SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Logging: Content Filter overrides on Blacklisted Sites

    Logging will report any bypass for a built-in blocked category, but custom blocked URLs do not be entered into the log.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    I’ll mark this as completed, however as this is a bug (not a feature) it is being tracked internally now. We’ll address this in a coming Up2Date. Thanks for reporting it. (Mantis 21605 for reference)

  2. Notification Redundancy Filter

    Currently, if you have email notifications enabled, and you get portscanned (or any other highly repetitive attack), you get up to 100 emails generated within seconds. It would be great if there were an option to set a redundancy filter to limit notifications on attacks with matching critera (same source, destination, and protocol) to X number of seconds.

    For example, if I set this value to 10 seconds and I get portscanned continuously for one minute, I would get 1 email for every 10 seconds this attack occured for a total of 6.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    This feature is already possible, for exactly this use case. Just enable “Limit Notifications” from the notifications menu itself.

  3. Identify which rule generated an entry in the packetfilter.log

    At the moment I don't think it is trivial to identify which rule logged something to the packetfilter.log. It would be helpful when debugging.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Reporting: Multiple Syslog (Log Destination) Servers

    Having more than one log destination is a good feature for both redundancy and to implement a four eye principle based security monitoring command center. It is a must have for MSS providers these days.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  5. Logging: Select All Button for Log File Viewer

    Include a "Select All" check box so that eg. alll log files on the Today's Log Files screen can be selected and downloaded/deleted.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  6. Emailed Logs

    The admin can send logfiles automaticly to himself or to another e-mail-adress. Wich logfiles to be sended he has to click by a checkbox. The logfile should then be intialisiert after sending.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
    Completed  ·  Angelo Comazzetto responded

    I’ll close this, as email logging is already implemented, and if the admin is in front of the web gui going “email me this log” its the same as just immediately downloading it vs. immediately emailing it.

  7. Logging: Detailed Admin Logging of Config Changes

    Add the ability to log in detail where admins go and what they change while inside webadmin.. This has many benefits for accountability, such as if Joe with admin access navigates to packet filter---rules, and deletes a rule, it would often be helpful to know this information. If not possible to have a DETAILED log of what was changed, it would satisfy the majority of the requests if we could simply log that admin Joe went to packetfitler---rules and did a create/edit/delete of something, etc...

    153 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  8. Logging: negation of search string for live logs

    Add a negation for the search string while watching the packetfilter or other live logs. show all except port 80 (like the 'not port 80' tcpdump syntax. searching for the right log lines would make the debugging process a lot easier.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.