Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

Sascha

My feedback

  1. 822 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    54 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 

    Hello All. Yes, that's little bit annoying for all customers, which had all their internal NTP clients configured to query SG/UTM as NTP Server. But this is finally a small issue, as you can very simple workaround this by "Emulating" the NTP proxy. I use since XG v15 DNAT rules, which forwards NTP traffic to a specific internal interface to a external NTP server of my choice. Works like a charm. So @Alan: Yes, NTP proxy would be a nice, small enhancement to XG. @All Others: Use the described workaround above to make your NTP requests to yout XG interfaces work ;o)

    Sascha supported this idea  · 
  2. 554 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    59 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  3. 586 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    26 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  4. 59 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Sophos Mobile » Sophos Mobile  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  5. 6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  6. 2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  7. 38 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  8. 8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 

    Seems to make sense to at least allow the use this option OPTIONALLY via Webadmin.

    Nice article to that matter from D.J.Bernstein recommends the use of this feature:

    http://cr.yp.to/smtp/8bitmime.html

  9. 5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Central  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  10. 34 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  SG UTM » Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 

    Hello Marcos

    Shouldn't be that much impact. If it's solved like the country blocking feature, this are ipset's in iptables, whic runs quit performant (to completely block such bad bahaving clients), or why not implementing a RBL style solution for each facility supporting logins as SMTP Proxy, Webadmin, User Portal, SSH etc. and simply doing a short RBL lookup during connection attempt as in the spamfilter too ;o) As you usually don't have hundreds of logings to a facility per minute, this could be a nice way too.

    However, performance is in this way my smallest concern. It's a nice way to also collect IP's of potential bots/zombies (btw: the above mentioned brute force attack to my smtp proxy is still ongoing - lowered allowed login attempts until block from 5 to 3 in the meanwhile;o)

    An error occurred while saving the comment
    Sascha commented  · 

    Arr - just found little later a already existing, older feature request from a "john" which already collected a nice number of votes over the years. While both requests have lot of similarities in the general idea, my approach goes more in the direction, that Sophos generates a own blacklist based on data of failed UTM logins (and maybe in the future additional sources), the older request from john relates on external 3rd party blacklists ( http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/1982075-network-security-block-malicious-botnet-bad-ip-s- )

    I see both methods as a good way to strengten the UTM security level, but I like my Sophos maintained blacklist approach, because it will base on data of ongoing real world attacks to UTM customers instead third party maintained blacklists.

    Sascha shared this idea  · 
  11. 29 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  SG UTM » Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  12. 393 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    49 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
  13. 102 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  SG UTM » VPN  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha shared this idea  · 
  14. 188 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    30 comments  ·  SG UTM » Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha supported this idea  · 
    An error occurred while saving the comment
    Sascha commented  · 

    This also would ease up to be law compliant, as user tracking due mobile phone number, which is unique

    Sascha shared this idea  · 
  15. 6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 

    The option for a pgp public encryption key lookup on pgp keyservers would be a small and nice feature to automate (and therefor support introduction / usage) mail encryption. Unfortunately mail encryption hasn't undergone relevant updates since 7.300, and automation / administrative helping features are little bit lacking there...

  16. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  SG UTM » Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 

    It wasn't mentioned to explicitly integrate those windows binaries into ASG, but the functionality itself would be nice.

    Sascha shared this idea  · 
  17. 28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  SG UTM » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 

    @Bob
    Yes, the idea looks similar.

    @Angelo
    The "self defending" terminology was not intended to be compared to Cisco. I know they use this SDN terminology since years, but the affinity is by accident. It sounds better than "log based firewallactions" or something like that ;o)

    However the idea is still a good thing - it would allow to create further automatic actions to events, which are NOT automatically mitigated by ASG as IPS alerts (instead drops), or login attempts on systems with limited blocking features as RDP sessions.

    An error occurred while saving the comment
  18. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  SG UTM » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Sascha commented  · 
    Sascha shared this idea  · 
  19. 2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SG UTM » Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SG UTM » Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
    Sascha shared this idea  · 

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.