EMail-Sender-Address has normally this form : "Given Name" <senderemail@domain.com>
1. a part - shown-name, human readable name of sender
2. a part - sender-email-address

SPAM/Malware comes often with an additional email-address in first part.
like this : "Given Name <FakeEMailaddr@fakedomain.com>" <senderemail@domain.com>

You see in outlook Mail only the first part "Given Name <FakeEMailaddr@fakedomain.com>".
The real sender-EMail-addresse will be hidden.
You can only see the real Address you move the mouse pointer over shown first part.

The User don't check this and belive it comes from "Given Name" with the email-address FakeEMailaddr@fakedomain.com.

Can Sophos check if an From String has in first part an email-address and check this against the real sender-email-address.

Hi @ all

I notice that the Report in PDF-Format are not quiet the same as the HTML Format.
I opened a case, it is this one:

This is regarding your service request number 9320931.

Thank you for your patience.

I have discussed this internally and it seems this is an architecture/limitation from the firewall. If you believe that this feature should be available on the UTM for the better improvement then we would request you to raise a feature request on the link https://ideas.sophos.com/ and this feature would be introduced in our next updates.

Please contact us for any further assistance.

Regards,

Romik Gupta
Sophos Technical Support

So i opened an Idea.
I think if someone makes only PDF Reports they did any Information for the Viruses.

Bye
Timm

When the UTM is sync with Active Directory, it would be nice for the UTM not to keep old Active Directory accounts within the UTM device, and for the ability for the UTM to keep upto date users from AD when the UTM does a sync,

as we are a school and we use the utm for the filtering / authentication - having to go through over 1000, accounts and remove them from the utm device is somewhat time consuming, if this could be added as a feature it would be really great and i'm sure other people would agree.

thank you

"security made simple" is a vital aspect of network security and in keeping with that model I suggest the following checks while creating host definitions:

1. When creating a host with an assigned IP, the system should check if that IP is already assigned or not. In a large scale network even though you can search and sort host definitions, it is prone to human error and therefore proper rudemantory checks by the system during creation should be performed.

1.1 one should not be able to create a host with an IP within a dynamic range

1.2 one should not be able to create a host with an IP matching an existing static mapping

We recently migrated our AWS VPN's from their 'Classic' to their 'New' style. We had major issues with this (and not a lot of documentation from either Sophos or AWS on what the issue could be).
AFter having 4 Sophos engineers look into the problem, it turns out that the new AWS VPN uses NAT-T which was being caught by the UDP flood protection, as it's between two 169.x.x.x IP's at either end of the tunnel.

Since importing an AWS VPN config is supposed to be largely 'hands off', creating all the BGP and VPN settings in the background, it would also be good if it could automatically create a NAT-T exception in UDP flood protection.

I believe this will help avoid a future headache for someone else who's following the Sophos documentation to 'just load the config file and import it, job done'.