SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. dhcp static mapping

    Have a DHCP IP Reservation function similar to XG Firewalls.

    In XG, you can simply reserve an IP address in the DHCP pool so this will only be assigned to a specific user.

    This is not the case with UTM as you have to manually reserve static IP addresses outside of the dhcp range

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Usage of Sophos AP over a IPSec tunnel

    Currently ( 9.605 ) it's not possible to use a Sophos AP on a UTM for remote locations which are connected via IPSec VPN tunnel and not a RED. The AP is being recognized, you can manage it and see all the connection attempts.
    The only thing not working is the DHCP server on the UTM which is not able to send his DHCP packets into the tunnel to the AP. It would be great if this function cold be added.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add logs and reports for web filtering blocked due to unscannable and encrypted file

    Hello Team,

    We have customer here requesting to add feature on UTM in which to add logs and reports for web filtering blocked due to unscannable and encrypted file. For your assistance please. Thank You

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Standard ADSL Support on SFP+ Modem

    Standard ADSL Support on SFP+ Modem

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add WIFI feature to kick users

    Add WIFI feature to kick users/devices out on Guest Wifi after a certain period of time to free up the bandwidth.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. logging reporting

    When the customer clicks on 'Remote Access' he is confused by the page he's greeted with 'Remote access status'. he is under the impression that all remote users are listed there.
    I suggested to go to 'logging and reporting'>Remote access instead to obtain a detailed view. This however is still not satisfactory for the customer. He would like to see an improvement in this area.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  7. password of the day rest api

    implement a function to geht the actual password of the day via rest api.

    it will be used to fetch the password of the day to display is every day on a display in the conference rooms.

    then no print out is needed for that.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sort interfaces when configuring NAT

    Today when configuring NAT the dropdown with the existing interfaces is not sorted, each newly created interface is inserted somewhere into the list, you have to search for it manually. It would be helpful if these interfaces are sorted in an alphabetical order. Especially when many VLAN Interfaces are created there are quite many objects in the list.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  9. Fix the Bug where X-Forward-? host headers are passed when pass host headers is turned OFF in the configuration

    This should be a critical bug in the product but has been downgraded to a feature request for an unknown reason.

    Issue details
    X-Forward-Host and others are appended to the request when the client sends the data (usually as a hack attempt). This results in both the values from the client and the value set from the firewall being sent through to the back end web server.

    Please treat this as the bug it is and not as a feature request.

    Tracking details:
    Development reference number: NUTM-11135
    Current Status: Assigned to backlog
    Issue type: Feature Request

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Let's Encrypt Domain Validation via DNS challenge

    Let's Encrypt Integration is really cool but it would be even better if there is support for Domain Validation via DNS challenge. With DNS challenge, you can prove domain ownership (through responding to a challenge with a DNS TXT record) without the need to expose any services to the Internet.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Safeguard Bypass

    It would be great to have the ability to bypass SafeSearch on a web policy based on Groups, IP or user.

    This would allow the level of granularity needed in schools without the need for complex firewall rules.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Zählen von unterschiedlichen Attachments

    Wir benötigen eine Möglichkeit um festzustellen, wie viele unterschiedliche Mail Attachments zum Beispiel pro Monat die UTM passieren.
    Man sollte also auf .doc, .docx, .xls usw filtern und zählen können.
    Es wird keine Grafik benötigt, es genügen als Ergebnis die reinen Zahlen.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Manual Sandstorm Upload in User Portal

    Enable the new manual Sandstorm Upload for a select group of Users in the User Portal.

    We would like to enable people who are the first point of contact, e.g. HR Department for job applications, to be able to scan suspicous documents and files for a thorough analysis.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  14. CORS Support for Sophos UTM 9

    CORS also known as Cross-origin resource sharing is a W3C Recommendation (now WHATWG) released in 2014 for web browser and servers alike. It is a defacto standard for frontend developers so they use it whenever possible.

    In a support request to Sophos my company was told that there is no support for that feature which is heavly used in the world wide web.

    Quote:
    This is regarding service request number 8991442 which you have opened with us.

    We checked with senior but the feature is not, yet supported.

    Feature which you are looking for is not available in current firmware…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support for Gmail SMIME Decryption

    Hi,

    as mentioned in support case #8595985 I suggest to make the Sophos UTM Mail Encryption to support the way that Google Suite is handeling SMIME Encryption.

    At this moment we are unable to decrypt SMIME-encryted and -singed mails from ALL of our customers and partners which are using an Google Gsuite Account with SMIME-Encryption.
    As a result of Develoments research (which took already 7 months) I got an Information from support that Google is using a different way to handle SMIME, which is not supportet by UTM:

    "the UTM expects encrypted mail, it first decrypt the mail and verify…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. VPN MFA session timeout

    We have setup the Sophos UTM from the AWS Marketplace (ver 9.603). We have configured it with MFA access so that when we connect using the VPN clients we need to provide our MFA code. We need to do this every time we connect which can be a bit of a hassle for our VPN users. I would be great if sophos supports session timeouts when connecting with MFA which would allow reconnects within a timeout without having to enter MFA again.

    Related support post: https://community.sophos.com/products/unified-threat-management/f/general-discussion/114185/sopohos-utm-mfa-session-timeout/409858#409858

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. Password Age Setting as QSA Requirement

    Hi ,

    As per QSA requirement that the password age setting feature and the change in password notification be available. This is a pain for us and is hampering the client to convince them to deploy more Sophos UTM.

    Regards,

    Clyde - TN

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. TOP10 VPN Clients by duration section in Executive Report does not combine different case of the same user name

    In the Executive Report, the TOP10 VPN Clients by duration section does not combine user names that are used in different case. For example, "User1" and "user1" are show as unique users on the list. Given that users have to manually type their user name in the SSL VPN dialog, it can't be expected for users to keep the case the same.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. Preventive email base leak.

    Preventive email base leak.

    E.g. text may contain several emails. we are counting only unique adresses. Text may include more than one email repeating and it must count as one consilience.
    If some settings is exceeded email transmission is stop.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. WPA3 update for current products upon release

    I hope that Sophos will update their current AP products to WPA3 and not only ship new hardware with a WPA3 certification and firmware. The release of WPA3 is planned for late 2018 and would be a great addition to existing hardware installations.

    54 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.