SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Better Website management in Webfilter

    Right now the Website list in Webfiltering has very limited management options. Importing or deleting longer lists is not possible because the page freezes. It would be great to have export and working bulk edit options.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Notification of Proxy Routing

    There needs to be an alert or notification that when setting firewalls for Internet IPv4/6 as a destination that the subnet of the two networks that shouldn't talk to each other are added to their respective web proxy profile blocklist.

    I have encountered many people that are not aware that the web proxy routes. Many people do not test their security configurations and this functionality (proxy routing) goes some time without being realized.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Attachment, link, and file emulation

    Email is a huge vector for malware. Not all of it comes in as an attachment. Links in email often lead to NEW malware. NEW versions of malware are attached or embedded into Office documents. Files users download may have NEW undetected malware in them.

    Palo Alto has Wildfire. FireEye has a similar service/appliance. Each service takes URLs, Office documents and unknown files and detonates them in a sandbox to determine if they are malware. Previously unseen downloaded files are uploaded to the same service. When NEW malware or malware links are discovered, an update is pushed to all subscribing…

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable the admin to remove unused Website Tags in Web Filtering

    If one defines a website tag in the UTM for a collection of URLs, then later desires to fully delete the tag (the tags remain in the configuration db even if not assigned to any URLs), there is currently not a way to do this. I contacted support and they said this would be a feature request (seems like missing basic functionality to me).

    46 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Huawei P8 Lite Fitbit Flex Connection 2

    Huawei P8 Lite Fitbit Flex Connection 2
    Hello
    A friend recently gave me her old bracelet Fitbit Flex 2. It is reset but we are unable to connect it to Bluetooth with my Huawei P8 Lite while we get there with other devices... Have you ever encountered this problem? Solutions?
    Thank you, everyone.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. editable, multi lanquege, custom block page

    Hi,
    Since a couple of months we working with you UTM product... and I love it.
    I have one missing point in the UTM.
    We are a dutch company with a lot of employees who have difficulty reading English reports or can not read them at all.
    It should help this users if the blockpage was displayed in there own lanquege.

    This can be achieved by providing blockpages multilingual (seems to me to be impossible for you), making them editable (everyone can store their own messages) or creating the option to make a link to a custom page for each…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Web Protection: Youtube and blocking specific categories

    Coming from another vendor one of the features I like/had was that I could block categories within YouTube. We are a School District that needs to access YouTube (YouTube for Education has limited content). It would be nice to setup a policy or rule to be able to block these YouTube Categories.

    Currently available categories are:
    • Film
    • Autos
    • Music
    • Animals
    • Sports
    • Shortmov
    • Travel
    • Games
    • Videoblog
    • People
    • Comedy
    • Entertainment
    • News
    • Howto
    • Education
    • Tech
    • Nonprofit
    • Movies
    • Movies_anime_animation
    • Movies_action_adventure
    • Movies_classics
    • Movies_comedy …

    156 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Make The Refer To Sandstorm Option in Web Filtering Exception To Be Edited Even if Without Sandstorm License

    Hello Team,

    Customer is requesting to Make The Refer To Sandstorm Option in Web Filtering Exception To Be Edited Even if Without Sandstorm License.

    The checkbox on the Web Exceptions form is disabled.

    The problem is that some of my exceptions have the check box checked and customer can’t uncheck them.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Web Proxy should honor Country Blocking Exceptions

    Currently (9.506-2 and prior), Web Proxy enforces country blocking but ignores country blocking exceptions. Support says this is not a bug, although it is hard to justify why making the product work as expected should be considered a "feature" request. Their workaround is to disable URL filtering for desired exceptions, but this also disables other policy checks that we want, such as blocking access to Social Networking Sites.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. transparent proxy intercept all ports

    in transparent proxy mode, all access to websites on standard ports 80 and 443 are intercepted and will use the web filter. However websites which use a different port, for instance http://website.com:1234 are not intercepted, but this traffic will directly flow through the firewall module and therefore needed to define a packetfilter rule (missing virusscan etc).

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. upload bandwidth report

    Customer would like a report of upload bandwidth used so that they would be able to identify any possible data leakage if they can identify users that have high upload bandwidth usage.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Time based rules for traffic throttling or shaping

    It would be very helpful to have time-based rules for traffic throttling or shaping. For example, users at our office access Facebook and we don't want to block it - just make it less of a burden on our Internet connection.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Disable option for users time to use for a site

    When you configure quota the user get a page for “Select how to your remaining time quota to use” I am missing the option to disable this.

    I want to get only get a message when the users use al of there quota.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. tagged websites in exceptions

    in the webfilter exceptions you can configure websites "tagged as", however this doesn't work.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. tag support parent proxy

    if there already tagged websites, it would be nice to support these tagged sites also in the parent proxy.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Block via user agent

    Customer requesting to block traffic via user agent

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. when sending error messages to users who connect to a non-existing or forbidden HTTPS-site, send the full CA chain to the user/browser

    Reason: Google forces more and more websites to HTTPS by punishing HTTP-only sites with a bad search ranking. In such a case proxy SG only sends the auto generated certificate to the user, which results in an unclear and ugly certificate error message by the browser to the user. This can be prevented by creating a signing certificate in the internal PKI, where the proxy SG must send this signing certificate to the user. Creation of the signing certificate is out of your scope, but it will be an internal certificate, valid to the internal organization only. Sending this signing…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Proxy usage security problem + change the bad proxy design

    When using - _Skip transparent mode destination hosts/nets_
    with _Allow HTTP/S traffic for listed hosts/nets_ checked, not only hosts which are in _Allowed Networks_ can reach this destination hosts. So if you have a public WLAN which is not in the _Allowed Networks_ _Web Filtering_, everyone in this Network can reach the destination hosts.

    The automatic Rule _Allow HTTP/S traffic for listed hosts/nets_ should only allow the
    Hosts in _Allowed Networks_ to solve this security problem.

    If you don_t want to change this behavior please remove the _Allow HTTP/S traffic for listed hosts/nets_ Feature for security reasons.

    General firewall design:

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Custom block pages dependent on AD group membership

    When a website is blocked, display a custom webpage which is dependent on the AD user group membership of the user. This would allow, for instance, a member of an "Internet Banned" AD group to have a block page which tells them they are banned from accessing any website, instead of the current message which refers to the category of the website - eg when trying to get to google, blocked because Search Engines are banned.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add a "bytes out" field in http.log.

    A "bytes out" field in the http.log would help identify hosts that are sending a lot of data out of our company. This is important to know, regardless whether the data flow is intentional (e.g. malicious user) or unintentional (e.g. compromised host.)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.