SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Disable Server Signature

    Can you please disable the Server Signature header on the Web Server Protection so that it shows NULL or anything else apart from "Apache".

    Although this is not a failure for PCI compliance, it does flag on the check and not showing closes a possible issue.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. UserPortal: Configurable Timeout Option

    The User Portal needs a configurable time out to log users out after a period of inactivity.

    Even with session cookies disabled the session will remain open for many, many hours unless the user chooses to manually log out.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Guest WLAN (Hotspot) - "DHCP Address Assignment Required" Option

    If guests change their IP adresses, it is not possible to track them in the logs. After a simple IP change, we have no possibility to connect an IP address to a MAC and then to a Voucher/Guest. So you can bypass the logging. This is an importion feature for guest wlan / hotspot feature!

    56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. RED: Restart tunnel instead of unit

    When the internet connection drops at the main site (UTM location) the RED restarts to get the tunnel up again. When (for some reason) the internet connection stays down at the main site all internet activities at the remote location are down due to continuous restarts of the RED. If the *** only tries to pick up the tunnel, the internet at the remote location can still be used.

    73 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  10 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Web Server Protection: Support for ActiveSync 14.1

    WAF doesn't support ActiveSync 14.1, i.e. after you install SP3 for Exchange 2010, you can't use use WAF to protect your ActiveSync Server anymore. This is poor.

    77 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  5 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. RED: Allow Branch Name to be Renamed

    I would like to be able to rename/change the description in the "Branch Name" field of the RED sites. I see that in the WebAdmin there doesn't seem to be a way.

    When we get an alert that "redXX is down" it would be really helpful to not have to dig up my notes on which site that actually is. This should be a standard feature.

    More detail about this are posted on the forum:
    http://www.astaro.org/other-products/remote-ethernet-device-red/47745-rename-red-branch-name.html

    53 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Networking: Forward Ping for Devices behind UTM

    In V8 it was possible to Ping Devices behind the UTM Device, in V9 it is Disabled and could not be Enabled with a Packet filter Rule.

    This function is useful for us and our Customer which has Devices behind the UTM in his own DMZ that should be monitored by Monitoring Systems etc.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →

    While already possible by disabling the built-in ICMP handlers and creating your own packet filter rules for explicitly allowing such traffic, we will review the operation of this behavior and if we can refine the GUI here.

  8. Networking: Control IPSec VPN Route Orders

    Please add Support for route based vpn so you can prefer the BGP route first followed by the IPSec route if your BGP route is not available.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  9. Application Control: Apply rules to Active Directory Users/Groups

    Astaro please include application control rules applicable to users group in AD. Very important to include.

    132 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Networking: Summarize DHCP Leases with a Total

    When the DHCP server is configured with a large scope - say a capability of a range of 200+ leases. then it can be very difficult to determine how many leases are currently active, especially when leases that have already expired are still shown in the table. One has to manually count the entries in the table. It would be wonderful if a counter was available at the top of the lease table showing the number of current active leases.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  5 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  11. WebAdmin: Sort controls for DHCP Lease table

    Would be great if you could sort the DHCP Leased IP table by Ascending/Descending order.

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  9 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Networking: Enhanced Link Aggregation (LAG) Modes Support

    Using the middleware (cc CLI) it is already possible to set link-aggregation to a different mode than the default mode 4 (802.3ad).
    We would appreciate to see all other modes becoming an official part of the Web GUI:
    - mode 0 (balance-rr)
    - mode 1 (active/backup)
    - mode 2 (balance-xor)
    - mode 3 (balance-broadcast)
    - mode 5 (balance-tlb)
    - mode 6 (balance-alb)

    69 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  13. Reporting: Extend Application Control reporting

    Would like to see more detailed reporting in the application control feature. It would be great if you could navigate around and click for info, save, and schedule reports like you can with the Web Reporting which is great.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. Networking: Wildcard Hostnames for DNS Group Definitions

    being able to specify a 'root' domain name, or pattern, as a network definition, that could then be used in a traffic selector for bandwidth shaping, would help greatly. content delivery networks use hundreds of hostnames, but usually stick with one 'root', example: 'something.nflximg.com' or 'something.llnwd.net' by specifying something like "*.llnwd.net' as the source, we could then limit the traffic as desired.

    130 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  32 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  15. RED: DSL/VDSL (PPPOE) Support

    RED should be able to do DSL/VDSL (PPPOE), as this way it can be used with an ISP which is very common worldwide in requiring authentication against their modem.

    242 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    33 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
    Under Review  ·  Martin Becker responded

    After a careful review we decided to not include this feature in UTM 9.2. We are now considering it for the next feature release whose launch date has not been decided upon yet.

  16. WebAdmin: Add Comments to Backup File Name

    I'd like to automatically add the comments to backup filename. Everytime I create a backup I add them manually, copying the comments inserted in webadmin. It is useful if you have to fastly find a particular backupped configuration. IE:

    devicename_8.103_2011-08-25_09-29-before changing admin password.abf

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Networking: Time-Based quality of service rules

    Add option for Time-Based QOS rules, Where we can assign time and Bandwidth to a Network.

    96 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  23 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  18. Networking: HA/Clustering for Amazon Cloud

    The ability to operate a pair of UTM software appliances in a VPC, in different AWS availability zones, configured as HA/clustered pair.

    This feature is critical in providing a truly HA VPC solution. I have the need to operate a very highly available VPN endpoint for multiple healthcare providers and this one deficient is preventing us from moving forward with the excellent UTM software appliances.

    (Amazon has a white paper outlining how to make the default NAT instance highly available using two NAT instances and a script that detaches and reattaches the virtual interface and MAC to the standby instance.)

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  19. UserPortal: Mobile-friendly UserPortal

    I'd like to see initially the User Portal designed to support Mobile Devices, using the correct temrinology, would be to have a propper 'mobile site'.

    Scrolling around the user portal on an iPhone or Android phone is very hard and usually required scrolling, pinching, etc to get things done.

    A mobile site would make navigation easier.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Reporting: Offer Web Departmental reports with Usernames, Sites, Traffic and Duration

    Whilst you can create Departmental reports, containing the Sites, Traffic, %, Pages, Duration and Requests, it doesn't include the Username of the user. It would be really useful if you could create Departmental reports showing all of this information,sorted by usage and include the username, so that a Department Head can see the usage of all his/her employees, in a single report, rather than having a seperate report for each user. It would also be good if it could include the option to have a date/timestamp entries as well.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.