SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. UEFI boot

    Make the ISO a standard UEFI ISO

    5 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      1 comment  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
    • WAN Interface speed test

      Being able to test WAN Interfaces by isolating from the network traffic temporarly. That would be very helpful to identify slow internet connection and causes.

      7 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
      • IKEv2

        Would like to see support for IKEv2 in AWS appliance.

        4 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
        • Add Veeam replication to Applications

          Please add an application category for Veeam replication traffic. It currently appears as the highest traffic volume as "Unclassifed" - sick of having to explain it every month.

          9 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
          • add new bandwidth monitor based on rulls and shapers

            we would like to have a real time reporting of bandwidth based on shapper and firewall rule
            as we create the shaping of bandwidth and we apply that on firewall rule but after that we can't see what is the real traffic for this rule specially when we dedicate a bandwidth for IPsec VPN or Voip

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
            • E-Mail Exception for encrypted attachments

              It should be possible to create an exception for encrypted attachments without having to disable the malware scan.

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • SUM log traffic for automatic firewall rules

                When we create an IPSEC VPN in SUM and use "automatic firewall rules" option, we can't edit the option "log traffic" for these rules and so we can't see the logs for these rules.

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                • Capability to add iphone as additional interface under UTM

                  Hello Team,

                  We have customer here requesting to have capability to add iphone as additional interface under UTM. For your assistance please. Thank You.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                  • sandstorm Exclusion in SUM

                    Provide the ability to configure sandbox/sandstorm tick box in exclusions pushed out by SUM to UTMs

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • O365 Tenant Restriction

                      Microsoft have released guidlines to restrict access to specified O365/Azure tenants.

                      This requires the injection of an HTTP header.

                      https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/tenant-restrictions

                      Without his functionality being added to UTM users can access any tenant when rules are added to allow access to MS Cloud Services

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • AWS Transit Gateway Support

                        Currently, the Amazon VPC setup does not support the new Transit Gateway in AWS. When you attempt to import via config file or secret key it errors out with a Regex error.

                        I went up the whole chain of premium support and the GES Engineer let me know it currently isn't supported.

                        As Transit Gateway is the future of Inter VPC & S2S networking this would be nice to have supported.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                        • Reflexion

                          Dynamic Host Names for Trusted Hosts

                          Reflexion needs a solution to allow dynamic host names for trusted hosts for clients that use dynamic ISP services (likely 99% of clients use dynamic ip services). Adding a IP Host to these clients and managing this everytime the IP address is changed by the ISP is not an ideal solution. All of our clients use a Sophos XG and we can use the built in XG dynamic IP names (ie: client.myfirewall.co) to define the IP address. Simply allowing the use of a host name would resolve this.

                          Andre

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Frequency of Quarrantine report

                            Would like the option to have the quarrantine report weekly, as some users get lot of mailing list type spam, and it gets a bit annoying having the report emailed every day.

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • Specific MIME Types for Office Documents (e.G. Macroportection)

                              Office documents e.G. Word habe specific MIME Types - old .doc documents (application/msword) or new with Macro .docm (application/vnd.ms-word.document.macroEnabled.12) can have Macro, new type .docx (application/vnd.openxmlformats-officedocument.wordprocessingml.document) can not have Macros and are secure!

                              Sophos Mail Filter makes no difference and send every File in Quarantine.

                              It would be perfect, if the dangeres Files (.doc and .docm) can go to Quarantine and the safe Files (.docx) send direct to the User.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • DHCP option 150

                                Hello Team,

                                We have customer here, requesting to to have option to configure DHCP option 150 and 66 under Sophos UTM. For your assistance please. Thank You

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                • HTTPS Certificate on Captive Portal

                                  It would be great if the WiFi Captive Portal provided a link to download the HTTPS Certificate Authority so that visiting users can be properly filtered with HTTPS scanning. This is important in educational institutions to help protect students from web browsing by visitors.

                                  Estimados, sería muy importante poder generar una actualización en la que desde el Captive portal se pueda descargar el certificado de SOPHOS para la aplicación del escaneo HTTPS y forzar el SAFE SEARCH. En instituciones donde asiste mucha gente con dispositivos propios que utilizan el servicio de WIFI no se puede instalar de forma centralizada el…

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • APIPA range over route based VPN.

                                    APIPA range over route based VPN

                                    1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                                    • SSL VPN autorized using MAC address. So put control over unknow devices.

                                      For example we have 5 person with marketing team. when they are out of network they connect using ssl vpn. But they also connect with their personal laptop. for the Restriction to their personal laptop MAC based ssl vpn policy.

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • "Auto-Firewall ist auf" Übersetzungsfehler

                                        "Auto-Firewall ist auf" Übersetzungsfehler in deutscher WebAdmin-Sprache, z.B. unter Fernzugriff -> SSL -> Profile, wenn ein Profil angelegt ist
                                        LG

                                        3 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Certificate on the UTM

                                          Out-of-the-box Sophos UTM will generate self-signed certificates for many functions as for the Web proxy signing CA. We would like to use our internal PKI infrastructure consisting of an W2K16 Enterprise RootCA because it_s certificate is trusted automatically by all Windows clients in the domain so there is no need to distribute other certificates by GPO for e.g.

                                          For the webadmin console we used a certificate signed by this _Root_CA and that works without problem. Because we use SSL scanning we want the web proxy _Signing CA_ to be a intermediate CA of our RootCA. I have generated the certificate…

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.