SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Logging: show crypto session characteristics

    It is desirable to know the crypto characteristics of SSL/TLS sessions (services WAF, Web Protection, even SMTP). I am looking to know the cipher suite or its components: SSL/TLS protocol version, cipher used, MAC used, PFS group, etc). For planning purposes, it would be valuable to know which ciphersuites are in use, so that older ones such as TLS1.0 can be dropped when they are no longer needed. For forensic purposes, it becomes important if we ever need to investigate whether a successful downgrade attack has occurred.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  2. User Session Page

    User can see their Session time in browser pop-up page. That pop-up page can not close without logout. (In current setting there is no logout page ones browser is closed)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  3. Live User List with admin can logout the session.

    Admin can see live user list and also can logout user session

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Bigger ChangeLog for Webadmin

    Some of our Customers would like to have a more detailed Changelog in the Webadmin. The 20 etnries are not enough. A seperate Log for the Webadmin would be appreciated.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. Number of logs to display per page in Log Viewer

    Number of logs to display per page in Log Viewer. As earlier in cyberoam

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. Loggin and debugging interface

    Hi!

    As meny of your costumers surely do - I come from a TMG/ISA Server environment.

    In TMG/ISA we are used to a very user friendly and well working loggin/debugging interface.

    We have the ability to view live logs and apply filters to the log-stream.

    In Sophos UTM9 there is also a "Filtering" option but I'm missing the possibility to filter in detail. f.ex.

    I would like to be able to apply a filter that shows only packages going from one IP to another or from one IP with specifik type of traffic og maybe even a combination of different…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  7. I would like to suggest the possibility to monitor the current threat count and the average scan time (last 15 minutes) via SNMP, mail, etc

    I would like to suggest the possibility to monitor the current threat count and the average scan
    time (last 15 minutes) via SNMP, mail, etc.
    SAV for NetApp Storage Systems

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. End point protection log

    In UTM 9.3, there were a range of improvements to the Web Filtering log files including referrer URLs and user agents.

    Unfortunately these changes did not make it into the End Point Protection (EPLog) files. The EP logs appear to be the same as the web filtering logs, only only stuck back in the v9.2 format.

    Is it possible to propagate the recent improvements to the web filtering logs into the end point protection logs?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  9. Build Technology Add-On (T.A) for SPLUNK

    Build Technology Add-On (T.A) based on Sophos UTM logs that compatible with Splunk CIM for normalize events and integrate with Splunk SIEM app (Enterprise Security) and PCI DSS.
    you can see F5 T.A and APP on the splunkbase.splunk.com.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. Powershell Module for searching logs

    It would be great if there were a Powershell module to allow doing granular log searches. I often like to look for specific information and in differing ways. The time to obtain this information from support is far too inefficient. For instance, I was just looking for all messages in the log with the .email top level domain.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  11. Archived log

    I want you to add the function that can download several types of archive log by one operation.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add interface index to flow data to allow external packages to track it better.

    Add interface index to flow data to allow external packages to track it better.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  13. group

    Include a "group" field in the http.log to help ease with creating syslog reports.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  14. Enable/Disable loggong for all rules at once

    For all rules in Firewall and Application Control it would be great to have a button to disable or enable logging for all rules. Or even group wise.

    This way temporary debugging is made easy and otherwise the load is low on the machine.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  15. AV passthrough downloads

    Big downloads scanned by AV portal are not shown in logs when are not finished by clicking on download link on http://passthrough.fw-notify.net/ portal.
    This hides

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  16. x-forwarded-for

    Allow the logging of X-Forwarded-For IP addresses / log proxy protocol.
    With AWS supporting log proxy protocol and when not inspecting HTTPS with ELB, the UTM is blind to the source IP address and the logs only reflect the EIP source IP address for clients so no way to ID the real client IP address at the moment in logs.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  17. Sophos Web Appliance: More granular reports

    On behalf of SS&C Technologies, Inc.

    We would like to see more granular reports on the web appliance. More specifically, top bandwidth by time. It would be useful to be able to see who use the most bandwidth by a time range instead of just the day.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  18. Live Log for color-blind People, New Column

    Feature to Add a New Column witch represent the row color

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  19. Logging of SSL Filter.

    We had a particularly bad issue on 3 of our UTM devices. With SSL filtering enabled, mobile apps such as Facebook/WhatsApp/Mobile Banking Apps and quite a few others would not work.

    Relying on the built in logs, neither us nor Sophos support could see any packet drops, even with full logging enabled.

    Turns out SSL filtering affects mobile device apps much more destructively than on a web browser.

    There is going to be a partial fix apparently with firmware 9.4 but my suggestion is more fundamental: How can I trust a device if I cannot see what it is doing?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improve the methods which delete older log files when log partition usage meets the defined thresholds

    Currently 3 thresholds can be configured to take various actions dependent on log disk space usage. When set to delete older log files, let's say - at 85% - this simply executes the logcleaner.plx job at 01:30am each morning. If the threshold is say 80% at this time, and subsequently lots of activity of the box, (typically abnormal activity) and the log partition fills up before the end of the day to 100%, then the raw log files fail to be compressed down by archiving jobs and stay at their current size - logging stops as syslog has nowhere to…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.