Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

Euphrates

My feedback

  1. 14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  SG UTM » VPN  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Euphrates commented  · 

    This is something I've thought would be a good idea. Similar to Microsoft RDP 8.0 in how it can use both TCP and UDP (though, it uses both TCP and UDP). That said, with the underlying structure being OpenVPN, it may be best to see if this is something that can be put into the OpenVPN and then imported into Sophos.

    Euphrates supported this idea  · 
  2. 429 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    58 comments  ·  SG UTM  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Euphrates commented  · 

    Dealing with Azure issues as well and would love to have IKEv2 support on Sophos UTMs.

    Euphrates supported this idea  · 
  3. 23 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  SG UTM » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Euphrates commented  · 

    The firewall should be the first line of defense with regards to access into the network. This means that the firewall processes the traffic first before any other services.

    This is a non-issue on, say, a Cisco device as you have to allow the traffic first. This also would reduce load on the device because you don't have to worry about the unit having to process traffic that would typically be dropped by the firewall in the first place.

    Per my example, I'm firewalling of SMTP SSL, SMTP Submission and IDENT because those services are not being used. If those services are not being used then there is no point in the UTM wasting valuable resources to process those transactions when you can just block it at the firewall level (granted, if it is the first thing that is looking at the traffic) and be done with it.

    If someone is out there looking for open SMTP SSL ports and sees the device as open, even if they can't get access, Email Protection will still waste valuable resources processing that traffic when the firewall could have dropped it beforehand.

    Euphrates shared this idea  · 
  4. 43 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  7 comments  ·  SG UTM » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Euphrates commented  · 

    Added a vote for this one. With Watchguard firewalls, you have a default block list that you can add ip addresses to. When converting clients over to Sophos UTM, unless the list is small, you can't effectively import this list.

    This feature should allow you to import a block list of ip addresses, networks, and hosts via text like you can with groups of URLs or RegEx entries.

    Also, the firewall log currently logs drops with a heading of "Default DROP". If implemented, this feature could show the drops with a heading of "Custom Drop " or the like so it makes it easier to determine what module enforced the rule.

    Euphrates supported this idea  · 
  5. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  SG UTM  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Euphrates commented  · 

    I believe this is already possible using the search field in the Network Definitions section.

  6. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  SG UTM » Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Euphrates shared this idea  · 
  7. 389 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    33 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Euphrates supported this idea  · 
  8. 88 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Euphrates supported this idea  · 

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.