Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. add ZTE MF 823 to 3G supported device list

    Our ISP only supports ZTE MF 823 USB 3G modems and it is not on the supported device list. Telsra is the largest ISP in Australia nad we have many clients requirin 3G failover that are Telstra customers

    18 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • authentification certificat web protection

      HI,
      To protect web offer multiple authentication mode as the Web SSO agent .. But you do not offer certificates based on the authentication which is very unfortunate.
      Do you plan to implement it in your product?

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • It would be useful, for the Sophos Web Proxy Appliance Console, to have the ability to create an account with only read-only access.

        It would be useful, for the Sophos Web Proxy Appliance Console, to have the ability to create an account with only read-only access or guest access. Currently all accounts even the limited ones have the capability to schedule reports or approve submissions, I basically want to create a user with view or read only capabilities

        3 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Routing: SLA (Performance) routing

          Some customers ask to have possibility monitor in Uplink monitor not only availability, but also SLA metrics: Jitter, packet loss, delay.
          Based on some threshold choose the best Uplink.
          It's good to have not only UTM, but also for RED.

          1 vote
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
          • Integrate Support Ticket Number in Sophos Support Acces

            It is now possible to give Sophos Support access to the UTM for a specified Time. Why not be able to enter the Ticket ID to allow the access as long the ticket is status: open and avaible for all Supporters working on that ticket

            3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
            • Support UTF-8 characters in HTML5 VPN clipboard

              Support UTF-8 characters in HTML5 VPN clipboard

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
              • Ability to change IP addresses of Heartbeat network interfaces

                Now the IP addresses for the heartbeat network are predefined and there is no officially supported way to change them, meaning that you need a dedicated, separate network for this purpose. In a virtualised infrastructure it is really not efficient as you have a bit limited number of vlans. with the ability to change these ip addresses, these HA pairs could share 1 vlan for this purpose.

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
                • Control the AutoUpdate Frequency

                  Currently the autoupdate frequency is defaulted to 60 mins and we are not able to change that with the Cloud Version. It would be nice to be able to change the frequency as it is taxing on some Servers that are running Sophos.

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                  • Web Protection Malware Problems

                    Malwares needs to be controlled more often. The below malwares catch by Malware Bytes but Sophos done nothing. Please include this at the earliest.

                    Malwarebytes Anti-Malware
                    www.malwarebytes.org

                    Scan Date: 17/11/2015
                    Scan Time: 13:37
                    Logfile: malwarebyteScanresults.txt
                    Administrator: Yes

                    Version: 2.2.0.1024
                    Malware Database: v2015.11.17.01
                    Rootkit Database: v2015.11.14.01
                    License: Free
                    Malware Protection: Disabled
                    Malicious Website Protection: Disabled
                    Self-protection: Disabled

                    OS: Windows 10
                    CPU: x64
                    File System: NTFS
                    User: ITManager

                    Scan Type: Threat Scan
                    Result: Completed
                    Objects Scanned: 566813
                    Time Elapsed: 25 min, 32 sec

                    Memory: Enabled
                    Startup: Enabled
                    Filesystem: Enabled
                    Archives: Enabled
                    Rootkits: Disabled
                    Heuristics: Enabled
                    PUP: Enabled
                    PUM: Enabled

                    Processes: 1
                    PUP.Optional.Privoxy,…

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • Enable OTP for WAF on a per-Authentication Profile basis

                      At the Moment we can use the new OTP Feature just for all virtuell webserver. Therefore, it is not possible to use this great new function in most implementations.

                      An example, many customers want to publish Exchange Services like OWA, ActiveSync and Outlook Anywhere. OWA with OTP and ActiveSync without OTP. But that is not possible.

                      I suggest, you implement a new authentication Profile for OTP that we can use in the site path Routing.

                      14 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Rules for the download digitally signed and non-signed executables

                        In the Sophos web appliances, you can currently define whether to allow the download of executables. It would be handy if a separate rule could be created for executables with a valid digital signature. This could also be extended for other things such as MSI's, scripts etc.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                        • Two factor auth with L2TP and Radius - Does not show in ‘online users’ on the dashboard.

                          Two factor auth with L2TP and Radius. Does not show in ‘online users’ on the dashboard.

                          The only place they can been seen is Configuration > Logging & Reporting > Remote Access

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
                          • web profile based gateway routing: WAS - Chaining Web Parent proxies to a non web proxy server

                            We should be able to setup a parent proxy details where a parent proxy hostname is actually not a web proxy but a gateway. Ie. I want to send all of web traffic through to a parent proxy located in my head office (out of their WAN link) and only send traffic to predefined set of domains via local gateway.

                            39 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • PPPoE connection initiation should not be restrained by incoming PADI frames

                              During the phase of PPPoE connection establishment, if the UTM receive PADI frames on the PPPoE interface, it would stop sending out it own PADI frame until there is 5-second PADI-free time window.
                              Some ISP provide customers with layer 2 PPPoE modem, and those customer cannot use Sophos UTM to dial up.

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                              • 4 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                                • Improvement demand of the category modified request in the WEB filtering

                                  There is our customer submitting several categories modified request every month.
                                  All the modified requests of the future category will submit it to Sophos company
                                  by this specifications change.
                                  I did not know the timing of the correction that transparency of the category
                                  examination grieved at.
                                  Like at least McAfee, please inform the result after the request by an email.
                                  If you carry it out, the customer can grasp a timing of the maintenance of the
                                  local site list of UTM.

                                  4 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • SMTP: Exceptions for Advanced Settings

                                    It would be nice if we could set exceptions for advanced settings like "Max rcpt/mail". It should be relatively easy to implement with an Exim ACL.

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Allow users to set Wifi Channel width via GUI

                                      Currently if you want to use higher bandwidth modes with Sophos APs you need to set the channel width from the CLI.
                                      I propose that those options be added to the GUI to simplify the process for those that wish to make that change.

                                      3 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Please do not require PAP for Radius authentication for SSL VPN or Portal

                                        Just finished support case with Sophos support, and while not documented this way, PAP (unencrypted authentication) is required to support Radius authentication for both Portal and SSL VPN. Please remove this requirement.

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                        • About the downloading of the firmware package

                                          It is said that there is SophosUTM with a little free space of root partition.
                                          However, the firmware package is downloaded unconditionally.
                                          Capacity lack is in this way accelerated more.
                                          This thinks that there is a problem with a design.
                                          For example, I want to evade it by putting a symbolic link on /var/log or /var/storage.

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base