Allow IPv6 (and IPv4) for WAF42 votes
Allow the use of wildcard domain names for Webservers. Also allow them to be sorted in priority so that a more specfic FQDN takes precidence over a wildcard domain.29 votes
Provide the facility to publish sub-directories in path selection as well as static 'web server'. This is useful for many different reasons and has traditionally been known as proxy pathing. This allows a user to enter an FQDN and to have that transparently connect to a sub-directory of the web server. Also, it allows virtual directories of a single FQDN to transparently map to different sub-directories of the same server, or even a different web server entirely.8 votes
Same idea as http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/6101344-url-redirection for the UTM. We need the ability to redirect URL requests.
For example:62 votes
our customers are asking for the http/2 Support for there webservers, please add the http/2 Support to the WAF - Webserverprotection41 votes
Please provide the option in the Reverse proxy to enable encodedslashes for a specific virtual webserver.
Because some web applications use for example %2F for a slash and the reverse proxy cannot translate this back to / because of allowencodedslashes is not enabled by default. So this results in a 404 error.
This is essential for Web Applications like SAP Fiori! I think we not the only company who have this issue.20 votes
Many small installation could benefit from ability to publish User Portal using Business Rule instead of enabling it directly in Device Access section. The difference is that a single IP can be used to host both User Portal and custom Web applications such as Web mail, Web storage, Web cameras, etc.
Now, the only solution is to change User Portal listening port to something non-standard but this limits the ability to use it from some network environments where only standard WWW ports (80,443) are allowed.135 votes
Other UTM/WAF vendors integrate virtual patching features on their product. A really brute force protection in missing on WAF too.
Please add it.36 votes
It would be very nice if Let's Encrypt certificates (letsencrypt.org) can be generated directly from the XG Gui. So that the "Let's Encrypt Client" is integrated in the XG. Would it be possible?
Best Regards791 votes
We’re considering this
At the moment there are different type of authentication missing even on UTM9 against ISA server 2006, such as:
- Two-factor authentication using forms-based authentication and a client certificate.
- Delegation of credentials by using NTLM or Kerberos authentication.
- Kerberos constrained delegation.
- Secure Sockets Layer (SSL) client certificate constraints
In this way, XG and UTM9 are the very alternative to ISA Server.142 votes
- Don't see your idea?