Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. End-User Web Message customization for Country Blocked

    Under Management>Customizations>Web Messages>End-User Messages, there is no option to customize the Sophos "Country Blocked" Web page.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
    • Generate .onc file in user portal for ChromeOS VPN

      ChromeOS VPN can import .onc files to configure connections that can include all connection parameters and certificates. It should be fairly easy to create the appropriate files in the user portal along with the other platform files.

      The ChromOS import is at chrome://net-internals/#chromeos

      14 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
      • Enterprise Console: Client prefer to have an option to deploy SAV to a preferred drive

        Client asks if there will be an option for SEC to setup the deployment of SAV to other Drive instead of automatically pushing it to C:/

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
        • Allow a guest wireless network behind a RED to utilize the split tunnel

          Would like the ability to configure a guest wireless SSID behind a RED to enable the traffic for the guest to go out the split to the internet and not utilize the UTM tunnel bandwidth, saving that for the internal network.

          7 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • User-defined field for DynDNS

            My idea: DynDns field for user-defined Update-URL to use all DynDNS providers and Features like MX-Record and A-record.

            So it is not necessary, to put all DynDNS providers in the choise field.

            46 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
            • Web Filter (Management Appliance) and HTTP User Agent strings

              It would be helpful to be able to search for, filter on, alert, and even block traffic based on HTTP User Agent
              Block User Agent for Java at proxy
              Query logs for visited hosts that used Java user agent•
              Aggregate by host, sort by frequency, analyze
              Generate exclusions
              Attacker can not modify the user agent before exploit attempt
              Esp helpful for Java.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • include mac/apple with UTM endpoint protection

                There are lots of places that have both windows and macs in their business. Both need to be protected with endpoint protection so they can be managed. Why have one and not the other?

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                • Add 'Allow' and 'Block' options in Sophos Cloud for the Spam category

                  Currently there is no way to allow or block the 'Spam' category in Sophos Cloud, sites under this category are always blocked. Can this be changed to add an 'allow' option under Web Control?

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • add the ability to receive an email notification whenever a user connects via SSL VPN for Remote Access.

                    add the ability to receive an email notification whenever a user connects via SSL VPN for Remote Access. It would be nice to also have the option for a disconnect notification.

                    19 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                    • Usability: Filtering Certificates before building the certificate lists

                      Hello,

                      on adding WAF at a client installation with heavy Remote Access usage two usability issues came up:

                      1) if i try to select the server certificate for the WAF site, the list builds for a very long time and then presents all certificates - in my case ~ 960 User certificates, the local certificates and the three Server certificates I imported... This is let's say, "suboptimal"... ;-)

                      2) The certificate list is sorted case sensitive, which is, again, "suboptimal" - it means that TEST..., Test..., and test... are at three different positions in the list. Combine that with the…

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                      • add transparent mode browser authentication over HTTP

                        This would allow the UTM admin to select the captive portal to be presented over http instead of https to prevent SSL errors on guest devices. I appreciate there's a security issue around this but it should be made clear while selecting this option that it's less secure

                        6 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                        • All Trap Adress should be readable through SNMP

                          All MIB OIDs for SNMP Traps should also be readable via a SNMP Request. So you can get the whole Status of your UTM via SNMP Poll

                          3 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
                          • How do I reset my password so I can get documents??!!!!

                            How do I reset my password or get my old password so I can download documents?????!!!!!!!!!

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • WAF Reverse Proxy with authentication: forward session cookie to backend http server

                              When using the WAF (Web Server Protection) with authentication, a session cookie named BACKENDHOSTNAME_COOKIE is exchanged between Browser and UTM on each http request. For our application which is launched via Webstart from the web application and communicates via http we need to forward that session cookie to the external client process.

                              Therefor the session cookie should be made optionally forwardably from the UTM to the backend http server.

                              4 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Sophos UTM: FIlter out internet analytics

                                Filter out the internet analytics and services so that web usage reporting in only showing the 'real' websites visited instead of muddying the waters with all the analytics and services information. If if this could be hidden on the export of the report to managers etc...

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                • iView reporting on Sophos UTM.

                                  It would be good to break down the web usage by time bands. This would allow us to see which users where doing what on the web at specific times.
                                  Thanks

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                  • WAN links multipath on RED

                                    Recently I come across a situation where on WAN 1, it is connected to a ADSL connection with a very slow upload speed, on WAN2, it's connected to a 4G network. It would be great if there is a feature like multipath so that all the upload traffics go through WAN 2 on a faster upload speed.

                                    4 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • forward messages

                                      in SEA, (Sophos Email Appliance) customer requires a feature so they can forward messages to Sophos Lab or other actions from Mail Queue, currently its only available for Quarantine queue.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Refresh button for DYNDNS to force update

                                        There needs to be a way to force an update and refresh of the IP to the DNS vendor. There currently is no way to do this. Turning it off and back on does not do this. If for any reason the IP gets set from another location it will not update with the correct IP because the service does not see that the IP on the firewall has changed.

                                        14 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Voucher control

                                          Create a better control for vouchers. On our company we give a voucher for the employee so can use for a few months, but if he left the company i cannot know his voucher or I have to keep very complicated spreadsheets. It would be nice if on the portal while the user inserts its voucher it need to provide his email or his name. or if UTM keep a list of Device-Name and voucher used. So we can cancel a voucher when needed.

                                          2 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base