SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. NBN Telstra

    As yet there is no support for MPoA which is the required protocol for VDSL2 on the NBN network. With ADSL fading out this seems to be an essential feature

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
    • ADD DNSexit.com as dynDNS Provider

      ADD DNSexit.com as dynDNS Provider
      please add DNSexit.com as dynDNS Provider.
      because they can host top domain name(yourdomain.com) for free.
      or create own providers under dynDNS for any other profider.

      thanks!

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
      • DHCP Option 121

        Please add DHCP option 121 as a preconfigured DHCP option for pushing static routes over dhcp

        3 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
        • DHCP Option 60 & 61

          Addition of DHCP option 60 & 61 to allow connection of UTM to Sky Fibre. Sky uses these options for router identification and the username / logon details for the broadband service.

          7 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
          • DNS over TLS

            Please implement support for DNS over TLS queries to supported resolvers (like the new Quad9 resolvers). Very important privacy feature, imho.

            65 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              7 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
            • Allow DHCPv6 Relay on a bridged client interface

              Apparently I am forced to use a switch for that.

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
              • Re-Use Additional Address Objects for multiple interfaces, and on masquerade rules for "Uplink Interfaces"

                Currently we have a scenario where a customer owns a /24 range, which they announce over multiple BGP peerings with various telcos. Currently for redundancy over each link - it is required for each IP within the /24 that would be utilized to be made as an additional address for each individual VLAN WAN interface, as well as making a masquerade rule per downstream network range (site), per WAN interface (of which there are 4).
                This means we need to quadruple all additional address objects, and all masquerade rules, making one for each VLAN interface on the same physical interface…

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                • Add OSPF Interface Mode "passive".

                  Add OSPF Interface Mode "passive". This is a Basic OSPF Interface feature which put the Interface Network into the OSPF but not usinf the Interface for route Distribution. There should be three modes "active,passive,disabled" .

                  7 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                  • On Shell of UTM, display all the DHCP option including from number 77 to 255

                    Hello Team,

                    We have customer here requesting to to display all the DHCP option including from number 77 to 255 to the shell of the UTM. Currently will only display option numbers 1 to 76 but supports all 255 option objects. For your assistance please.

                    Thank you.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                    • Exclude IP Range from Policy Routes

                      The ability to exclude IP addresses from a policy route. An example would be a policy route that excludes local networks.

                      Here is the scenario.
                      - I have two internet WAN connections (WAN1, WAN2)
                      - I have two internal LAN networks (LAN1, LAN2)
                      - all 4 are on separate interfaces
                      - WAN1 is the default gateway (no uplink balance)
                      - LAN1 will use WAN1 for its internet access, the default gateway
                      - LAN2 will use WAN2 for its internet access.
                      - Both LAN1 and LAN2 will communicate.

                      When using a policy route to direct traffic from LAN2 destined for Internet…

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                      • ixgbe

                        Update Intel ixgbe driver to a newer release to support more 10GE NICs

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                        • Please make the site to site vpn route metric/administrator distance configurable

                          We normally put a site to site vpn as a backup tunnel for MPLS/PIP network. The current problem on UTM OS is the VPN tunnel routes always overwrite OSPF routes. so everything from the UTM box to a internal server, such as logging server TACACS+ server, monitoring, webadmin and so on, cannot work using internal routes. We can manipulate OSPF metrics but not the site to site VPN route in UTM. I saw some group discussions indicating other companies have the same issue. Wish this can be resolved and make the UTM works more efficient.. We have a lot of…

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                          • Allow network range object in Multipath rules

                            This would be very useful. For example, you can allow all endpoints (DHCP range) out a failover interface (lets say a cellular WAN) but not off-site backup servers (would eat up to much bandwidth). Currently we would need to add individual hosts one by one but... really? Who wants to do that?! A range in this case would be much better...Please up-vote!

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                            • private vlan

                              Currently the Sophos UTM / XG do not support Private VLAN's. This is a major security feature that is being used more and more often especially in virtualised environments with VDI's, DMZ's or even sensitive / untrusted local equipment at an office campus.

                              With the addition of private vlan you can prevent these devices from communication with eachother. However Sophos does need to support this feature. Currently the virtual variants do support it thanks to VMware but the hardware variants do not.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                              • Warning for Duplicate BGP Neighbors

                                It's currently possible to configure two (or more) BGP neighbors with the same IP address. In cases where a user is unaware of the duplicate,an identical neighbor can cause conflicts in the BGP configuration and changes to the neighbor may not take effect. A warning message would be beneficial in avoiding these situations. This way a user is aware of any duplicates and only proceeds if necessary.

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                • Time base routing in Sophos UTM feature should be available.

                                  I request to you Customer requirement time base routing in Sophos UTM feature should be available.
                                  Please add this feature incoming firmware

                                  Sophos SG135

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Allow to add a single tagged VLAN interface to a bridge

                                    At the moment it is not possible to add a single VLAN to a bridge, you can only bridge a whole interface (with the whole VLAN trunk on it).
                                    However, under some circumstances it is necessary to e.g. bridge 2 VLAN-Interfaces together (e.g. during a VLAN migration), to bridge a single tagged VLAN to an untagged interface, to bridge a single VLAN to a RED tunnel interface (e.g. bridge the VLAN of your local clients to the LAN of a small remote office) or to bridge two VLANs with different IDs from former independent locations together (e.g. over a RED…

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add new DynDNS service: https://spdyn.de

                                      Update URL sample can be found under https://wiki.securepoint.de/SPDyn/Hostverwenden#Verwendung_mit_Fremdhardware.

                                      Site is German but the page itself should be self-explanatory.

                                      It would however be the best option to provide a full configurable custom dynamic DNS to the customers. It should be that hard to implement a custom URL using predefined variables.

                                      Thanks!

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Relay Wake on LAN through Sophos XG

                                        We have lot of customers with different networks and a Sophos XG as Default Gateway.
                                        Relaying wake on lan request through Sophos XG would be nice.

                                        16 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                        • SIP Invite NAT from Internal PBX/VoIP Gateway

                                          Provide SIP Invite NAT for internal PBX/VoIP Gateway. As stated by a Sophos engineer, this function is only available for internal VoIP phones registering externally to offsite PBX. Current feature does not work for internal VoIP gateways or PBXs.

                                          5 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 14 15
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.