SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Wireless Protection: MAC-Filter based on vendor

    There are several customers who want to allow wireless access only to specific vendors. So it would be great when the MAC filter on a WiFi would only check the first six characters in the list (for example: Kyocera 00:14:60).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. hotspot

    Allow custom "session expires" values with "Backend authentication" hotspot types, or at least increase to 1 year.
    We have students that stay only for 1 year, would be great to allow for 1 year instead of asking every week to log in.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Wireless Protection: Preventing deauthentication attacks. IEEE 802.11w Support

    The Cisco feature is called "Management Frame Protection". This process was standardized with the IEEE 802.11w

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Name resolution on Wireless Status

    When you click on Wireless protection a list of connected devices show up, but the UTM is able to identify the hostname only for networks that the UTM is managing the DNS. If a wifi network is set to "bridged to AP LAN" the UTM shows only the MAC address instead of IP or DNS name.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Notifications for HotSpot

    Allow enabling notifications for HotSpot login/failures. While not ideal for all environments some admins need to know this information and giving the option would be valuable.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Import/Export vouchers database

    Currently there is no way to export/import the vouchers database from an UTM to another one, e.g. a spare one.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Guest Wifi Push Notification Approval

    I would love to see a captive portal integrated with a push notification. This way, users who don't have a lot of people who access their guest network can avoid dealing with passwords/PINs, etc. This also enables people to request access without having gained a voucher in the first place. Here's how I imagine it might work:

    A) User joins the wireless network, and is given the captive portal.
    B) On the captive portal, the user is given the option to "Request access" if they don't already have a voucher and enters the information requested (customizable, probably name and maybe…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. hostapd & WiFi cards

    I'd be delighted to have my mPCIe WiFi card showing up in the interface list so i could build up a WiFi segment with hostapd directly from my UTM 9.x device... Ahhh yeah that'll smoke everything else for sure =)

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make guests enter email for hotspot access and reporting

    Option to make guests enter their email address for hotspot access and the ability to create a report to list all captured email addresses.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Making visible the WLAN MAC Adress of the AP

    It would be great to see the WLAN MAC adresses of the AP's directly in WebAdmin. This would be very helpful for example when creating a Heatmap .

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Vouchers that are already printed should be marked

    ...so they're not printed out twice by mistake. A filter should be applied too, so you can choose whether you would like to print out all vouchers, all "new" (not printed) vouchers or vouchers that are already printed.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mixed types on same Hotspot

    Add support for mixed Hotspot types for the same Captive Portal. Like "SMS", "Voucher" & "Password" all on same Portal.

    It's very common for public Hotspots to offer mutliple options for authentication, especially Hotels for example allow Login via e.g. "room#, Name and date of departure", "Voucher" or simple "Password".

    Currently, customers would need to create multiple different SSIDs with weird namings, one for each hotspot type to achieve this.

    Display all the different input fields at the portal and put some boxes around the different login form fields to easy differentiate them.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Guest WLAN (Hotspot) - "DHCP Address Assignment Required" Option

    If guests change their IP adresses, it is not possible to track them in the logs. After a simple IP change, we have no possibility to connect an IP address to a MAC and then to a Voucher/Guest. So you can bypass the logging. This is an importion feature for guest wlan / hotspot feature!

    56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. WIFI auto channel

    Currently, AP only select the channel once, at boot time, then never again. can we impletement WIFI auto channel select and scan the non busy channel and select it.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Wireless: permit to disconnect a logged-in user (by voucher or backend ...)

    I would like to have an option to throw out a logged-in user identified by backend or voucher

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Leave out the "unit name" like "hours", "days" etc. from the voucher variables

    Hi, once again: great Job with improving the customization of the PDF vouchers in the hotspot section. But I wonder why you included the "unit names" with the variables, e.g. Valid for "1 day" or like we have it with german language Settings "1 Tag". This makes it difficult to create a multilingual voucher Definition. The fact we run the user portal in german does not mean, we do not have voucher users from abroad, but they will always get the german "unit names" for "hour, day" etc. I would appreciate the "unit names" being left out from the variables,…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Standardize the HotSpot password

    Would it be possible to put an option in the SUM to have the same HotSpot password on the whole of an SG / XG fleet

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. WPA2 Enterprise can Authenticate/Authorize Local Users

    I've run into a situation on several occasions where WPA2 Enterprise could also use local users/groups for authentication/authorization.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Implement LLDP (or CDP) on the Access Points

    This will be very helpfull to detect access points on a network.
    > Finding these devices for maintenance ( reboot with POE off / on ) without following the cabeling or looking for mac-adress-tables would be great.
    Maybe LLDP/CDP would also suite the UTM ethernet ports.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.