SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Restart PPPoE when Master Role has changed

    When the Master-Role changes within a Cluster PPPoE Connections will go down until the admin manually restarts the connection or until the automatic reconnect occurs.

    It would be helpful if an PPPoE Interface has an Option to trigger the reconnect when Cluster-Roles change.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    This was treated as a bug and was fixed in Version 8.300. I’ll close this feature as a result.

  2. HA: Leave Cluster Node In Reserve During Up2Date

    For safety, instead of forcing the admin to disconnect and put a node to the side for "safekeeping" in case of a big failure when upgrading, it should be possible to set a node as "reserved" during the up2date process so that it remains separate and can instantly become active while the other unit(s) are upgraded.

    This lets the admin get back online and buys some breathing room in case they need to re-image or otherwise work with their cluster to address a failure.

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  3. Zero Time HA Failover for VPN and Internet

    Zero Downtime for VPN and network WAN connection in a HA setup.

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →

    This feature has been in the system for a while. In the interest of good feature hygene, I’ll mark this as completed. HA failover is near instant, and stateful for non-proxied traffic, including VPN connections. (this should also have been the case when this feature was entered, however) If the failure is not the ethernet cable directly connected to the port, however, there will necessarily be some delay in detecting upstream failure, before the firewall can react.

  4. Up2Date Progress in Cluster

    "Watch Up2Date progress in new window" will not work in HA or cluster environments, right? Would be very nice to see though, as Up2Date progress of slave is kind of mysterious otherwise...

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    We have added the ability to see from the status page the current status of the attached cluster units and give you feedback during Up2Date operations.

  5. Add Cluster/Multihomed Boxes to Increase Performance

    Per RFC 2663 , section 4.4 (IP NAT Terminology), allow ASG to link to another ASG to allow increase in performance. Since HA already handles redundancy the only addition would be to put the backup ASG device to use to improve performance.

    Idea is to share state between each box (already in HA), and also allow each box to perform NAT/rule services for an internal network(s). This would increase performance and redundancy (already in HA).

    Thanks,
    Warren

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    This is already possible using an active active cluster, which supports up to Ten units in the manner you describe.

  6. HA: Show Cluster Synchronization Status

    During the bootup of a cluster, there is a 15 minute wait period where a failover cannot occur, while the cluster sets itself up and syncs. It should be noted during the status of the cluster that this is occuring. Keeps administrators informed that currently no failover will be possible due to cluster bootup/sync operations.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  7. HA/Clustering: Appliance Visual View

    Show multiple appliance images in WebAdmin to reflect the status of a cluster by visualizing the connected appliances with a graphical display.. provides a good visual overview to the admin of a connected cluster / ha setup.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  1 comment  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  8. HA/Clustering: Serial Number View for all Units

    Provide a way to view the serial number of all connected units in an HA or clustering setup in the dashboard/licensing sections.. GIves the admin the ability to find the serial numbers of his connected units without going to the command line, causing a failover, or having to manually go look.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  1 comment  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.