SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Logging: Anonymization of the original data

    The Anonymizationtool anonymized only the webreports not the original data (Livelog etc.)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  2. Use SUM as Log Server/Archive

    It would be very helpful if I could use a SUM Server as Remote Log File Archive. With this feature I could centralize all Logs of all my UMT's. A addon feature to search in e.g. Webfilter Logs of multiple UTM's at the same time would also be very nice!
    And if I do complex searches or log files are very big, the load will move away from productive UTM's.

    Thanks in advance,
    Pascal

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  3. remote syslog log selection

    When new logging types are released by Sophos (e.g. restd) they have to be manually enabled in Logging and Reporting > Remote Syslog Server > Remote Syslog Log Selection even if Select all was previously utilized. Instead, it would be great if Select all was persistent instead of a single-use toggle and those log types were then automatically sent to the remote syslog server upon update.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Output option based on status cord

    We use HTTP proxy AD SSO. When AD SSO is used, httplog is filled with lots of status cord 407. We're pestered with increase of I/O caused by output of status cord 407.

    Because it's AD SSO, it's no doubt to request authentication. It's meaningless to output this in log intentionally. We don't want to output status code 407. So we propose addition of log output option by a status cord.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. ipv6 mail manager

    Make it possible to search for IPv6 in mail manager

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. Logging: show crypto session characteristics

    It is desirable to know the crypto characteristics of SSL/TLS sessions (services WAF, Web Protection, even SMTP). I am looking to know the cipher suite or its components: SSL/TLS protocol version, cipher used, MAC used, PFS group, etc). For planning purposes, it would be valuable to know which ciphersuites are in use, so that older ones such as TLS1.0 can be dropped when they are no longer needed. For forensic purposes, it becomes important if we ever need to investigate whether a successful downgrade attack has occurred.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  7. User Session Page

    User can see their Session time in browser pop-up page. That pop-up page can not close without logout. (In current setting there is no logout page ones browser is closed)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. Live User List with admin can logout the session.

    Admin can see live user list and also can logout user session

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  9. Bigger ChangeLog for Webadmin

    Some of our Customers would like to have a more detailed Changelog in the Webadmin. The 20 etnries are not enough. A seperate Log for the Webadmin would be appreciated.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. Number of logs to display per page in Log Viewer

    Number of logs to display per page in Log Viewer. As earlier in cyberoam

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  11. Loggin and debugging interface

    Hi!

    As meny of your costumers surely do - I come from a TMG/ISA Server environment.

    In TMG/ISA we are used to a very user friendly and well working loggin/debugging interface.

    We have the ability to view live logs and apply filters to the log-stream.

    In Sophos UTM9 there is also a "Filtering" option but I'm missing the possibility to filter in detail. f.ex.

    I would like to be able to apply a filter that shows only packages going from one IP to another or from one IP with specifik type of traffic og maybe even a combination of different…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  12. I would like to suggest the possibility to monitor the current threat count and the average scan time (last 15 minutes) via SNMP, mail, etc

    I would like to suggest the possibility to monitor the current threat count and the average scan
    time (last 15 minutes) via SNMP, mail, etc.
    SAV for NetApp Storage Systems

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  13. End point protection log

    In UTM 9.3, there were a range of improvements to the Web Filtering log files including referrer URLs and user agents.

    Unfortunately these changes did not make it into the End Point Protection (EPLog) files. The EP logs appear to be the same as the web filtering logs, only only stuck back in the v9.2 format.

    Is it possible to propagate the recent improvements to the web filtering logs into the end point protection logs?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  14. Build Technology Add-On (T.A) for SPLUNK

    Build Technology Add-On (T.A) based on Sophos UTM logs that compatible with Splunk CIM for normalize events and integrate with Splunk SIEM app (Enterprise Security) and PCI DSS.
    you can see F5 T.A and APP on the splunkbase.splunk.com.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  15. Powershell Module for searching logs

    It would be great if there were a Powershell module to allow doing granular log searches. I often like to look for specific information and in differing ways. The time to obtain this information from support is far too inefficient. For instance, I was just looking for all messages in the log with the .email top level domain.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  16. Archived log

    I want you to add the function that can download several types of archive log by one operation.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add interface index to flow data to allow external packages to track it better.

    Add interface index to flow data to allow external packages to track it better.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  18. group

    Include a "group" field in the http.log to help ease with creating syslog reports.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable/Disable loggong for all rules at once

    For all rules in Firewall and Application Control it would be great to have a button to disable or enable logging for all rules. Or even group wise.

    This way temporary debugging is made easy and otherwise the load is low on the machine.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  20. AV passthrough downloads

    Big downloads scanned by AV portal are not shown in logs when are not finished by clicking on download link on http://passthrough.fw-notify.net/ portal.
    This hides

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.