SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. reject

    Firmware version: 9.601-5

    unscannable / encrypted content and file Extension filtering is quarantine only unfortunately.
    Please add an option to bounce emails by file extension (e.g. bounce old office formats like .doc, .xls etc.) and to bounce unscannable / encrypted content.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow work space Facebook and block personal Facebook.

    Hi,

    Add this feature in Cyberom UTM to Allow work space Facebook and block personal Facebook.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add VPN Tunnel(s) to the SFM Device Monitor

    The Device monitor has:
    - Conn. to Central Mgmt
    - Gateway Status
    - Interface Status
    - RED Status

    First of all, none of our clients need RED, but almost all of them have S2S VPN. Can you add a way to pick what bits to monitor on the Device Monitor and allow me to decide what to display in the NOC?

    Thanks!

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Self-service VPN password/QR code reset

    We have a large number of VPN users and not a day goes by when I don't get an email from a user claiming they got a new phone and need a new QR code and also they forgot their password so could I just go ahead and reset their account for them? Life would be simpler if there was a Forgot Password option where it would send them a password reset link. The process would also delete their OTP Tokens so they would get a new QR code after resetting their password.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. http log

    In order to facilitate analysis by our CASB of traffic and traffic amounts to and from shadow IT, please provide the number of bytes up & down information in the SG proxy logfiles (like already done by XG as “sent_bytes=*** recv_bytes=xxxxxx).

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. DNS Forward Only or Forward First Option

    Please add an option in Network Services>DNS>Forwarders to select forward only or forwared first using a check box. If the box is checked DNS forwarders use forward only. Unchecked returns to the default state of forward first. The check box actions would remain static regardless of updates/restarts. The check box options would effectively have the same function as changing the named.conf settind to forward only or forward first Thank you!

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  7. Is there any way to fetch Sophos UTM WAF logs in third party log monitoring tool?

    No proper categorization of logs in WAF when configured in monitor mode, we are chasing since more than two months to get fetched the logs of WAF in any third party tool (SysLog/SIEM) for the monitoring and rule setting purpose, but we couldn't get proper support from vendor as well as Sophos technical team.

    Earlier we tried with Sophos iVew tool as per the vendor suggestion, the tools is specially developed for Sophos UTM but it works for specific features(reporting) only, not for log monitoring and WAF log fetching.

    Can you please assist in this regards, is there any way…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. wireless filter

    Wireless MAC Filter/Nametag

    it would be good, if we could tag a MAC-Adress with a Name. So we can identify which Hardware is bounded with that MAC-Adress.

    Best regards
    Dmitri

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Assign static IP address to VPN SSL clients

    It would be extremely useful to add the possibility to assign a static IP address to clients connecting with VPN SSL. It works with IPsec and L2TP but not with SSL. With a static IP address for each user, we would be able to allow them a specific acces to internal ressources. Thanks.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  10. Uplink Balancing & NAT Masq

    Problem: You may create NAT Masq rules for your ISP and segment off portions of your network to specific addresses under Network Protection > NAT. If you obtain a secondary ISP and turn on uplink balancing under Interfaces & Routing > Uplink Balancing, your NAT MASQ rules change to uplink interfaces. The NAT MASQ rules only MASQ the primary interface. The current interface doesn't allow for changing to multiple interfaces.

    Solution: Allow uplink balancing to be used and allow multiple interfaces to be configured under the MASQ ruleset so that traffic may use either configured interface to NAT MASQ.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow us to enable Firewall and NAT rules from within the Edit rule

    By default you don't enable the rules yet you don't have the option to enable the rule when you create it... ! Please add this option at the bottom so we don't have to remember to click the rule on after we create the rule we obviously want on.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Force TLS on specific email adresses

    Multiple customers have asked if it's possible that they have a single internal mailbox that requires/forces TLS, so that it denies emails if the recipient doesn't support TLS.
    There's already the option for entire domains, but they only want a specific account for the purpose of "secure emails".

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. waf reverse authentication multiple domains

    waf reverse authentication multiple domains

    Currrently you can only use reverse authentication to a single domain with a prefix. If you have multiple domains you cannot set the prefix to none. In doing so the waf adds an extra backslash example login as feg\davis ends up with feg\\davis which gets a Denied in the live log and you cannot login get rid of second backslash in reverse authentication

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Web Proxy Fail Open for Ranged Data

    The web proxy, before 9.6, failed open for chunked data that was missing or had a misconfigured data-range header, and the data wouldn't be scanned. The old behavior created a DoS in some circumstances where the proxy would continually try to retrieve the data from the server, filling the pipe - I've had this happen to me. The behavior now is fail-closed where the connection is reset, and data is not allowed to flow. This new behavior creates an administrative overhead that is unacceptable to many small IT departments. I manage several firewalls, and in three years I've encountered one…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. RAMCO

    hi, can you please add RAMCO on the application list at the application control? we need to filter it in our company. thank you

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. Encryption Add-in for Outlook - show confirmation when an email is encrypted

    Change "Encrypt" button in outlook to show when an email is encrypted. Currently it does not give any confirmation when the "Encrypt" button is clicked!

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. spam list information

    I wish to get more information about which RBL or SPAM list has given a positive to tell the senders why they have been rejected.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to whitelist interfaces from strict TCP session handling

    A customer needs to block spoofed ACK packets on their WAN interfaces in order to pass security policies. In order to do this, they need to enable strict TCP session handling so they can avoid TCP session pickup. This works, however, it's global and causes problems for one of their applications on the LAN side.
    By allowing a whitelist of interfaces to allow TCP session pickup, the customer can meet security requirements without disturbing their application.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Citrix thin client user authentication(multiple user access the same ip)

    we couldn't authenticate citrix thin client machines in sophos utm

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Sort interfaces when configuring NAT

    Today when configuring NAT the dropdown with the existing interfaces is not sorted, each newly created interface is inserted somewhere into the list, you have to search for it manually. It would be helpful if these interfaces are sorted in an alphabetical order. Especially when many VLAN Interfaces are created there are quite many objects in the list.

    7 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 178 179
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.