SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Search firewall on IP Adresses

    It would be nice to be able to search in Firewall definitions for IP Adresses, aditional to search on object names.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Open ports based upon source country

    Add the ability to open a specific port but to only allow access to it from a specific country. For example to allow access to a VPN server but only allow access to it from the UK

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add DynDNS Support for Additional Interface IP Addresses

    Will be usefull the possibility to chose to assign a specified dyndns hostname also to an Additional Address,
    not only to the ip of the local interface or the public ip address.

    This is usefull if you have more than one ISP with more than one IP (Additional Address) per ISP.

    Summary:
    -ip of local interface
    -first public IP on the default route
    -ip of the additional address (New)

    So you can update the DNS entrys for all additional addresses from ISP One to ISP Two when the failover happens (Not only
    the Primary Address on the Uplink-Interfaces Network Object,…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. import your own IOC through wide supported format (stream or file)

    Being able to import our own Yara, OpenIOC, snort, suricata format file through files and/or API.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Web Protection: Allow blocking Flash/ActiveX/Java Separately

    Especially Flash is mostly used by many internet pages, but we want to block Java, due to the security issues!

    In Version 9, you can only choose the three methods together.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Snort Auto-Block Upon Detection Threshold

    This is a feature that a few Snort additions offer, and would improve quality of life with UTM quite a bit (it's the main feature I miss from pfSense). Allow users to configure a threshold for number of Snort alerts triggered, and amount of time to block an address. When the threshold is exceeded, a firewall rule is set up with an expiry in the future however long the user defined. Waking up to 200 e-mails about a person trying to exploit a server is getting old.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. to have a list of all identities present in IPS or an RSS feed

    It would be nice to have a list of all identities present in IPS or an RSS feed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Creating groups of services

    Creating groups of services. Now you have to create one NAT rule for every service. It´s difficult to see which rules belong together. With groups all services belong to a technical request would be fulfilled with one rule.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. SOPHOS UTM integration with FireEye device (IDS)

    SOPHOS UTM has an available integration with FireEye device (IDS)?. This is to automatically block the sites categorized by FireEye as malicious.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. upnp with requirement for static dhcp extra-meta tickbox as acl for upnp deamon plus device probing and cloud based behavior intel

    Add secured uPnP support with requirement for a static dhcp extra-meta tickbox serving as acl for upnp deamon's trusted access. You might even go as far to deepen the acl with rules applied to device request possible based on a detection probe.and central intelligence for generalized behavioral modification of UTM layers based on the fingerprint of network device, with review and customization. That would greatly simplify and automate the GUI experience.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow SNAT and Web protection work simulatneously

    currently web protection is being prioritized over SNAT. we are getting feedback that on the future patch upgrade to have a feature that will allow SNAT to work while web protection is enabled

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. load balancer

    The server load balancing currently in ASG 9.3 works great on our internal/private network. I attempted to make it publicly accessible and failed. Sophos support just informed me the load balancer can only be used on a private network. They've stated dnat can not be used with the load balancer to load balance publicly accessible servers. I suggest this feature be added to a future release.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enable Firewall rule in creation process

    In order to make packet filter configuration easier, you should add a switch for directly enabling a firewall rule by creation. Very often people forget to enable a newly created firewall rule. By default the switch is not enabled.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. MAC address filter - add a description field for MAC Addresses

    All is said above :-)

    In Windows DHCP service I can add a comment for each MAC address. Would be nice to have this in the UTM too.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Improve reporting for Advanced Threat Protection

    Presently ATP reports the IP of the advanced threat. It does not report the DNS name.

    In most larger networks, all DNS requests go through an internal DNS server, Domain Controller or whatever. Therefore any alert from the ATP will identify the DNS server as the requesting host.

    For Windows DNS logging the brief logging does not capture the IP address returned from the resolver, only the DNS name submitted. Whilst it is possible to turn on complete logging which will return this information such logging is very, very verbose, and it is generally impractical to have permanently turned on.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Server Load Balancing: Choose HTTP Response codes for failed servers other than 5xx (for ex. 404!)

    By now only 5xx HTTP Response codes tell the SLB to disable a real servers (a failed one) and 200 for OK. We want to be able to determine our own HTTP Response Code to disable real servers like 404. This makes it way easier for an admin since he only has to check for a simple empty file - if its there -> 200 (up), if not -> 404 (down). We use this also with HAProxy and it works great.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Network Protection: Firewall pop-up informaton when hovering mouse

    Hi!

    When I go to Network Protection - Firewall and hover over an object I get a pop-up showing the name of the object _which is also written in the rule base_. Since the name is the thing I am hovering over I have no use of that information but what I really need is the IP address.

    As it is now I have to move frequently between Network definitions and Firewall rules / NAT or I have to open up every rule and hover over the object in the rule definition.

    Since this is time consuming and error prone…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. API Gateway

    Enhance border protection by offering an API gateway solution, ala Forum Systems' Sentry API Gateway. As more companies begin to rely on distributed infrastructures that rely on remote API communication, especially within the cloud, there is a clear need for this type of security.

    Considering Sophos' "all in" strategy on cloud offerings, "layer 8" intelligence from CyberRoam, and mobile security from Mojave, Sophos already has the key components in house to dominate this emerging market at a far more competitive price point.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. SNAT HTTP/HTTPS Proxy Traffic

    SNAT HTTP/HTTPS Proxy Traffic

    I would like to suggest a feature which will enable me route my outbound HTTP/HTTPS traffic with SNAT with content filtering policy enforcement. i.e. without exception.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Fix the Country Blocking Exceptions to allow the exceptions to work properly

    When I want to allow only specific hosts or DNS names from a specific country, it should allow that and actually work.

    So if I block all of Russia, I should be able to explictly allow items for a specific business I interact with therebyt either IP or DNS host name. The system says it allows this now, but it doesn't fully work.

    I may also only want to allow email traffic (port 25) for one company but not allow other port traffic.

    This is opened as a support case as well, but support technician said to open a feature…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.