SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
Monitoring: Add Zabbix / Nagios client
A lot of us (at least with bigger environments) are using systems like Zabbix or Nagios to monitor their stuff.
An direct integration of the clients into Astaro would it make a lot easier to integrate the Astaro boxes into it. SNMP alone does not provide a lot of values which are interesting to monitor. Like:
- Packet filter violations
- IPS stats
- VPN Users online
- and much more284 votes -
Management: Enable UPS sharing
It should be possible to make the UTM the UPS master and other servers obtain notifications from UTM or UTM becomes a client of another UPS server offering informations.
189 votes -
User Portal: Using nested Active Directory Groups in allowed users
In the End User Portal I'm able to specify allowed users/ groups.
Therefor I'm able to define a group based on a Active Directory group, limited to backend group membership.
Now the limitation:
The User Portal only accepts AD Groups which are directy related to AD-Users. The use of nested AD groups (Users --> AD-Group1 --> AD-Group2) are accepted by User Portal, but without any action.A needful enhancement would be the functionality of nested AD Groups, using in User Portal
93 votesContrary to what was previously noted, nested group support does not yet extend to support the user portal. Sincere apologies for any confusion.
-
add internet speed test to support tools
Add an internet speed test (using something like speedtest-cli or a nagios check_speedtest-cli) to the management interface support tools. This check should bypass DPI, IPS/IDS, AV, etc. so users can tune the security services for optimal protection and speed. This could also be used as a reference when setting up QoS or even as variables in QoS settings as internet traffic speeds often are increased without user knowledge and the current QoS bandwidth settings are static. Periodically check internet speeds and report in the network graphics and executive reports.
68 votes -
Backup: Partial Backup/Restore
Allow a user to create and restore backup files that contain only parts of the configuration.. users would be able to selectivly make use of various parts of the configuration in other firewalls, allowing for easier rollout of multi-site locations. As well, they can restore only parts of a backup file that are required, thus allowing for faster recovery and without affecting all areas of the box.
68 votesThis feature was implemented in XG Firewall
-
Microsoft Operations Manager Management Pack
It would be fantastic if you could provide a Management Pack for Microsoft Operations Manager (currently Version 2012 R2) to centrally monitor UTM appliances and other Sophos products. Dashboard, Alerts (DoS, Portscans, etc.), State of components (Webfilter, VPNs, etc.), Capacity Management (Load, Usage), etc.
43 votes -
make Sophos Endpoint updates by WebCID possible over HTTPS
Please make it possible to use HTTPS for WebCID updates of the product Sophos Endpoint Protection. Now only HTTP is possible, this is undesirable because authentication details (credentials) are being sent over the internet in plain text.
43 votes -
Monitoring: add support for N-able
Many MSPs use N-able for monitoring and management. Add integration to allow UTMs and SUM to have status and alerts visible in N-able
39 votes -
WebAdmin: Add Speedtest.net support for Bandwidth Testing
It would be a big help if TOOLS - had the option to select an interface then point to www.speedtest.net or a few user selectable speedtest sites and be able to run Download & Upload speeds.
This would work especially on USB modem cards.Nothing worse than having managers ask if their network is slow or the provider.
39 votes -
Real time bandwidth usage for firewall rules
Add a method to check the real time bandwidth usage for firewall rules.
So users can distinguish which rule uses the most bandwidth and set the proper QoS for it.
37 votes -
WebAdmin: Custom Administration Roles
Expand granularity of WebAdmin roles. Current access gives an "Office Manager" too much control across too many areas under each "manager" or "auditor" level term. We have the need to let one person Release Spam and add URLs to control office traffic
It would be nice if there was a list of available areas and operations with the ability for us to make a role composed of our selections.
36 votes -
Management: Archive backups like logs
UTM only supports automatic backups sent by email or to a UTM Manager repository.
It would be great to export them via SCP, FTP, Network Share like log files can.31 votesThis feature was implemented in XG Firewall
-
29 votes
-
get more hold music for Sophos USA tech support.
Add additional songs/variety to the "hold" music rotation for the Sophos USA technical support number.
25 votes -
Management: Auto-Populate Networking Definitions via Scan
By scanning the local IP-space of connected/configured internal (non-gateway) interfaces, discovered IPs should be auto-added to the definitions list using their hostname as the title (if available) otherwise just fill in the IP for both the address and the name.
This saves admins having to define their objects from scratch, and they can always delete the object definitions they don't want/plan to use. This should be done either automatically, as part of the wizard, or on request.
24 votes -
Management: Backup/Export mail quarantine, reports, database and logs to USB Hard Disk / Flash Drive
Backup or export the quarantine folders and other data not included in the backup files on the UTM. For example a mail being held in quarantine could be extremely important. If a device fails that data would be lost. Allowing external storage even just to a single restorable backup file would be a big selling point
20 votes -
WebAdmin: Configuration Changes Commit/Rollback Support
Hi,
If should be great to save an history of the configuration each time an administrator save something and maybe create a restore point to rollback to the initial configuration if something does not work after some modifications.
Thanks,
17 votes -
In SUM, include the capacuty to configure SANDSTORM
In SUM, include the capacuty to configure SANDSTORM
16 votes -
Save Button for Changes
Changes in the GUI shouldn't be active immediately. There must be a save button to activate changes. It is very important to prevent mistakes and you can change several setting and activate all at the same time to not lose the connection.
15 votes -
WAN Failover Firewall Rules
We would like to see the ability to create firewall rules that take over if the primary WAN connection fails over to a secondary WAN connection. This would be useful for businesses like ours who has a nice primary connection but a significantly smaller backup connection. For example we let the employees stream media during normal operations however with many streaming if it fails over to the backup WAN connection it causes a huge bottleneck for us.
14 votes
- Don't see your idea?