SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable/Disable loggong for all rules at once

    For all rules in Firewall and Application Control it would be great to have a button to disable or enable logging for all rules. Or even group wise.

    This way temporary debugging is made easy and otherwise the load is low on the machine.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  2. AV passthrough downloads

    Big downloads scanned by AV portal are not shown in logs when are not finished by clicking on download link on http://passthrough.fw-notify.net/ portal.
    This hides

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  3. x-forwarded-for

    Allow the logging of X-Forwarded-For IP addresses / log proxy protocol.
    With AWS supporting log proxy protocol and when not inspecting HTTPS with ELB, the UTM is blind to the source IP address and the logs only reflect the EIP source IP address for clients so no way to ID the real client IP address at the moment in logs.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sophos Web Appliance: More granular reports

    On behalf of SS&C Technologies, Inc.

    We would like to see more granular reports on the web appliance. More specifically, top bandwidth by time. It would be useful to be able to see who use the most bandwidth by a time range instead of just the day.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. Live Log for color-blind People, New Column

    Feature to Add a New Column witch represent the row color

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. Logging of SSL Filter.

    We had a particularly bad issue on 3 of our UTM devices. With SSL filtering enabled, mobile apps such as Facebook/WhatsApp/Mobile Banking Apps and quite a few others would not work.

    Relying on the built in logs, neither us nor Sophos support could see any packet drops, even with full logging enabled.

    Turns out SSL filtering affects mobile device apps much more destructively than on a web browser.

    There is going to be a partial fix apparently with firmware 9.4 but my suggestion is more fundamental: How can I trust a device if I cannot see what it is doing?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  7. Import existing logs into iView

    Be able to import or transfer existing logs to iView that were already on the UTM prior to setting up i View.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. Intrusion Prevention Reports - Incomplete Data in Logging->Network Protection->IPS Tab

    Both the IPS tab for Logging->Network Protection->IPS and the IPS section of the Executive reports does not contain complete information about the intrusion.

    For example:

    -There is no way to determine the date and time from either report. You have to view the raw logs. Please add a date/time column for each report.

    -There is no way to link all sources with all destination from either report without doing multiple searches. You have to do it one at a time. Please simply add a Source, Destination, and Rule column for reports on both the IPS Report as well as the…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  9. Two factor auth with L2TP and Radius - Does not show in ‘online users’ on the dashboard.

    Two factor auth with L2TP and Radius. Does not show in ‘online users’ on the dashboard.

    The only place they can been seen is Configuration > Logging & Reporting > Remote Access

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. Change mail logs display from "return to" address to "sender" address

    I have found that the SMTP logs and Quarantine logs actually display the "return address" and not the sender address.
    This makes it impossible to search for mail from a particular person if they use a third party email responder service.
    I have found a lot of clients are now using third party mail services, eg ANZ, BOC, Blackwoods etc.
    This means in our logs we appear to have a lot of mail from "*@chost.net.au" (the third party mail service) but we have no idea who the real sender was ANZ, BOC etc....
    Support confirm this problem, but only suggest…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  11. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  12. Conncurrent Connections per Host

    Currently, Sophos UTM allows you to see Concurrent Connections on the Dashboard, Interfaces & Routing page as well as Logging & Reporting --> Network Usage --> Bandwidth Usage for a Total Connection usage count.

    It would be useful to illustrate a real time breakdown for which Hosts are occupying said Concurrent Connections. I've been able to track TCP Connections via ip_conntrack, however, I'm sure the Sophos UTM has a cleaner approach that could be used to isolate connections at the IP level.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  13. Logfile guide for WAF

    here was a demand from our important customer.
    The customer uses the function of WAF, but is troubled in operative duties very much.
    It is because there is not the guide of the log file.

    Please make the log file guide including the following contents about WAF.
    1.Log format
    2.A meaning and coping method of the error code

    In addition, it was not listed in the following sites.

    https://www.sophos.com/ja-jp/support/knowledgebase/115634.aspx

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  14. should add an option for logging dhcp-relay requests for troubleshooting issues.

    I had some issues with my dhcp server. In this case it would have been helpful to see if the requests are going through the utm or not.
    So please add an option for this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  15. to display the corresponding web filter exception name in the http.log

    It would be useful if you could see the name of the correspondig web filter exeption in the http.log on the UTM.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  16. Create a search tool that checks all logs, so I don't have to search each log individually to see what component is blocking something

    Create a search tool that checks all logs, so I don't have to search each log individually to see what component is blocking something

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  17. Output Interpreter

    I'm missing the "Output interpreter" which you can find on Cisco homepage. Cisco is providing this feature on their homepage. The Output interpreter can interpret the log which you have from the router and much more.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  18. Logging: Search within Search Engine Logs

    Would it be possible to support searching with asterisk within the search engine logs? So when some people had searched for "i want a new job" or "better Jobs" I want a search within the log with "jobs" and I can see all those search terms from the users.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add User Agent in reverse proxy logs.

    We had this information in our previous firewall and was helpful to know what agents are running probes.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  20. Customer wants more control over the reports in the UTM

    Customer wants more control over the reports in the UTM: statistics from DB about Network usage per User, usernames, machine name, IP - more detail below:

    Detailed description of Feature request for Reporting subsystem
    1)
    Name: Show user names in Network usage report, instead NXDOMAIN, when use Transparent proxy with Browser auth
    Business requirements (reason for feature): Network usage report used for internal billing of Internet usage
    Importance: 1 = Critical

    Customers can’t use external systems, which based on Syslog, because there is no information about amount of data in Logs: SMTP, POP3, etc
    Customers don’t have access to DB,…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.