Hi @ all

I notice that the Report in PDF-Format are not quiet the same as the HTML Format.
I opened a case, it is this one:

This is regarding your service request number 9320931.

Thank you for your patience.

I have discussed this internally and it seems this is an architecture/limitation from the firewall. If you believe that this feature should be available on the UTM for the better improvement then we would request you to raise a feature request on the link https://ideas.sophos.com/ and this feature would be introduced in our next updates.

Please contact us for any further assistance.

Regards,

Romik Gupta
Sophos Technical Support

So i opened an Idea.
I think if someone makes only PDF Reports they did any Information for the Viruses.

Bye
Timm

When the UTM is sync with Active Directory, it would be nice for the UTM not to keep old Active Directory accounts within the UTM device, and for the ability for the UTM to keep upto date users from AD when the UTM does a sync,

as we are a school and we use the utm for the filtering / authentication - having to go through over 1000, accounts and remove them from the utm device is somewhat time consuming, if this could be added as a feature it would be really great and i'm sure other people would agree.

thank you

"security made simple" is a vital aspect of network security and in keeping with that model I suggest the following checks while creating host definitions:

1. When creating a host with an assigned IP, the system should check if that IP is already assigned or not. In a large scale network even though you can search and sort host definitions, it is prone to human error and therefore proper rudemantory checks by the system during creation should be performed.

1.1 one should not be able to create a host with an IP within a dynamic range

1.2 one should not be able to create a host with an IP matching an existing static mapping

When one clicks the [Make Static] button on the 'IPv4 Lease Table' tab, there should be a check that the IP to be used is outside the 'DHCP Range' listed. Prior to that button existing, we just used the regular Host definition process, but that's probably more difficult. Even then, a quick check to see if the assigned IP is in any DHCP range would seem to be easy. For example, I just got the following:

secure:/root # cc get_objects dhcp server|grep 'range

                    'range_end' => '172.16.31.110',

                    'range_start' => '172.16.31.101',

                    'range_end' => '192.168.66.254',

                    'range_start' => '192.168.66.100',

                    'range_end' => '10.100.100.63',

                    'range_start' => '10.100.100.40',

                    'range_end' => '172.16.2.199',

                    'range_start' => '172.16.2.100',

Cheers - Bob

We recently migrated our AWS VPN's from their 'Classic' to their 'New' style. We had major issues with this (and not a lot of documentation from either Sophos or AWS on what the issue could be).
AFter having 4 Sophos engineers look into the problem, it turns out that the new AWS VPN uses NAT-T which was being caught by the UDP flood protection, as it's between two 169.x.x.x IP's at either end of the tunnel.

Since importing an AWS VPN config is supposed to be largely 'hands off', creating all the BGP and VPN settings in the background, it would also be good if it could automatically create a NAT-T exception in UDP flood protection.

I believe this will help avoid a future headache for someone else who's following the Sophos documentation to 'just load the config file and import it, job done'.