Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

Jim Harrison

My feedback

  1. 8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison commented  · 

    SFVH (SFOS 17.5.8 MR-8) ; Home license

    For whatever reason, XG disallows logging for wireless functionality.

    I can select the box under Configuration -> System Services -> Logging > Wireless, hit "Apply" and the selection is cleared.
    I can confirm afterwards that system logs contain no WiFi activity entries.

    Jim Harrison supported this idea  · 
  2. 651 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    38 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison supported this idea  · 
  3. 25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison shared this idea  · 
  4. 133 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison commented  · 

    ISA Server (and TMG, if you're actually using current [dead] technology) was never able to perform client certificate delegation, and NTLM doesn't allow delegation.
    KCD is a Windows, not an ISA feature. It requires that your UTM/XG device actually join an AD domain.

  5. 131 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  32 comments  ·  SG UTM » Networking  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison commented  · 

    This would be especially useful in blocking geo-distributed nastiness like cryptominers.
    For example, coinhive uses a name structure like "ws###.coinhive.com", but because the protocol isn't http-based, the web filter is blind to it.
    Being able to apply something as simple as a text filter to such obvious constructs would be very useful.

    Jim Harrison supported this idea  · 
  6. 21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison commented  · 

    Spoofing is required.
    Certificate authentication (whether client or server) occurs in the SSL/TLS protocol, not the the HTTP protocol, so it cannot be done in an HTTP header.

    Jim Harrison commented  · 

    The only way for the UTM to accomplish this would be for it to build a spoof client cert based on the original client cert particulars and signing it with the a CA certificate that that the published server trusts.

  7. 77 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  5 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison commented  · 

    Steven,

    - Mac Mail doesn't use ActiveSync - it uses a variant of RPC/HTTP (Outlook Anywhere).
    - "reported cases of accounts being compromised" - is unlikely to be related to WAF behavior or cookie signing. Maybe a check on your password policies (behavioral as well as technical) is in order?
    - "emails being sent from a device are coming up different addresses" - is also unrelated to WAF behavior.

    Jim Harrison commented  · 

    Curious what you see as not working?
    I'm using E2010SP3+ with WinPhone 7.5 and 8 through UTM 9.105 with no problems?

  8. 4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison commented  · 

    Sorry, but you've been misinformed. Beyond validating RPC/HTTP methods (RPC_IN_DATA, RPC_OUT_DATA), neither ISA nor TMG perform "security filtering" for RPC/HTTP traffic and never have.

    Jim Harrison commented  · 

    To do this properly would require that the WAF also terminate and proxy the RPC sessions.
    IOW - a rathole from which there is no escape

  9. 26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison supported this idea  · 
  10. 178 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Planned  ·  Angelo Comazzetto responded

    We are hard at work on this feature and will deliver the first implementation of front end authentication as part of our Web Server protection (reverse proxy) in UTM 9.2. The public beta will begin in October. Stay Tuned!

    Jim Harrison supported this idea  · 
  11. 49 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison supported this idea  · 
  12. 6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  SG UTM » Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Jim Harrison supported this idea  · 

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.