SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Check the DHCP server's 'Range' when creating a Host with Static IP

    When one clicks the [Make Static] button on the 'IPv4 Lease Table' tab, there should be a check that the IP to be used is outside the 'DHCP Range' listed. Prior to that button existing, we just used the regular Host definition process, but that's probably more difficult. Even then, a quick check to see if the assigned IP is in any DHCP range would seem to be easy. For example, I just got the following:

    secure:/root # cc get_objects dhcp server|grep \'range
    'range_end' => '172.16.31.110',
    'range_start' => '172.16.31.101',
    'range_end' => '192.168.66.254',
    'range_start' => '192.168.66.100',
    'range_end' => '10.100.100.63',
    'range_start' =>…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  2. Indicator for active connection in Multipath Rules screen

    Multi-path rules works nice but we don't see at the very moment which connection is used. Maybe "Skip rule on interface error" made the connection to switch to the another interface but we can't see it.
    Not sure if connection backs to normal after error rectified by itself or not.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  3. DNS Forward Only or Forward First Option

    Please add an option in Network Services>DNS>Forwarders to select forward only or forwared first using a check box. If the box is checked DNS forwarders use forward only. Unchecked returns to the default state of forward first. The check box actions would remain static regardless of updates/restarts. The check box options would effectively have the same function as changing the named.conf setting to forward only or forward first Thank you!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sort interfaces when configuring NAT

    Today when configuring NAT the dropdown with the existing interfaces is not sorted, each newly created interface is inserted somewhere into the list, you have to search for it manually. It would be helpful if these interfaces are sorted in an alphabetical order. Especially when many VLAN Interfaces are created there are quite many objects in the list.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  5. Capability to add iphone as additional interface under UTM

    Hello Team,

    We have customer here requesting to have capability to add iphone as additional interface under UTM. For your assistance please. Thank You.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  6. Standard ADSL Support on SFP+ Modem

    Standard ADSL Support on SFP+ Modem

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  7. DHCP option 150

    Hello Team,

    We have customer here, requesting to to have option to configure DHCP option 150 and 66 under Sophos UTM. For your assistance please. Thank You

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  8. NBN Telstra

    As yet there is no support for MPoA which is the required protocol for VDSL2 on the NBN network. With ADSL fading out this seems to be an essential feature

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  9. ADD DNSexit.com as dynDNS Provider

    ADD DNSexit.com as dynDNS Provider
    please add DNSexit.com as dynDNS Provider.
    because they can host top domain name(yourdomain.com) for free.
    or create own providers under dynDNS for any other profider.

    thanks!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow DHCPv6 Relay on a bridged client interface

    Apparently I am forced to use a switch for that.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  11. Re-Use Additional Address Objects for multiple interfaces, and on masquerade rules for "Uplink Interfaces"

    Currently we have a scenario where a customer owns a /24 range, which they announce over multiple BGP peerings with various telcos. Currently for redundancy over each link - it is required for each IP within the /24 that would be utilized to be made as an additional address for each individual VLAN WAN interface, as well as making a masquerade rule per downstream network range (site), per WAN interface (of which there are 4).
    This means we need to quadruple all additional address objects, and all masquerade rules, making one for each VLAN interface on the same physical interface…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  12. On Shell of UTM, display all the DHCP option including from number 77 to 255

    Hello Team,

    We have customer here requesting to to display all the DHCP option including from number 77 to 255 to the shell of the UTM. Currently will only display option numbers 1 to 76 but supports all 255 option objects. For your assistance please.

    Thank you.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  13. Exclude IP Range from Policy Routes

    The ability to exclude IP addresses from a policy route. An example would be a policy route that excludes local networks.

    Here is the scenario.
    - I have two internet WAN connections (WAN1, WAN2)
    - I have two internal LAN networks (LAN1, LAN2)
    - all 4 are on separate interfaces
    - WAN1 is the default gateway (no uplink balance)
    - LAN1 will use WAN1 for its internet access, the default gateway
    - LAN2 will use WAN2 for its internet access.
    - Both LAN1 and LAN2 will communicate.

    When using a policy route to direct traffic from LAN2 destined for Internet…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  14. ixgbe

    Update Intel ixgbe driver to a newer release to support more 10GE NICs

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  15. Please make the site to site vpn route metric/administrator distance configurable

    We normally put a site to site vpn as a backup tunnel for MPLS/PIP network. The current problem on UTM OS is the VPN tunnel routes always overwrite OSPF routes. so everything from the UTM box to a internal server, such as logging server TACACS+ server, monitoring, webadmin and so on, cannot work using internal routes. We can manipulate OSPF metrics but not the site to site VPN route in UTM. I saw some group discussions indicating other companies have the same issue. Wish this can be resolved and make the UTM works more efficient.. We have a lot of…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow network range object in Multipath rules

    This would be very useful. For example, you can allow all endpoints (DHCP range) out a failover interface (lets say a cellular WAN) but not off-site backup servers (would eat up to much bandwidth). Currently we would need to add individual hosts one by one but... really? Who wants to do that?! A range in this case would be much better...Please up-vote!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  17. DHCP Option 121

    Please add DHCP option 121 as a preconfigured DHCP option for pushing static routes over dhcp

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  18. private vlan

    Currently the Sophos UTM / XG do not support Private VLAN's. This is a major security feature that is being used more and more often especially in virtualised environments with VDI's, DMZ's or even sensitive / untrusted local equipment at an office campus.

    With the addition of private vlan you can prevent these devices from communication with eachother. However Sophos does need to support this feature. Currently the virtual variants do support it thanks to VMware but the hardware variants do not.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  19. Time base routing in Sophos UTM feature should be available.

    I request to you Customer requirement time base routing in Sophos UTM feature should be available.
    Please add this feature incoming firmware

    Sophos SG135

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add OSPF Interface Mode "passive".

    Add OSPF Interface Mode "passive". This is a Basic OSPF Interface feature which put the Interface Network into the OSPF but not usinf the Interface for route Distribution. There should be three modes "active,passive,disabled" .

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 14 15
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.