SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Reboot AP from command line or crontab (scheduled task)

    I've 3 AP connect to a UTM, i would reboot them but not manually with the aweetool, with a schedule task (crontab, rc.local, shutdown -d [time] ecc..., at the moment do this isn't possible..

    This "feature" is very important for a correct connectivity ofthe AP, because
    every one/two/three months you are forced to restart them manually.
    The awetool is useful but yu need to connect to UTM by ssh, start the tool, find the AP and reboot it MANUALLY.
    Give the possibility to create a crontab for do this wil be very very useful, we'll apreciate it.
    thanks

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. Remove the diffie-hellman-group1-sha1 in ssh service/port-22

    Hi Sophos,

    We recognized that our product is using insecure key-exchange "diffie-hellman-group1-sha1". "diffie-hellman-group1-sha1 is used only has a size of 1024 bits. This size is considered weak and within the theoretical range of the so-called Logjam attack.

    We would like to remove diffie-hellman-group1-sha1 in ssh service/port-22,

    Please kindly provide a step or your action to remove it.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. port 25

    The default port to email a backup copy of the settings is Port 25.

    Many ISPs block Port 25.

    It would be helpful if an alternate port could either be chosen or selected such as Port 587.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow network traffic quotas on XG to be applied directly to rules rather than users or groups.

    Would be nice to apply network traffic quotas to a rule rather than just users or groups. This would allow IoT or headless devices to be cut off after exceeding a quota.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. I need a management app to control my utm

    question about management app

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. How to find out active openvpn-connections, documentation for UTM9 API

    I would like to find out wether users are connected via openvpn or not. With a single request:

    https://my.utm9/api/status/openvpn/openvpn-officemunich

    to get:

    {
    "connectionname": "openvpn-officemunich",
    "active": false,
    "last
    starttime": "2019-12-30 08:00:00",
    "last
    endtime": "2019-12-30 08:14:03",
    "history
    description": "only last 24 hours are saved",
    "history": [

    {
    
    "start_time": "2019-12-30 08:00:00",
    "end_time": "2019-12-30 08:14:03",
    },
    {
    "start_time": "2019-12-29 23:10:00",
    "end_time": "2019-12-29 23:14:03",
    }

    ]
    }

    It is a great idea to have an API for Sophos UTM9 and to publish documentation here:

    https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.ashx

    This documentation is from 9/2017 and I hope to find more substantial info in this document or…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. RESTful API: Provide an API call for Routing Table /IPv4 Default GW for an interface

    At this moment, there is no option to make a API GET call for all the routing table of the UTM.
    Including the IPv4 Default GW for an interface.

    This is very important for thirdparty environments that using and analyzing the routes and the access-lists of the network devices of the production environment.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. SUM log traffic for automatic firewall rules

    When we create an IPSEC VPN in SUM and use "automatic firewall rules" option, we can't edit the option "log traffic" for these rules and so we can't see the logs for these rules.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. WAN Interface speed test

    Being able to test WAN Interfaces by isolating from the network traffic temporarly. That would be very helpful to identify slow internet connection and causes.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Ability to Package Central Linux installer in an RPM file

    Sophos Product:

    Sophos Central

    Version in Production:

    Linux agent

    Feature Request Summary

    How will this new feature address your business requirements?:

    We are wanting the ability to create an RPM file for deployment onto our Linux fleet. This will give us the ability to install the agent onto our large Linux fleet via our satellite deployment environment. As we have a large Linux fleet we need the ability
    to deploy via an RPM file as installing the agent manually on each server is not feasible. As a few of our Linux servers are on a private network and unable to…

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. kbit

    In flow monitor - Bandwith Usage Now - KB/s is displayed.
    This is misleading, there should be kbit / s

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add Sophos SG/UTM to Sophos Central for management via the cloud

    I can't see this suggestion here yet; apologies if it is.
    I'd love to add our Sophos SG UTM devices to Sophos Central, to centralise and aggregate log and events collections, as well as config and health status snapshots.
    I can deploy a SUM, but it would be nice to have it linked to Sophos Central for a standard view.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  13. Real time bandwidth usage for firewall rules

    Add a method to check the real time bandwidth usage for firewall rules.

    So users can distinguish which rule uses the most bandwidth and set the proper QoS for it.

    37 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  14. WAN Failover Firewall Rules

    We would like to see the ability to create firewall rules that take over if the primary WAN connection fails over to a secondary WAN connection. This would be useful for businesses like ours who has a nice primary connection but a significantly smaller backup connection. For example we let the employees stream media during normal operations however with many streaming if it fails over to the backup WAN connection it causes a huge bottleneck for us.

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow for the encryption level for SNMP v3

    Currently when configuring SNMP v3 for network monitoring, the encryption is automatically set to AES, but does not identify the strength of the encryption. It has been found through testing that the AES encryption being utilized is AES 128, which is below the requirements for regulations such as Payment Card Information (PCI) and the Health Insurance Portability and Accountability Act (HIPAA) compliance. It would be greatly helpful to allow for the selection of the AES encryption level when configuring SNMP v3 for network monitoring.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. Sophos Central Grouping feature & AD Sync improvements

    It would be nice to improve the AD Sync Client with following features:
    - AD Sync on OU level
    - Sync Computer Objects in Security Group Object and apply a Synced Security Group Object as Computer Group in the Sophos Central Web-GUI. Like this is with the User Objects already implemented.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. create one common user into the SFM for access all synchronized UTM GUI

    create one common user into the SFM for access all synchronized UTM GUI

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. In SUM, include the capacuty to configure SANDSTORM

    In SUM, include the capacuty to configure SANDSTORM

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow the ability to edit Scheduled Operations in the Sophos Gateway Manager

    Currently, to change a scheduled operation in the SUM Gateway manager, you have to delete the schedule and recreate it entirely. It would be nice to be able to simply edit the operation.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to set up permitted devices under licensing

    I would want the ability to set up permitted devices under licensing.

    For example:
    Only devices 192.168.1.10 to 192.168.1.20 should be permitted to the network.

    If a user attempts to connect from 192.168.1.21, this device should then be blocked (like the license count was exceeded), even if theres licenses left. (and that device should then not count in licensing)

    This would mean that any device outside of this, would not be able to connect to the UTM at all, and thus would not "spend" licensed devices (eg, any devices outside of the specified entires, or course multiple entires should be…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 8 9
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.