SG UTM
Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.
-
Notifications: Warn employees of pending Up2Date install
I was wondering if it would be possible to have the product send out a notification to a group of users when you schedule a update? So like for example tonight I scheduled the update to 8.304 for 21:00 so say during the scheduling process you can pick users or a group of users to send the notification to just inform them that the firewall will be updating during this time and Internet could be unavailable for approx 10 mins during this time please plan accordingly?
4 votes -
WebAdmin: Display server/client name on Licensing page
When looking at the active IP that are taking licenses, it should also display the server/client name, not just the ip address, making it easier to track down what might be using up unwanted/unneeded spots.
2 votes -
Web Protection: "Web manager" for filtered HTTP proxy items
Another idea from a customer:
Similar to the Mail Manager, there should be a "Web Manager" which is allowed to release items that were blocked by the HTTP proxy.Example:
Someone downloads an passwort-protected zip file via proxy. After the download, it cannot be scanned because the file is protected, and is blocked. But the user needs that file. Now the admin would look at the blocked items and release it.3 votes -
Networking: Display active DNS clients
When viewing DNS settings, you can see the static enteries you have configured, but you should also be able to view active clients... like you can with active leases in DHCP.
1 vote -
Firmware Update via USB Stick
Copy the up2date-release on a usb-stick, plugin into the usb-port of the asg-device and then press at webmin-gui the (new) button "import update from usb-device".
This will give you the option to make a update on an asg without download / upload the firmware-release. In some reasons you don't want to make an automatic systemupdate.10 votes -
WebAdmin: Comment boxes for all areas
I would like to have a comment box, how we (windows-) admins know from Active Directory-MMCs.
This comment boxes should be at the bottom of all WebAdmin-config-sites.
And in this comment boxes, we could write any infos (for other admins), comments, ideas, todo's, ...3 votes -
Allow Multi-Category White / Black Lists
We need a way to specify more complex content filter rules since the addition of multiple categories.
Allow the content filter to have blacklisted and whitelisted categories at the same time, and allow them to decide which one "wins".
For instance, if a user wants to blacklist Games, but allow Educational, they could. They could also allow Shopping, but block Intimate Apparel. Currently if you select only 1 category, the site will be blocked even if you have whitelisted others it matches.
4 votes -
active directory re-authentication
web security should reauthenticate against active directory every 10-30min so that when (guest) account is locked they are unable to get through web security
3 votes -
WebAdmin: Select interface for SNMPd
It would nice to be able to bind the snmp daemon to defined addresses.
For example a problem:
Monitoring through VPN (ipsec0) is not working cause the snmp-read requests to a local interface of the astaro are answered by the ip of the ipsec0 interface (outgoing). Therefore the replies can not be assigend to the former read.4 votes -
Networking: DNS Incoming Load Balancing
It would be cool if the UTM could update DNS records to balance the incoming traffic. By changing the DNS answer across the public addresses configured on the UTM, the records could update (although with a delay) in reference to how much bandwidth and connection are used on the WAN links at a point in time to avoid new incoming connections being delivered to overloaded links.
16 votes -
Authentication: Additional LDAP Attributes Support
Add a configuration option for adding a query filter attribute for additional email-addresses for user settings.
like searching for email destination (|(mail=%s)(otherMailbox=%s))Its easier to maintain email-aliases like info@domain.tld in central directory.
Also, other attributes like First and Last name should be selectable if possible
18 votes -
Management: Auto-Populate Networking Definitions via Scan
By scanning the local IP-space of connected/configured internal (non-gateway) interfaces, discovered IPs should be auto-added to the definitions list using their hostname as the title (if available) otherwise just fill in the IP for both the address and the name.
This saves admins having to define their objects from scratch, and they can always delete the object definitions they don't want/plan to use. This should be done either automatically, as part of the wizard, or on request.
24 votes -
VPN: IOS XAuth Password
Currently the configuration available via the UserPortal automated setup has no way to include a password for the user, which they must then specify every time they connect. Including the password would allow one-touch VPN connecting!
2 votes -
Authentication: Add new user to existing group
When creating new user it would be nice to be able to put the new user in an existing group as part of the creation process.
1 vote -
Reporting: Detailed Network Reports for Billing
Basically we use Astaro in environments where we have multiple networks or from differenet companies and the parent company would like to monitor usage, in detail (inside and outside the proxy), be able to put a dollar figure on data, with and without thresholds and then export a simple usage report for billing purposes.
6 votes -
SNMP trap for Uncategorized Sites
We need a SNMP trap that notified to the NOC center that an website visited by a user is not categorized.
It's very important to have this warning for companies that provide MSS.7 votes -
Networking: Configurable FailOver IP's
We want to use one vlan for multiple Astaro clusters.
4 votes -
Date of Automatic Backups
I want to be able to set the date of Automatic Backups. It is convenient to be able to set the day when the backups of each ASG is transmitted.
2 votes -
Reporting: Cache Statistics
To visualize the cache efficiency it would be cool to display some cache stats as cache hit and cache miss percentage, WAN bandwidth savings etc.
This would be a really cool addition to the IMO good caching algorithm in V7.500
20 votes -
Add Support for IPoA (IP routing RFC 1483).
this protocol is used for DSL-Connections in Spain (telefonica.es) instead of PPPoE
If you plan to attach your Astaro to the Internet you have to by a Router form the ISP and NAT all your Traffic. But this is no goot Idea for incoming IPSec-VPN...
6 votes
- Don't see your idea?