Enable extended logging of RED device-connections on the UTM. This should include the following infos:
- RED downloaded config from provisioning server
- RED has initialized firmware update
- DHCP-config the RED received (if configured as DHCP)
This would greatly enhance the ability of the admin to debug RED-issues before opening a support call with the Partner and/or Sophos and may speed up recovery times.
Therefore it would be beneficial to all parties :-)4 votes
Add a possibility to change the certificate expiration date in e-mail encryption4 votes
Current kernel doesn't support IO-SRV with bnx2x driver. Bnx2x driver should be recompiled with CONFIG_BNX2X_SRIOV to allow better performance in virtualized environment.3 votes
Update-URL for OVH is on the bottom of this page: http://hilfe.ovh.de/DomainDynHost
I'd like to see this implemented.6 votes
Allow a growing organization to repurpose a SG105 or 115 as a RED device as their needs grow. This would avoid trashing the device when you outgrow it.1 vote
not groups (as a country) or range. But a single address that is attacking the UTM.
(already present?) in one clear list. blocked GEO's or ranges. Temperal bans from the firewall by detected attacks. and the manual blocked ip.s
When blocking the ip (or small range) chance to select: 30 min, 1 hour, 1 dag, 1 month, for ever.1 vote
Allow enabling notifications for HotSpot login/failures. While not ideal for all environments some admins need to know this information and giving the option would be valuable.3 votes
Search Configuration for IP to list every usage:
Route to this IP
Maybe you could add this search to the dialog "new Object Definition" after some time i found multiple definitions für the same Subnet / Host because someone didn't gues the correct Name1 vote
A lot of users are using the UltraSurf Proxy to bypass the the Network proxy and access the blocked sites like youtube and facebook and ***** websites.1 vote
Right after I downloaded my free Sophos, the computer runs very slow. Will this continue or will it get better with time?1 vote
It would be Nice to have some kind of Hotspot not only in front of Interfaces but on Connections.
bevore granting access through a site-to-site vpn the http or telnet / ssh request on a target-device is intercepted and replaced with a Form to enter Credentials, after successful authentication it will allow the connection from the specific source ip.
I have seen this Feature in a Cisco Pix and the Customer needs this feature to replace his old Firewall.3 votes
setup UTM as a NAC-Appliance where Switches can connect (via Radius?) to authenticate the connected devices and push them into specific vlans3 votes
I have over 3500 IP addresses I need to add into my network definitions. I need to add them all to firewall definitions. It would save me so much work if I could just import these IP addresses as a CSV into a bunch of network definitions.
It would be even more advantageous if I could import the IP addresses to network definitions and have them all automatically go into a network group.52 votes
Can't believe that an 'Enterprise' grade product doesn't have the ability to push install the Endpoint client via MSI.
Definitely a big issue.
Please can we have this?16 votes
Actually there is no way to use VLAN Tagging and Sophos Accesspoints on RED Sites if Standard/Split Mode is selected.
Why: If there is small internet connection on the UTM Site, it is useful to route the Internet traffic directly to local Internet router on the RED Site like Split Mode.1 vote
I saw an older post about having to option to enable UPnP on the firewall. I understand that it is inherently less secure so should be disabled by default. Would be nice to enable it by even a per IP or MAC basis. With all the other features of the firewall that can detect botnet traffic it shouldn't be that big of a downgrade in security. I've tried Sophos UTM Home for personal use and punching holes in the firewall for every single device was hard enough let alone how it would be for a larger network makes it hard for me to recommend for our company. I've scoured the forums and websites for days trying to get different ports open but always seemed to have to set it to allow all traffic to get anything to work even with the correct ports punched through. pfSense has this option and would be nice to at least have the option in Sophos to turn this ability on.
I saw an older post about having to option to enable UPnP on the firewall. I understand that it is inherently less secure so should be disabled by default. Would be nice to enable it by even a per IP or MAC basis. With all the other features of the firewall that can detect botnet traffic it shouldn't be that big of a downgrade in security. I've tried Sophos UTM Home for personal use and punching holes in the firewall for every single device was hard enough let alone how it would be for a larger network makes it hard…3 votes
Email Encryption: Add internal encryption / Add feature to send the password via SMS3 votes
When use a smarthost for outgoing email it is not possible to choose a DNS Group6 votes
Include RDG over HTTP in the webserver protection firewall in a similar way to allowing Outlook Anywhere. to allow the use of Remote Desktop Gateway services, including the remote apps feature within /rdweb. Currently the HTTP based traffic is passed fine however when attempting to negotiate the use of a remote app the WAF resets the connection due to RDG_OUT_DATA not being a valid header. Would if be possible to pass this traffic uninspected as you do with RPC.
- Don't see your idea?