SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add conference tools to Application Control

    Because of COVID many new Web Conferencing tools are in use. Please extend the Application Control list.
    Currently missing in our environment: Sdui & Big Blue Button (BBB)

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. How to fix Cash App login error

    A large number of people use Square Cash App payment app as their personal payment app to store and spend money. To ensure the user-friendly experience, Cash App has put in place quick and short Cash App login process. In order to access Cash App account, all you need is just either your registered phone number or email id. More specifically, all you have to do is just tap the sign in button and further you will have to receive a secret code. Once you will clear the verification, you will get into your account. Get more info: https://www.squarecashelps.com/blog/fix-cash-app-unable-to-sign-in

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Disconnect SSL VPN User Sessions

    If I have to disconnect SSL VPN User Sessions, it would be fine, when I have a button.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. Rename inappropriate HA-terminology

    It's clear, that master/s.l.a.v.e as terminology is negatively predestined. The role could be renamed to something like primary/secondary or maybe also just active/standby?

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  5. More than one concurrent SSL VPN Client at same time

    Currently only one CLient SSL VPN connection is allowed at any one time to Sophos firewall (UTMs). Suggestion is for muitiple connections. Reason is we do off line backups to customer sites via VPN but currently can only do one at a time. We have several customers who require us to do these backups.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. Get Lifetime VPN with 15 Multi Logins for just $18

    Use Coupon code: BFCM20

    URL: https://fastestvpn.com/lifetime-special-deal

    FastestVPN offers a smart, easy-to-use service for all devices including Windows, Mac, iOS, Android, Smart TV, and your router. As the name implies, this high-powered VPN operates with 99.9% uptime and gives you access to more than 350 high-speed servers

    Features:
    Restrictions: for use by up to 15 users
    350+ servers in 41+ countries
    Unblock USA Netflix, Hulu, BBC iPlayer & Disney+
    Unlimited bandwidth
    256-bit AES encryption
    Zero logging
    Ad blocker
    NAT firewall
    Anti-malware
    24/7 technical support
    Unlimited server switches
    Internet kill switch

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  7. Upgrade WebAdmin CA to create 2048bit keys in Certificates

    Sophos does currently not support the VPN Connection of iOS devices due to incpmliant key length in Certificates. Apple devices expect 2048 Bit. Please upgrade the WebAdmin CA.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
  9. open source

    Hello,

    Open the source code of UTM SG

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Wildcard within the WAF request redirection

    External users have access to a specific path given by site path routing. In this particular case I am thinking of a download link. For example

    https://server.tld/aaaa/bbbb/ccccc/

    If external users enter the complete link they are properly forwarded to the download source. But I wan´t to avoid access to management console of the storage system ( Synology ) when they just shorten the link to

    https://server.tld/aaaa/bbbb/

    Since part 'bbbb' is variable I can not define a static request redirection. Therefore a wildcard would be helpfull so that any value for 'bbbb' would be considered.

    The implementation of wildcards would be…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. otp

    Fix Password Compatibility Issue

    Passwords ending with 6 or more numbers cause the Auto-create OTP token feature to fail. This limitation should not exist. Until it is fixed it should be noted in the documentation and attempts to use an incompatible password should produce a clear error message

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. LimitRequestFieldSize value in the UI

    When publishing websites that has large request headers the WAF dismisses the request with "Size of a request header field exceeds server limit".

    This is a major issue when publishing ADFS and other authentication mechanisms that use claims/tokens and sometimes they exceed the default value of 8K.

    Please make firmware changes so that this value can be changed through the UI. optimally as a pr. virtual web server setting.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. TLS 1.2+ support for User and Admin Portal

    UTM doesn't support anything higher than TLS 1.1 For the User and Admin portals. This is a huge security fail for a security appliance.

    17 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Testing E-Mail delivery

    I got problems with sending EMails via my Sophos UTM firewall to specific EMail addresses. The EMail delivery in general works, i got only problems with specific Email addresses. Therefore, an EMail testing feature via web interface (with verbose output) would be great!

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support Microsoft Authenticator App for OTP

    Support MS Authenticator App for OTP so customers with Office365/MS365 only need 1 authenticator app on their device

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. SSLVPN: Bad Compression header

    Hello,

    I'm using SSLVPN and am getting "Bad compression error" as mentioned in below post:
    https://community.sophos.com/products/xg-firewall/f/vpn/100669/ssl-vpn-bad-compression-stub-decompression-header-byte-102

    Downgrading OpenVPN client to version 2.3.10 solves this issue.

    As discussed with Sophos Escalations Team, raising a request here to upgrade OpenVPN server of Sophos to make it compatible with newer versions of OpenVPN client.

    Ubuntu 18.04 onwards ships with newer version of OpenVPN client and its older versions are no longer supported on Ubuntu 18.04 onwards. Hence, it would great if this can be done at the earliest.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. Stop SSL VPN from storing users' passwords in client PC's memory

    Currently the Sophos SSL VPN client logs this warning in its log when connecting: "WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this"

    This appears to be a security risk, since a malicious program could conceivably obtain the user's login credentials.

    I opened a ticket with Sophos support for this, but they confirmed there is no way to make the UTM add this option to the .ovpn files when it creates the client installer bundle for a user. The user CAN manually add it to their .ovpn file, but it's not feasible to…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  18. Automatic scheduled resync users status from AD to UTM.

    Every time when I chage the users status on my Active Directory Server (blocking, disableling or excluding an account) I have to go to UTM and manually resync users to make the changes updated in UTM. This is an inconvenience. My sugestion to Sophos is to enhance UTM to make Active Directory users resync automatic.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Rename Blacklist / Whitelist to Denylist / Allowlist

    I think it would be appropriate to rename the Blacklist to Denylist and Whitelist to Allowlist. Multiple Customers reported this as offensive.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Intergrated Lightweight Firewall Web Browser in UTM GUI

    Imagine under Support > Tools, in UTM 9 there was a 'Browse' tab/option that opens an integrated web browser that let you browse the internet. It can optionally to have access to the local filesystem.

    This would be useful in many scenarios when you don't have access to local server or computer. Similar to my scenario, where I need to hit a Comcast router, UTM is NAT'd behind and I can't because no computer locally.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.