SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Remove UTM SSO reliance on insecure SMB 1.0

    We disabled SMB 1.0 on our domain for security reasons, and the UTM SSO stopped working.

    Apparently the UTM relies on SMB 1.0 and plain text for SSO!

    This needs fixing ASAP and support for SMB 2+ enabling.

    101 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  13 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Let's Encrypt Integration

    It would be very nice if Let's Encrypt CA start with public certificates (letsencrypt.org), that we can get certs throug the UTM Gui. So that the "Let's Encrypt Client" is integrated in the UTM. Would it be possible?
    Best Regards

    1,644 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  296 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Use Perfect Forward Secrecy for SMTP Proxy

    Use PFS for SMTP Proxy, now it still supports RC4 which is a very weak Cipher.

    51 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    15 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. utm9400_manual - German - mistake

    Sophos UTM
    Administration Guide (german version)

    Sophos UTM
    Administratorhandbuch
    Produktversion: 9.400
    Erstellungsdatum: Donnerstag, 28. April 2016

    Page: 47-63
    There are no symbols in the tabels.

    Page: 64
    Bild 7 WebAdmin : Ziehen eines Objekts aus der Objektliste Networks
    There is no image.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Name field for Firewall Rules

    Being able to assign a firewall rule a name that can be tracked through the life of the rule is a great tool to help manage your firewall. If the name also shows up in the logs especially live log it is incredibly useful

    You don't need to try and track a rule by a number that keeps changing as rules are added or deleted, simply track the rule name.

    This feature is available in other UTM and firewall products. From someone who's used the feature for many year it is definitely something I miss in the UTM

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Webserver Protection: Redirect HTTP to HTTPS

    One of the most important problems of the website users is, when they want to open the page that is HTTPS, they forget to type HTTPS at the beginning of the address and the request is sent via HTTP. Therefore they can not view the page successfully. If the "URL redirection" feature will provided on Sophos UTM or WAF it is possible to automatically redirect all HTTP requests to HTTPS before the request reaches to the real web server. This will solve the problem of the website users.

    132 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    20 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. fix the issue with IE9 and IE10 crashing when UTM Web Filtering is set to transparent and HTTPS is set to URL filtering only

    Fix the issue with IE9 and IE10 crashing when UTM Web Filtering is set to transparent and HTTPS is set to URL filtering only.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Chance,

    Thanks for sharing on our feature site. To be clear, the issue with IE crashing is caused by a fault in IE, and not in UTM9/10. Sophos cannot address the issue directly. However, we did release a patch in version 9.314 and later, which changes the timings of the delivery of error pages. This patch does not solve the problem, but it almost completely avoids the problem crashes. Please make sure you are running a current firmware version, or make sure your users are using at least IE11.

  8. Allow more IP's on Home/Free UTM

    with all the connected devices its becoming very easy to hit the 50 IP limit on a home edition license. Throw in a few lab servers and you are almost guaranteed to.

    Any chance this can be increased? I see a few years ago this was done.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Work on Stability, Reliability and Security

    (Please admin, don't mark as already possible before clarifying!)

    As mentioned earlier, it would be good to have code worked on to be stabilised. (No, 9.2 is not so stable, please check the forums, the latest 9.210-10 around for about a month is famous for being bad).

    What we, the users, would like, is for work to be done on stabilising the firmware, rather than added features.

    Sophos is GREAT, but it is very very unreliable. It needs to be restarted every month or 2.

    68 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for everyone’s votes and feedback on this feature. Sophos is taking steps to improve the quality/stability of software produced, and how this is delivered will take several forms, and isn’t something we can explicitly ever say “done” or “complete”, as this is an ongoing process that must be revisited with every new version. -nevertheless, I am marking this particular request as “complete”.

    This is not a proclamation of perfection, but an administrative decision to acknowledge the contributors to this request, and confirm that Sophos has, and continues to take many positive steps in the name of quality, and you can expect positive trends moving forward, in stability, reliability, and security – but also that this is not truly a feature request in the proper style of this site. As we have heard this request, and are making changes in the correct direction to address the concerns of this request,…

  10. Fix UTM Licensing To Expire IPv6 Temporary Addresses Faster

    Fix UTM licensing to "age out" faster the many IPv6 "temporary addresses" that are created by most devices (running Windows, Mac OS X, iOS, Android, Linux). As an example, I have 12 devices connected to my network, but because I run in an IPv4/IPv6 environment, UTM is currently counting 113 IP addresses and sending me daily warnings that I have exceeded my license count and no new devices can be added to the network.

    In the forum post linked below I have gone into greater detail, but the issue essentially is that in 2014 almost every IPv6-capable device is generating…

    57 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. licensing per core for VM/Software

    Hello,
    I didn't know in which category to put this and ended up with Operating System. It would be nice if UTM is licensed per core for VM or Software so it easier to compete with vendors like Fortinet. This is particulary interesting in VM worlds.

    Having upgrade path to buy additional quotes is also something what should be considered.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
  12. 21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  13. SPX

    Now that UTM 9.2 supports outgoing SPX email encryption i'd like it to also offer the same recipient self registration portal for password management based on user similar if not exactly the same as the existing Sophos Email Appliance.

    I think this would get many of my clients with existing firewall/vpn infrastructure who are also looking for email encryption off the fence and buy into the UTM. Unfortunately the encryption piece as it stands now is a bit tedius and isn't as user friendly as it could be

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. SPX Encryption > Receiver Password Portal Setup & Reset

    A way to remove the need for Password Notifications send to User, Administator or Other. An external facing portal page that allows a notice to be sent to the receiver for them to register w/ e-mail verification to setup to access their password for the SPX attachment. Basically allowing a local service similar to Cisco RES for messages sent from your Sophos UTM. Obviously, this could be limited in that if a per-email password is used by the sender it would not be able to work. Also a password reset would only work for future e-mails as the PDF is…

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. RED: VLAN port configuration on RED

    It would be extremely handy to be able to configure the individual ports on a RED to support different VLANs -- for instance, port 1 and 2 could have VLANs 20 and 30 tagged, with ports 3 and 4 running untagged (VLAN 1)... really handy for a branch office setup with VOIP, etc. It would also be nice to be able to configure a hybrid port as well.. .that is, one that you can configure a native VLAN on (untagged) with tagged VLAN IDs all on the same port, a la Cisco, etc.

    55 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Neworking: Even more Dynamic DNS Providers. (Eg No-IP)

    Allow me to choose every DynDNS server (or add No-IP DynDNS to list!)

    128 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  40 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  17. Synchronization Password of the Day with WiFi PSK

    It would be good if you could synchronize the daily password automatically with the PSK of the guest WLAN.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  6 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Wireless Protection: QR Code Vouchers for Hotspot

    In addition to passwords for entry via the wireless captive portal, it will help us if QR Codes can be printed on vouchers too.
    Users with smartphones are able to scan the QR code with the mobile phone, which contains an individual URL to activate the session, equivalent to typing in the vouchers passcode in the captive portal.

    56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Wireless: Support 5GHz in all access points

    All Sophos AP's need 5GHz connectivity. All professional wireless devices (Notebooks, mobiles ore whatever) are able to connect via 2,4 and 5GHz.
    5GHz technology is more stable as 2,4 GHz and has numerous advantages.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  20. Remove the 200 MAC address per SSID limit

    Remove the 200 MAC address per-SSID restriction for access control.
    In some situations the complexity of the voucher system is not required and basic MAC address whitelists or blacklists as a simple alternative. However, the limit of 200 addresses per SSID is restrictive in larger deployments. My suggestion would be to remove this restriction, or if a restriction is necessary it should be increased to more than 2,000 addresses.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 25 26
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.