
Request for sandstorm scanning to support Optical disk image ISO, IMG, BIN. etc.
Hello Team,
We have customer here requesting for sandstorm scanning to support Optical disk image ISO, IMG, BIN. etc. under email appliance. For your assistance please.
Thank You.
2 votes -
DHCPv6 Prefix Delegation for Subrouters
The possibility to re-delegate a ISP-Prefix to Subrouters behind the Sophos UTM.
Scenario: The Sophos UTM is on the edge of the Network an gets a /48-Prefix. The UTM has to re-delegate a smaller Prefix to Subrouters via DHCPv6-Prefix-Delegation.
3 votes -
Request to have the attachment of the email to get filter under filter expression under email protection of UTM.
Hello Team,
We have customer here requesting to have the attachment of the email to get filter or get detected under filter expression under email protection of UTM. For your assistance please. Thank You
1 vote -
Request to add specific attachment type to be managed under MIME type filter under email protection of UTM
Hello Team,
We have customer here requesting to add the following specific attachment type to be managed under MIME type filter under email protection of UTM
ChristmasCard.doc
Christmas-Greeting-Card.doc
Christmas-wishes.doc
Christmas-Congratulation.docFor your assistance please. Thank You
1 vote -
Hotspot Roaming multiple Interfaces
Scenario: We are using multiple VLANs for a guest network. For example House A VLAN 10 and House B VLAN 20.
Both networks are using the same hotspot in the UTM.Problem: If a user roams from House A to B (same SSID, same Hotspot) he needs to accept the Terms of Use again.
First of all i though its a bug, but sophos support confirmed, that the acceptance is not central stored and you need to accept twice or more if you roam with the same device on a different network but in the same hotspot.
It would be…
1 vote -
ADD Infomaniak as DynDNS
We would like to add a NEW DynDNS Provider in the Sophos-SG Firewall and Firmware.
https://infomaniak.com/nic/updateNetwork Services / DNS / DynDNS -> Infomaniak
1 vote -
Pharming Protection: option to exclude URLs
Some applications like Snapchat or Zscaler use kind of "virtual URLs", which are not resolvable.
Even an online DNS lookup delivers no result.
So Web Filtering blocks the attempt of the Client, to check for or contact this URL with the error "Host not found"
See examples for this issue HERE: https://community.sophos.com/products/unified-threat-management/f/web-protection-web-filtering-application-visibility-control/46970/snapchat---host-not-found#pi2151=2&pi2353=1 and HERE: https://community.sophos.com/products/unified-threat-management/f/web-protection-web-filtering-application-visibility-control/116554/unresolved-urls-zscaler-are-blocked-in-web-filtering-with-host-not-found---exception-possible/421719#421719
At present Pharming Protection has to be completely disabled, to prevent the application from throwing errors.
I suggest the option to exclude URLs from the Pharming check, so it can remain active for all other URLs1 vote
- Don't see your idea?
