SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. ipv6 traffic utm

    As an admin in times of growing Internet of things with about 50.000.000.000 IPV6 things in about 2 or 3 Years. I hope to be able to administer ipv6 Networkconnections and there possibilities by the Webadmin tool. Not only generally for all interfaces. And not by doing this in the shell.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. SMTP Proxy Listen Interface - not include automaticaly additional addresses

    Since V9.6, the SMTP Proxy listen interface feature is reality. It would be nice if the configured listen interface not include automaticaly also the additional addresses of the selected interface. This is bad for security audits.

    Thank you very much.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. WAF Logs - Please add action fields

    Currently Sophos UTM IPS and WAF has no indicator on its logs if a certain traffic was Blocked, Allowed or Supposed to be Blocked (if worker node is running on Monitor mode). Which is a problem for a multiple deployments which is running on a combination of Reject/Blocking mode and Monitor mode. Please add this as another field on your logs as all of other WAF's and IPS that I handled before has. Many other customers had or will find this feature lacking when operating and monitoring on multiple worker nodes.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
  4. Self-service VPN password/QR code reset

    We have a large number of VPN users and not a day goes by when I don't get an email from a user claiming they got a new phone and need a new QR code and also they forgot their password so could I just go ahead and reset their account for them? Life would be simpler if there was a Forgot Password option where it would send them a password reset link. The process would also delete their OTP Tokens so they would get a new QR code after resetting their password.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. Encryption Add-in for Outlook - show confirmation when an email is encrypted

    Change "Encrypt" button in outlook to show when an email is encrypted. Currently it does not give any confirmation when the "Encrypt" button is clicked!

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Indicator for active connection in Multipath Rules screen

    Multi-path rules works nice but we don't see at the very moment which connection is used. Maybe "Skip rule on interface error" made the connection to switch to the another interface but we can't see it.
    Not sure if connection backs to normal after error rectified by itself or not.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
  7. Spam Report Customization

    It would be nice if it were possible to customize the Spam Report. E.G. to add Blacklist and Delete Buttons.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Alert email after reaching set B/W threshold Value

    I need alert email in case my Internet Bandwidth threshold reached for at least for 5 Minutes , So proactive actions can be taken , it is not possible to put your eyes every time at firewall bandwidth utilization , or raising escalation by customers

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. fw-notify.net DKIM signing for notifications

    Many email systems are blocking messages sent without DKIM authentication. If possible, please consider adding local DKIM ability or preferably, global DKIM ability (that's tough because of the private key required) for message signing). My ISP is now classifying all email sent from fw-notify.net as SPAM because the messages lack DKIM.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
  10. AD Nested group support for policy helpdesk

    Hi,

    Policy helpdesk can not handle Users in nested groups . (It shows Blocked to all site for these users but in reality (in practice) it works from the end users browser)
    Please add fully support to AD nested groups in all parts of UTM.

    Thanks

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. "Out Of Office" replies with BATV feature enabled

    With current exim configuration, the "Out Of Office" replies getting rejected by the BATV due to the null return address in the reply. Please add a feature to handle these messages pass through the BATV feature.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Quarantine report without delay

    Please make it possible to send a quarantine report directly after receiving a new (blocked) e-mail.

    Sometimes it is very important to answer an e-mail as fast as possible. We can't do that, if the Quarantine Report will be sent hours later or even the next day.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Assign static IP address to VPN SSL clients

    It would be extremely useful to add the possibility to assign a static IP address to clients connecting with VPN SSL. It works with IPsec and L2TP but not with SSL. With a static IP address for each user, we would be able to allow them a specific acces to internal ressources. Thanks.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  14. bgp

    Make BGP transfer it's state so that during high availability failovers BGP connections are not lost for 20 seconds when BGP is restarting.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
  15. RESTful API: Provide an API call for Routing Table /IPv4 Default GW for an interface

    At this moment, there is no option to make a API GET call for all the routing table of the UTM.
    Including the IPv4 Default GW for an interface.

    This is very important for thirdparty environments that using and analyzing the routes and the access-lists of the network devices of the production environment.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
  16. reject

    Firmware version: 9.601-5

    unscannable / encrypted content and file Extension filtering is quarantine only unfortunately.
    Please add an option to bounce emails by file extension (e.g. bounce old office formats like .doc, .xls etc.) and to bounce unscannable / encrypted content.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow work space Facebook and block personal Facebook.

    Hi,

    Add this feature in Cyberom UTM to Allow work space Facebook and block personal Facebook.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Update SSL Certificate Option

    We are hosting 89 websites behind the firewall using a wildcard certificate, this certificate is going to exipre in few days. When trying to update the certificate with the newly created wildcard certificate I didn't found any option to do that. The only option available was uploading that new certificate with a different name and manually assigning the new certificate to all our Virtual Webservers.
    For companies like us with a big number of web sites behind the WAF, it will become really handy to have an update option so we update the certificate entry that is there in Certificate…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. UTM: SMTP Exception on FROM level (AMAZON AWS issue)

    SOPHOS UTM Mail Protection gives the option for crating exceptions on Email Address / Domain, IP or recipient.

    The Email Address which is used for white listening is the ENVELOPE header in the email.

    We have the problem, that we have an service, which use Amazon AWS for sending mails. This mails run into the quarantine.
    To whitelist, we need to whitelist die AMAZON AWS Envelope domain, which are for all AWS services the same.

    Please create an option to choose the header flag – ENVELOPE or FROM field.

    Thanks

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Keeping Sophos SG UTM Endpoint protection Reporting Post XG Migration

    Scenario - Active-Passive SG UTM Pair - providing FW and AV reporting.

    The Move to XG will remove the AV Endpoint reporting as AV Endpoint to Central is only half migrated.

    My suggestion is to have a Virtual UTM created behind the XG that has only the broker service and licence for AV Endpoint with the XG passing the AV Enpoint traffic to that VM.

    As both UTM AV Endpoint and Central both use MCS would it be possible for a tool to be created to redirect an UTM endpoint to central.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.