SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Create a UTM Azure Image

    Have UTM 9 ready to deploy as an Azure Image from the Azure marketplace.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Filter blank "To:" field

    Emails that have blank "To:" field should be filtered.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. SMTP Proxy Listen Interface - not include automaticaly additional addresses

    Since V9.6, the SMTP Proxy listen interface feature is reality. It would be nice if the configured listen interface not include automaticaly also the additional addresses of the selected interface. This is bad for security audits.

    Thank you very much.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Indicator for active connection in Multipath Rules screen

    Multi-path rules works nice but we don't see at the very moment which connection is used. Maybe "Skip rule on interface error" made the connection to switch to the another interface but we can't see it.
    Not sure if connection backs to normal after error rectified by itself or not.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  6. Alert email after reaching set B/W threshold Value

    I need alert email in case my Internet Bandwidth threshold reached for at least for 5 Minutes , So proactive actions can be taken , it is not possible to put your eyes every time at firewall bandwidth utilization , or raising escalation by customers

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Google secure LDAP client for user authentication

    Please implement Google secure LDAP client (with cert).
    We have to install a LDAP proxy like sTunnel to connect to Google secure LDAP for user authentication in UTM. This could be avoided.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Extension of the usage time for WLAN before a holiday in a week

    Hello, One way to automatically extend the usage time for Wi-Fi before a holiday in a week would be a great thing. On working days, the WLAN is set to 22 clock, on weekends until 24 clock. Please extend the possibility that the UTM can automatically be extended before local, regional holidays.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. 8822269 -

    Hi Team, I would like to have the ability to Export Network Usage between specific times. Unfortunately the Daily Network Usage graph is (now-24hours).I would like the ability to choose a specific day last week.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. Be able to to customize the Country blocking template

    It would be great to be able to customize the Country blocking template as with all other user facing pages.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. ssl vpn

    Problem:
    There's currently an existing bug (confirmed through support up to firmware v9.602) that causes the SSL VPN daemon to disconnect any users associated with a VPN Profile that has a DNS Host object in its networks.

    The UTM will check for updates on DNS hosts periodically (every 2-3 minutes) and any associated VPN Profile will perform rolling restarts on it's users.

    This only causes a few seconds of delay for end users as the clients usually connect without issue but it can be very disruptive.

    Suggestion:
    Have VPN Profiles only reconnect/restart only if a dynamic object (DNS Host or…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add options to reject or quarantine emails that fail or have invalid DKIM

    Currently, even if an email fails DKIM verification it is delivered. There should be, at the very least, an option to quarantine emails that aren't successfully verified. Also see https://community.sophos.com/products/unified-threat-management/f/mail-protection-smtp-pop3-antispam-and-antivirus/112950/dkim-verification/.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. da (P)FS bei TLS zwingend für Behörden laut BSI gefordert ist und ach bald im BSI-Grundschutz aufgeführt wird.

    Feature Request eine generelle Option in der GUI wird benötigt , damit nur Forward Secrecy fähige Ciphers verwenden werden können, damit auch andere TLS Versionen damit abgedeckt wären.

    Das Problem ist, das das BSI im April neue technische Maßnahmen für den IT-Grundschutz heraus gegeben hat.

    Darin wird für Web-Anwendungen nur noch TLS 1.2 und TLS 1.3 mit FS empfohlen.

    Der eingriff über CLI ist nicht gewünscht:
    ................................................
    /var/storage/chroot-reverseproxy/usr/apache/conf/reverseproxy.conf
    Finden Sie recht weit oben die Zeile :
    SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
    Das was hier eingetragen ist. wird vom Rev-Proxy angeboten.
    Änderungen hier und Folgeprobleme (Sitchwort Backportability alte Clients zu neuen Cipher suites) sind…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Unable to have ? character on Request Redirection

    When trying to add a parameter with a question mark on a URL to redirect to the following error occurs:

    "Please remove the following invalid characters in the target path: ?"

    Support have said this is a system limitation and it is a good candidate for a feature request.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. iview - NAT rule usage reporting

    Currently not available for reporting on the iView, we have a small number of NAT rules and would be great to have this usage report available under the reporting server.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Executive Reports (firewall) of top Ten should exclude packets that do not traverse the firewall

    Executive Reports of top Ten include packets which are dropped by the UTM. Since the goal of network admins is to detect unauthorized traffic which penetrates the firewall, Executive Reports which include dropped packets are a waste of time. For every item, the admin is forced to download the appropriate firewall log file and see of the IP address in question is included in the list of drops. This is a great waste of time. If you do not fix this, our company will be forced to find an alternative solution.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make IPFIX export port configurable

    As of 9.601-5 the UDP port for IPFIX flow export is hard coded at 4739. Please consider making this a configurable port number! We are trying to incorporate flow from UTM into an existing monitoring tool listening for flow data on a different port. My choice now is either no flow data at all from UTM, or reconfigure all our other devices and monitoring software to use the sophos hard coded port.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. reject

    Firmware version: 9.601-5

    unscannable / encrypted content and file Extension filtering is quarantine only unfortunately.
    Please add an option to bounce emails by file extension (e.g. bounce old office formats like .doc, .xls etc.) and to bounce unscannable / encrypted content.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow work space Facebook and block personal Facebook.

    Hi,

    Add this feature in Cyberom UTM to Allow work space Facebook and block personal Facebook.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add VPN Tunnel(s) to the SFM Device Monitor

    The Device monitor has:
    - Conn. to Central Mgmt
    - Gateway Status
    - Interface Status
    - RED Status

    First of all, none of our clients need RED, but almost all of them have S2S VPN. Can you add a way to pick what bits to monitor on the Device Monitor and allow me to decide what to display in the NOC?

    Thanks!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 179 180
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.