SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Web Protection: Use Network Range objects in allowed network list for filter profiles

Enable web filtering profile to use range objects for the allowed network list.
Web Protection → Web Filter Profiles → Filter Profiles

22 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

11 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • Don commented  ·   ·  Flag as inappropriate

    If you are using Dynamic VLANs and DHCP scopes then you cannot use a subnet that would would define a network - so not having the capability to add via network range negates an important network tool.

  • Volker David commented  ·   ·  Flag as inappropriate

    Totally agree to allow to add Network range in allowed network list.
    Why are network ranges previously not possible?
    This should be a basic function!

  • Chu Kin leung commented  ·   ·  Flag as inappropriate

    Totally agree to allow to add Network range in allowed network list.
    In our case, we defined different internet ip range as specific usage e.g. x.x.x.176 to 200 as DHCP_Group. It is allowed to use DHCP_Group in Network Protect -> Firewall Rule.
    When I started to setup the Web filtering, but it is not allowed to use DHCP_Group. I need to define 2 Networks object i.e. DHCP1 (x.x.x.176/28) and DHCP2 (x.x.x.192/29). to use in web filtering allow network.

    Please help.....

  • Paul Perkin commented  ·   ·  Flag as inappropriate

    This is a pretty big issue for us, we host customer systems using the UTM and have a lot of IP groups containing all the customer IP addresses. Some of our bigger customers can have > 30 IPs with a mix of IP hosts and networks in there. Not being able to use groups an a path route ACL item results in having many hundreds of individual hosts and networks in the allowed networks ACL. This is fast turning into a big of a management headache for us!

  • josh colter commented  ·   ·  Flag as inappropriate

    While you can use a network range for the web filtering profile, it is impossible to use an IP address range object in the web filtering profile. Customers would like to have the ability to use the IP address range object in the web filtering profile.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Unfortunatelly, it is not possible to add Network Range object into Allowed Networks. It seems like a bug that needs to be fixed.

  • leon kok commented  ·   ·  Flag as inappropriate

    We are facing the same issues which range of IPs object is created but cannot added into the "Allowed Networks" list in the WebFilter Profiles. Even there are no such option to create or define IP range object in the WebFilter Profiles.

  • Anonymous commented  ·   ·  Flag as inappropriate

    In Sophos UTM , Web Protection -->web filter profile-->in Allowed Networks

    i can not define ip address Range.single host is add but how to define range of ips.

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.