SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. WAN Interface speed test

    Being able to test WAN Interfaces by isolating from the network traffic temporarly. That would be very helpful to identify slow internet connection and causes.

    7 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. IPv4 Fallback for IPv6 with Proxy in Standard Mode (Happy Eyeballs)

    If a webserver is resolvable in DNS with both IPv4 and IPv6 addresses (A and AAAA Records) the UTM Proxy will prioritize IPv6, which is ok.

    If the server is not reachable on IPv6 no fallback to IPv4 happens if the proxy is running in Standard mode.

    The provided workarounds are:
    1 -disable IPv6 on the ASG
    => Seriously, disable IPv6 in 2019 ?

    2 -add a DNS static entry for every affected site with only an IPv4 record
    => Definitely not starting to statically add internet hosts...

    3 -use HTTP proxy transparent mode instead
    => well yeah, but want…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add Altaro VM Backup to the list of applications in Application control.

    Add Altaro VM Backup to the list of programs available for selection in Application control.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. XG 135 to support half duplex

    Hello Team,

    We have customer here requesting for XG 135 to support half duplex speed interface.
    For your assistance please. Thank You.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  5. IKEv2

    Would like to see support for IKEv2 in AWS appliance.

    4 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. add new bandwidth monitor based on rulls and shapers

    we would like to have a real time reporting of bandwidth based on shapper and firewall rule
    as we create the shaping of bandwidth and we apply that on firewall rule but after that we can't see what is the real traffic for this rule specially when we dedicate a bandwidth for IPsec VPN or Voip

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  7. E-Mail Exception for encrypted attachments

    It should be possible to create an exception for encrypted attachments without having to disable the malware scan.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. SUM log traffic for automatic firewall rules

    When we create an IPSEC VPN in SUM and use "automatic firewall rules" option, we can't edit the option "log traffic" for these rules and so we can't see the logs for these rules.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Capability to add iphone as additional interface under UTM

    Hello Team,

    We have customer here requesting to have capability to add iphone as additional interface under UTM. For your assistance please. Thank You.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  10. sandstorm Exclusion in SUM

    Provide the ability to configure sandbox/sandstorm tick box in exclusions pushed out by SUM to UTMs

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Reflexion

    Dynamic Host Names for Trusted Hosts

    Reflexion needs a solution to allow dynamic host names for trusted hosts for clients that use dynamic ISP services (likely 99% of clients use dynamic ip services). Adding a IP Host to these clients and managing this everytime the IP address is changed by the ISP is not an ideal solution. All of our clients use a Sophos XG and we can use the built in XG dynamic IP names (ie: client.myfirewall.co) to define the IP address. Simply allowing the use of a host name would resolve this.

    Andre

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Frequency of Quarrantine report

    Would like the option to have the quarrantine report weekly, as some users get lot of mailing list type spam, and it gets a bit annoying having the report emailed every day.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Specific MIME Types for Office Documents (e.G. Macroportection)

    Office documents e.G. Word habe specific MIME Types - old .doc documents (application/msword) or new with Macro .docm (application/vnd.ms-word.document.macroEnabled.12) can have Macro, new type .docx (application/vnd.openxmlformats-officedocument.wordprocessingml.document) can not have Macros and are secure!

    Sophos Mail Filter makes no difference and send every File in Quarantine.

    It would be perfect, if the dangeres Files (.doc and .docm) can go to Quarantine and the safe Files (.docx) send direct to the User.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. DHCP option 150

    Hello Team,

    We have customer here, requesting to to have option to configure DHCP option 150 and 66 under Sophos UTM. For your assistance please. Thank You

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  15. HTTPS Certificate on Captive Portal

    It would be great if the WiFi Captive Portal provided a link to download the HTTPS Certificate Authority so that visiting users can be properly filtered with HTTPS scanning. This is important in educational institutions to help protect students from web browsing by visitors.

    Estimados, sería muy importante poder generar una actualización en la que desde el Captive portal se pueda descargar el certificado de SOPHOS para la aplicación del escaneo HTTPS y forzar el SAFE SEARCH. En instituciones donde asiste mucha gente con dispositivos propios que utilizan el servicio de WIFI no se puede instalar de forma centralizada el…

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. APIPA range over route based VPN.

    APIPA range over route based VPN

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. SSL VPN autorized using MAC address. So put control over unknow devices.

    For example we have 5 person with marketing team. when they are out of network they connect using ssl vpn. But they also connect with their personal laptop. for the Restriction to their personal laptop MAC based ssl vpn policy.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. "Auto-Firewall ist auf" Übersetzungsfehler

    "Auto-Firewall ist auf" Übersetzungsfehler in deutscher WebAdmin-Sprache, z.B. unter Fernzugriff -> SSL -> Profile, wenn ein Profil angelegt ist
    LG

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Certificate on the UTM

    Out-of-the-box Sophos UTM will generate self-signed certificates for many functions as for the Web proxy signing CA. We would like to use our internal PKI infrastructure consisting of an W2K16 Enterprise RootCA because it_s certificate is trusted automatically by all Windows clients in the domain so there is no need to distribute other certificates by GPO for e.g.

    For the webadmin console we used a certificate signed by this _Root_CA and that works without problem. Because we use SSL scanning we want the web proxy _Signing CA_ to be a intermediate CA of our RootCA. I have generated the certificate…

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Please add in Sophos UTM in Web Protection>Application Control>Application Control Rules the new application control for Discord - Free Voic

    The app Discord - Free Voice and Text Chat for Gamers, https://discordapp.com/ is not listed in Application control list. Please add in Sophos UTM in Web Protection>Application Control>Application Control Rules this application. Thank you

    6 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.