SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. WebSecurity: HTTP/S MIME-Type Whitelist

    As is possible with Mail Security, add the ability to the exceptions tab to "exempt" certain mime types from filtering.. Allows for MIME types to be removed from filtering and scanning to increase compatability with perhaps streaming we do not support natively, and balances the feature offerings with the mail security choices.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Web Protection: Exceptions for "Going to these Destination Networks"

    Currently you cannot set a network (ie, range or subnet) as a possible DESTINATION for an exception (only source network or destination URL). It would be great to have a drop-down choice for ths.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Timeout of download tools is avoided

    There are some tools which download files in the background like Webdows update, adobe or virus engine.
    When ASG check viruses, if exceptions setting are unsuitable, these communications will be failed by timeout.
    Since the load of ASG becomes high, I understand that exceptions should be set.
    However, there is a customer who even exceptions can't be set or fell a burden.
    They want the function to avoid timeout.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Web Protection: Time-Based Exceptions

    Please add the possibility to make Web Protection exceptions dependent on Time Events.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Web Security: Single-Sign-On (SSO) Fallback Authentication Support

    In large networks, without a good IP plan, there is a need to authenticate a lot of PCs.

    Some are joined in the AD domain, some not, and if they want to use AD SSO for the http proxy as much as they can.. there is no chance to have a fallback authentication method if the PC that we want to authenticate is not on the AD server.

    What would be enough is to have a fallback authentication method for Web Security if the AD SSO is activated on the ASG and the client PC does not have AD membership/credentials.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Customizable Message of Default "content not allowed" error

    Hello,

    unfortunatly it´s still not possible to customize the message for content, which is not allowed.

    This message appears, if someone has configured a proxy profile with whitelist filteraction. It´s not customizeable, because in this case it´s not blocked by surf protection, by virus protection or by blacklist.

    Please add this message also to the customization menu in webadmin.

    thanks

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. WebSecurity: Cache scanning results of files

    The scanning of downloaded files is a time and ressource consuming task. To optimize this task, already scanned files could be whitelisted so they don't need to be scanned a second time and/ or could be taken directly from the local cache.

    To identify a file you can compare information like checksums, file-type, file-size, date, Webserver, ....

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Web Protection: Strip "Zombie" & Super Cookies

    There are some cookies which could be detected and stripped by the proxy in-line. Would be great to prevent this type of cookies from being downloaded by users.

    http://www.infoworld.com/t/internet-privacy/zombie-cookies-wont-die-microsoft-admits-use-and-html5-looms-new-vector-170511

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Caching of Files for ReDistribution (Low Bandwidth Support)

    the problem:
    a customer with a 378KB connection (sad but true here in germany) has massiv problems when microsoft has patchday. It would be nice if astaro would support caching patches and updates as a feature.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Web Protection: Create Proxy Auto-Config (PAC) file automatically

    Since the ASG is the proxy, and it knows what methods are allowed and for/by whom, and when (we have some time-based profiles for our factory area) then why does it not auto-create the necessary code for autoconfig to work instead of us? Would be great instead of trying sample code and replacing the names, addresses, and so on with our real data?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Bypass Web Proxy Authentication to Default Profile

    Allow users to cancel Authentication when trying to visit a website. Currently there is a login form (transparent http proxy with Active directory Authentication) but no cancel button. This will force all users to authenticate, but what if the site is not blocked by default profile proxy profile. I know checking all profiles to see if the site is bloced prior to authentication may be too much, but what about checking the url against the most restrictive (default template filter with base categories) then requiring authentication if the site requires a higher profile under a different proxy filter? I was…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Security: Exceptions support for Unscannable Files

    we should add execption for Block unscannable and encrypted files as this field can be enable/disable form http proxy but i think i will always keep it enable and let add execption to user or director (to send and recive password protected file )

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Web Protection: Block all file extensions but Whitelisted types

    I am able to blacklist .pdf extension but i am not able to whitelist them.
    Customers need to only allow some kinds of downloads.
    Something like SRC 10.0.0.1 should only be allowed to download http://www.example.com/example.pdf is really complicated.

    It would be great if i could just specify types of files to allow vs. having to block all the bad ones.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Web Protection: Add a Web Manager (similiar to the Mail Manager)

    It would be nice to have a Web Manager interface that is similar to the Mail Manager. It basically would have the same functionality but would be based on individual URLs and sites visited instead of individual emails. It would include the ability to add an individual URL or domain to a global or policy specific blacklist or whitelist in the same way an individual quarantined email can be deleted, released and so on.

    Management wants an easy way to add individual URLs and sites to blacklists and whitelists.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web Security: Customizable Content Filter Override Time

    Currently the bypass filter time limit implemented in Version 8 only allows you to bypass a website for 15 minutes. However, according to the Child Internet Protection Act, schools and libraries that receive funding MUST allow all websites to be unblocked for adults for the duration of their session. Currently our Library can not use the Astaro until we can find a way to extend this time limit for staff bypassing websites beyond 15 minutes to approximately 90 minutes. A field where a variable time limit can be entered would be good so that libraries or other educational institutions can…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Web Protection: Per-User Bandwidth quotas by Category

    – like entertainment (200 MB), Educational (100MB) etc… usage assignment to users.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Web Protection: Per-Profile "Target Services"

    We need to differentiate the services that the Proxy can manage based on Proxy Profile.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Logging: Option for forensic web logging

    Very sensitive customers need to log the complete HTTP transaction (the request and response with the HTML provided by web server during the transaction). Even if it's very I/O demanding, it's a key feature that is mandatory to have to chance to sell just WEB Security in government offices, banks and customers that manage classified information

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Web Security: Specify Max "Connections" per-user

    Limit user connections to proxy with connection exceeded error reported to user. This would be very helpful in educational environments.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.