SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add License info to Daily Report

    Add the license info (type of licenses) and or the amount of time left for the licenses on the daily report

    11 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
      Planned  ·  Angelo ComazzettoAngelo Comazzetto responded

      This feature was re-prioritized and will now be targeted for UTM 9.2 later in 2013.

    • AstaroOS: More Supported UPS Devices

      Add support for more UPS. We currently use a HP UPS which is not recognized by the ASG.

      31 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        8 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
      • WebAdmin: Configuration Changes Commit/Rollback Support

        Hi,

        If should be great to save an history of the configuration each time an administrator save something and maybe create a restore point to rollback to the initial configuration if something does not work after some modifications.

        Thanks,

        15 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          3 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
        • Authentication: Support for FTP Proxy and AD/eDir

          A big ISP in France asks to have a chance to authenticate users against the FTP proxy (exactly as we do for http proxy) against an external database such as AD.

          customer said in this case that no matter if the proxy send to the credential in clear text between user's client and AxG.

          11 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            5 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Networking: Time-Based NAT Rules

            Because of automatic packet filter option in Dnat/snat it should also be possible to add Time events there.

            4 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
            • Notifications: Time-Based notification windows

              Often there are events that are generated in large numbers during business hours but should never occur after hours. It would be great to b able to set it to only notify if an event happens after hours or on a weekend. Having these rules send notifications all the time generates massive amounts of notifications for genuine logins but I still want to know if there is unauthorized logins during times where they should not usually occur.

              3 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
              • Networking: NAT Rule Tester

                Hi, we have ASG boxes with a lot of NAT's on. Sometimes a new rule will be created that is a duplicate of something that is already there.

                It would be really useful to have a tool where you could enter a source and destination ip and a port, which would show you if you have any NAT rules which match this.

                7 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                • Notifications: Warn employees of pending Up2Date install

                  I was wondering if it would be possible to have the product send out a notification to a group of users when you schedule a update? So like for example tonight I scheduled the update to 8.304 for 21:00 so say during the scheduling process you can pick users or a group of users to send the notification to just inform them that the firewall will be updating during this time and Internet could be unavailable for approx 10 mins during this time please plan accordingly?

                  4 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                  • WebAdmin: Display server/client name on Licensing page

                    When looking at the active IP that are taking licenses, it should also display the server/client name, not just the ip address, making it easier to track down what might be using up unwanted/unneeded spots.

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                    • Web Protection: "Web manager" for filtered HTTP proxy items

                      Another idea from a customer:
                      Similar to the Mail Manager, there should be a "Web Manager" which is allowed to release items that were blocked by the HTTP proxy.

                      Example:
                      Someone downloads an passwort-protected zip file via proxy. After the download, it cannot be scanned because the file is protected, and is blocked. But the user needs that file. Now the admin would look at the blocked items and release it.

                      3 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Networking: Server Load Balancing with only 1 Server

                        We should be able to create a server load balancing rule with only one server in it. Right now, you have to create/edit a rule with at least two. Not allowing this prevents you from temporarily removing a server from a pool for maintenance.

                        4 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          3 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                        • Reporting: Monitor SMTP queue levels via SNMP

                          We need a mib to track how many emails are in SMTP queues, so that we are monitor from an external software how many emails are in queue and detect when a situation has occurred that requires our attention (ie. Mail Server internally offline)

                          84 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            7 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
                          • WAN Multipath: Use additional addresses for NAT

                            when more then one address is configured on a physical interface it should be possible to use multipathing with these additional addresses.
                            so that its possible to make nat rules like:
                            uplink_itf(second-adress wan1/second-adress wan2)

                            7 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                            • Networking: Display active DNS clients

                              When viewing DNS settings, you can see the static enteries you have configured, but you should also be able to view active clients... like you can with active leases in DHCP.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                              • Firmware Update via USB Stick

                                Copy the up2date-release on a usb-stick, plugin into the usb-port of the asg-device and then press at webmin-gui the (new) button "import update from usb-device".
                                This will give you the option to make a update on an asg without download / upload the firmware-release. In some reasons you don't want to make an automatic systemupdate.

                                10 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  2 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
                                • WebAdmin: Comment boxes for all areas

                                  I would like to have a comment box, how we (windows-) admins know from Active Directory-MMCs.
                                  This comment boxes should be at the bottom of all WebAdmin-config-sites.
                                  And in this comment boxes, we could write any infos (for other admins), comments, ideas, todo's, ...

                                  3 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    1 comment  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Allow Multi-Category White / Black Lists

                                    We need a way to specify more complex content filter rules since the addition of multiple categories.

                                    Allow the content filter to have blacklisted and whitelisted categories at the same time, and allow them to decide which one "wins".

                                    For instance, if a user wants to blacklist Games, but allow Educational, they could. They could also allow Shopping, but block Intimate Apparel. Currently if you select only 1 category, the site will be blocked even if you have whitelisted others it matches.

                                    4 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • active directory re-authentication

                                      web security should reauthenticate against active directory every 10-30min so that when (guest) account is locked they are unable to get through web security

                                      3 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Web Security: ICAP Support

                                        Many DLP Systems, etc. work to filter web traffc by utilizing a 3rd party HTTP Proxy (Squid, etc.)... Most work with ICAP compatible Proxies... adding this ability would preclude my customers from having to add yet another proxy to their network infrastructure.

                                        34 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          13 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • WebAdmin: Select interface for SNMPd

                                          It would nice to be able to bind the snmp daemon to defined addresses.

                                          For example a problem:
                                          Monitoring through VPN (ipsec0) is not working cause the snmp-read requests to a local interface of the astaro are answered by the ip of the ipsec0 interface (outgoing). Therefore the replies can not be assigend to the former read.

                                          4 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            3 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.