It's clear, that master/s.l.a.v.e as terminology is negatively predestined. The role could be renamed to something like primary/secondary or maybe also just active/standby?

Please implement the possibility to change the Certificate Subject Name, for the certificate which is delivered to the clients, when doing SSL-Scanning.

The Certificate Subject Name is currently the IP address of the requested URL. Unfortunately, a lot of linux systems have a problem, if the Certificate Subject Name is the IP and not the FQDN of the requested URL.

Could you please change or implement this?

Some systems no longer support legacy boot options. UEFI is a necessity for these systems. I am unable to install Sophos UTM as a result of not having it be UEFI compliant.

I got problems with sending EMails via my Sophos UTM firewall to specific EMail addresses. The EMail delivery in general works, i got only problems with specific Email addresses. Therefore, an EMail testing feature via web interface (with verbose output) would be great!

Hi Sophos,

We recognized that our product is using insecure key-exchange "diffie-hellman-group1-sha1". "diffie-hellman-group1-sha1 is used only has a size of 1024 bits. This size is considered weak and within the theoretical range of the so-called Logjam attack.

We would like to remove diffie-hellman-group1-sha1 in ssh service/port-22,

Please kindly provide a step or your action to remove it.

Some news about that?

https://ideas.sophos.com/forums/17359-sg-utm/suggestions/1217421-red-dsl-vdsl-pppoe-support

We have a list of file extensions that we block for mail exchange.
But we want to allow our users to unblock only specific file extensions like doc or docx in the quarantine portal.
The extensions like .exe or .bat etc. must remain forbidden
At the moment in the quarantine release options it's only possible to allow/disallow every file extension.

Good Morning, Good afternoon and good evening to everyone out there....

I would like to get a vpn software as I hope to travel to China in December and would like to be able to access google maps when I'm over there as last time I travelled it was barred. Can anyone recommend any good VPN software to purchase or download ? I already read many reviews on websites like https://www.techlectual.com

thanks

When publishing websites that has large request headers the WAF dismisses the request with "Size of a request header field exceeds server limit".

This is a major issue when publishing ADFS and other authentication mechanisms that use claims/tokens and sometimes they exceed the default value of 8K.

Please make firmware changes so that this value can be changed through the UI. optimally as a pr. virtual web server setting.

Support MS Authenticator App for OTP so customers with Office365/MS365 only need 1 authenticator app on their device

Would be nice to have a description option for the accesspoint in the wireless protection.

I've 3 AP connect to a UTM, i would reboot them but not manually with the aweetool, with a schedule task (crontab, rc.local, shutdown -d [time] ecc..., at the moment do this isn't possible..

This "feature" is very important for a correct connectivity ofthe AP, because
every one/two/three months you are forced to restart them manually.
The awetool is useful but yu need to connect to UTM by ssh, start the tool, find the AP and reboot it MANUALLY.
Give the possibility to create a crontab for do this wil be very very useful, we'll apreciate it.
thanks

To improve team communications by removing perceived discriminatory language.

Hello,

I'm using SSLVPN and am getting "Bad compression error" as mentioned in below post:
https://community.sophos.com/products/xg-firewall/f/vpn/100669/ssl-vpn-bad-compression-stub-decompression-header-byte-102

Downgrading OpenVPN client to version 2.3.10 solves this issue.

As discussed with Sophos Escalations Team, raising a request here to upgrade OpenVPN server of Sophos to make it compatible with newer versions of OpenVPN client.

Ubuntu 18.04 onwards ships with newer version of OpenVPN client and its older versions are no longer supported on Ubuntu 18.04 onwards. Hence, it would great if this can be done at the earliest.

Its Zubair, I am a WordPress developer, and I am finishing the project for my client. My client is very conscious about security and privacy, So I have taken all the precautions while developing a website. I have followed this guide: https://codup.co/wordpress-security-guide If anything is missing in this guide and if something is important, then please let me know.

Thanks in advance

new DHCP Option code:

Option Name: 200 H323 Gatekeeper
Vendor: Innovaphone

Thanks

It will be nice, if there is a button for downloading the extern S/MIME Certificates from Email Protection > Encryption > S/MIME Certificate.

FastestVPN was formed in the Cayman Island in 2017 and instantly became a success, their renowned features made them the best VPN for Android users, and their formidable security protocols, also named them as the best VPN for IOS users as well!
https://fastestvpn.com/download/android-vpn