SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Increase SSHd LogLevel to VERBOSE

    Using SSH public key authentication for loginuser/root does not log which key was used to authenticate, because the sshd_config LogLevel is set to INFO.
    It should be increased to VERBOSE, so you could determine who accessed the shell.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  2. Logging: Include Generic Proxy activity in Firewall Log

    I have found out that packets forwarded by the Generic Proxy is not shown in the live log.
    When i use the firewall live log I want to see ALL packets passing the firewall, regardless of direction or anything else.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  3. report on detection specifics based on how the potential threat is detected, i.e. – on-access or scheduled scans

    Client is looking to report on detection specifics based on how the potential threat is detected, i.e. – on-access or scheduled scans. It appear much of the pre-reqs should already be in placed as the endpoints report this data in the alerts they email out and the fields appear to exist in the database however they do not correlate properly. The field is specific is the 'ScannerType' in the ThreatEvents table. The 2XX data fields in the database do not accurately reflect anything

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Logging: Tamper-proof logs via Hashing

    Companies have to prove to the law that the logs are not manipulated. Hence device must hash the log files with the time stamp. We need a menu for that on UTM. For example, customers should be able to choose the needed logs through WebAdmin, and make hashing with required logs. When needed they should be able to download the hash and log files.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. Logging: Export Logs to CSV/Excel

    Allow exporting of HTTP content filter log to a csv/ms excel/ods file (especially after using the filter to search the HTTP content filter log)

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. Logging: Enhanced log searching tools (Better search & filter)

    I would like to see better and more granular search options/filters for log searching.

    What if I'm interesting in a host only when it's a source and only when it goes to port 25 on another host. Today I can only give a simple search term and get way to much data back for it to be useful fast without spending too much time looking through the result.

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
    Planned  ·  Angelo Comazzetto responded

    This feature will be part of the UTM 9.2 release which will enter public beta in September 2013 for GA release in November. Stay tuned!

  7. Auto pop log messages when doing updates etc.

    When you choose to install an update the system just does it there is no feedback to say are you sure, especially when the system is likely to reboot after an update, for enterprise class use with the UTM 120+ then this could be a critical piece of equipment, my other request (main request) would be to have information about what is happening when tasks take longer than a few seconds (like updates), popup the up2date love log window to show the progress and actually tell the user when its done or have some sort of progress bar, a box…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. Administrator Sessions

    My Idea is to expand the Logging of the changes of the administrators (now only 20 sessions are logged), Maybe per session one Email.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  9. Show extended firewall log informations for outgoing connections

    I Use multiple public IPv4 Adresses on an Interface and created masquerade rules for some servers to use specified public ip's for outgoing connections.
    But it's not possible to show in logfile which public outgoing IP is used.
    It is possible to extend the Firewall-Log with this informations?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  10. Reporting: Flow Monitor 2.0

    In the Flow Monitor, it would be nice to be able to click on a Host/Client, and list all of their connected Host/Clients, ports that they are using, and bandwidth used for each of those. Currently The Flow Monitor only list total traffic used by a Client/Host, but for more information the text logs have to be searched.

    It would also nice to be able to have fine grain control of that traffic (throttle and blocking) in real-time from inside the flow monitor. Options like Temporary blocks, or data caps, would all be bonus too.

    48 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  11. Log recovery

    When the log daemon is down, Astaro/Sophos can't collect any data, even if a remote syslog server has been configured; this because the system can send the logs only after they are written to the disk, when daemon is down the logs aren't written.
    This is a serious problem for the Italian law.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  12. Logging: Enhanced, Standarized Log Viewer with support for logical operators

    Please implement a reader friendly log-, and live log reader which will output any of the the text logs to a formatted output (similar to the actual paket filter live log). Should offer following features for viewing all types of logs:

    - formatted output (as paketfilter live log)
    - colored (drop, pass, block, info and so on)
    - expression filters
    - possibility to filter (do not show) logentries (similar to user portal / smtp log), where you can hide unwanted informations)

    199 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    18 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Security: Full Control of Instant Messaging

    These are very useful options and I guess these are very necessary features for ASG:

    * Instant Messenger Controls:

    * Controls file transfer through Skype, MSN, Yahoo, Google Talk and other popular instant messengers based on file name, extension and size

    * Shadow copies are created of files uploaded and downloaded over IMs

    * Logs are archived for chat conversation as well as file upload and download

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  14. Logging: Global Search of Log Files

    Add the ability to globally search all logs for matching strings from a single entry box for a specified date/time range.

    51 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  15. Logging: Global live log of all activity

    Please, give a way to display all available live logs together of all services in only one single window

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  4 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  16. Logging: Restore Logs into new Installation

    When you install a new server, all logs are lost since the logs remain at the old server.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  17. Logging: CIFS Remote Log File options

    The ability to save to sub-directories underneath SMB shares would be great.
    Also a 'Test connection button' would be great. Currently we cannot use SMB archiving with our Windows cluster as it requires a DNS name be used rather than an IP address, so please add the ability to use server names rather than resolving a DNS host.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  18. Logging: Human-Readable Web Server Protection Logs

    Please optimize WAS logging view of readability. Logs should be extended, not only Attack ID's. Example Log(Actual Logging ASG 8.2x): Attack ID 950907 Should be better extended with in a human readable log entry as:

    Attack Type: WEB_ATTACK/COMMAND_INJECTION
    Attack:
    WASCTC/WASC-31
    Or optional additional Informations as a classification or else:
    OWASP_TOP_10/A1 (SQL Injection)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  19. Logging: view IPSec VPN log file

    The IPSec VPN live log does contain the connection name

    2011:02:11-14:15:30 HOSTNAME-1 pluto[xyz]: "S_ABC_VPN" #[number]: initiating Quick Mode.....

    but view "view log file" you only get

    2011:02:11-14:15:30 HOSTNAME-1 pluto[xyz]: "S_REF_jYhIsAnhzG_3" #[number]: initiating Quick Mode.....

    so you have to lookup the REF yourself AND it is much less "readable" as the connection name itself in the log file.

    I suggest, that the connection name is also contained in the "plain" ipsec vpn logfile, and not only displayed in the live log.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  20. Logging: Remote log file archives "test" button

    Please add the ability to verify the remote archive log files server credentials (Test Button) so the admin may be certain that the archives will be written - prior to a warning email notice that the files could not be written on the target server.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.