Application Intelligence Gathering Utility
I had this awesome idea that I think would significantly help not only the local Sys Admin, but also Sophos.
It's similar to how Synchronized Security and other Sophos "App Intelligence" things work.
A utility application that allows you to monitor/record application traffic data running on your PC.
The idea is to have only a specific program running (such as a game) and you have the tool monitor all the network traffic sent/received by that application. You use this collected data to further collect and send to Sophos Labs and your XG appliance, to better and more accurately determine what traffic belongs to which software/application.
I believe this would significantly help with creating Application Control policies and categories more accurately.
A utility application that you can link to your firewall (for free, it offers no security).
The application has lists and toggle buttons to "start monitoring" an application, recording all of the network data and such that it sends and communicates.
So in a way, it's like a combination of Fiddler and WireShark.
I think it should support requests called in their raw format (and "connect" requests). To even support the detection of applications (which use SSL pinning) where a root cert is simply not possible.