SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Standard ADSL Support on SFP+ Modem

    Standard ADSL Support on SFP+ Modem

    13 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
    • DNS over TLS

      Please implement support for DNS over TLS queries to supported resolvers (like the new Quad9 resolvers). Very important privacy feature, imho.

      81 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        10 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
      • Capability to add iphone as additional interface under UTM

        Hello Team,

        We have customer here requesting to have capability to add iphone as additional interface under UTM. For your assistance please. Thank You.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
        • DHCP option 150

          Hello Team,

          We have customer here, requesting to to have option to configure DHCP option 150 and 66 under Sophos UTM. For your assistance please. Thank You

          2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
          • NBN Telstra

            As yet there is no support for MPoA which is the required protocol for VDSL2 on the NBN network. With ADSL fading out this seems to be an essential feature

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
            • ADD DNSexit.com as dynDNS Provider

              ADD DNSexit.com as dynDNS Provider
              please add DNSexit.com as dynDNS Provider.
              because they can host top domain name(yourdomain.com) for free.
              or create own providers under dynDNS for any other profider.

              thanks!

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
              • DHCP Option 121

                Please add DHCP option 121 as a preconfigured DHCP option for pushing static routes over dhcp

                3 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                • DHCP Option 60 & 61

                  Addition of DHCP option 60 & 61 to allow connection of UTM to Sky Fibre. Sky uses these options for router identification and the username / logon details for the broadband service.

                  8 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                  • private vlan

                    Currently the Sophos UTM / XG do not support Private VLAN's. This is a major security feature that is being used more and more often especially in virtualised environments with VDI's, DMZ's or even sensitive / untrusted local equipment at an office campus.

                    With the addition of private vlan you can prevent these devices from communication with eachother. However Sophos does need to support this feature. Currently the virtual variants do support it thanks to VMware but the hardware variants do not.

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                    • Add new DynDNS service: https://spdyn.de

                      Update URL sample can be found under https://wiki.securepoint.de/SPDyn/Hostverwenden#Verwendung_mit_Fremdhardware.

                      Site is German but the page itself should be self-explanatory.

                      It would however be the best option to provide a full configurable custom dynamic DNS to the customers. It should be that hard to implement a custom URL using predefined variables.

                      Thanks!

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                      • Relay Wake on LAN through Sophos XG

                        We have lot of customers with different networks and a Sophos XG as Default Gateway.
                        Relaying wake on lan request through Sophos XG would be nice.

                        17 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                        • WAN-Bonding

                          Please implement the posibility to bond WAN-lines. Free FW-Appliances like pfSense are able to do that. Why not Sophos?

                          At home (my testing area, before I implement new confs in the company FWs) I have two ISPs. UnityMedia with 125/4 MBit and Telekom with 100/40 MBit. Only with an UTM it's not possible to bond the lines, so that I can use the full bandwith of both lines.
                          Momentary I've solved that by putting a pfSense-appliance between the IPS-modems and the UTM. So I reach speeds like 223/44 MBit.
                          But... why use an other appliance between ISP-lines and UTM? Why…

                          25 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            8 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                          • Configurable MTU on RED

                            Please make the MTU size of the internet upstream configurable on a RED device. We're using a TV cable based internet upstream and to get full performance they ask us to set the MTU to 1420 what is not possible to configure. As cable internet is more and more widely used and upstream bandwidth raises all the times this is potentially needed by more users. Thanks a lot.

                            9 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                            • Uplink Monitoring - bind a monitoring host to a monitoring action

                              Scenario:

                              Main office communicates to multiple (3) branch offices over a single MPLS link. While we can create a monitoring host for each of the branch offices, it is not possible to bind a monitoring host to a particular action.

                              Presently when any of the monitoring hosts are detected to be offline, all Actions are performed. Greater granularity would allow the UTM to perform Action B only when Monitoring Host B is offline.

                              10 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                              • Uplink monitoring & automatic action

                                Automatic action (Interface & Routing ==> Uplink monitoring ==> Action) work only when the first interface in the Uplink Balancing ==> Active interfaces is in "Down" status

                                We would that automatic actions work with any interfaces in the Uplink Balancing ==> Active interfaces.
                                We would that automatic actions work also when an interfaces is in "Error" status (internet access is not OK,..)

                                Thanks for your help

                                3 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                • SNAT with multiple addresses in source pool

                                  Please add support for using a list of IP numbers as the "Change source to" field in an SNAT rule. Essentially, allow SNAT from may to few with overload.

                                  As an example, in iptables, SNAT a /24 to 3 external addresses in round robin (with PAT only when needed) would be

                                  iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source x.y.z.1-x.y.z.3

                                  Not currently possible with the UTM's UI.

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Delete one DHCP lease

                                    Please allow to delete one DHCP lease or to block one IP lease.
                                    We need to block not authorized devices in our network.

                                    4 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add a customizeable field for ddns

                                      Please add the capability to add a custom dynamic dns definition. It may be fine for the most to choose between predefined vendors, but I want to use my own ddns on my own servers.
                                      So what i would need is a vendor entry, in wich I can choose a custom fqdn or ip-adress to work with. It would be ok to use the protocoll form dyndns, maybe a possibility to choose would be nice to.

                                      6 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                      • mtu ignore

                                        In environments where you have a Layer 3 core switch with Jumbo Frames enabled and you want to create a OSPF neighbor relationship between the Layer 3 switch and a UTM, the adjacency does does not form due to a MTU mismatch. On most network equipment you can either adjust the MTU size for the OSPF instance or ignore the MTU size all together. The UTM allows for neither. Please add functionality to adjust or ignore MTU size during OSPF neighbor formation.

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                        • qos setting dynamic limits on uplinks

                                          I would like to allocate set bandwidth for different vlans (deparments) including voice traffic. Is it possible for us to setup a 100Mb link as follows:

                                          VLAN1- 20Mb
                                          VLAN2- 20Mb
                                          VLAN3- 30Mb
                                          VLAN4- 10Mb
                                          VOICE traffic- 10Mb

                                          I would like to have it set like the above but say if one vlan require more bandwidth and it is available on the link it should be able to grow. The limit should not be a maximum limit so to speak.

                                          3 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 14 15
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.