Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can vote and comment on it.

If it doesn't exist, you can post your idea so others can vote on it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  1. NAT and PAT features for RED devices on external interface, if RED device using static IP address

    NAT and PAT for RED device on external interface, if RED device using static IP address

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
    • DHCP client

      It would be great if DHCP Client for WAN interface could be configured with Advanced paremeter such as "vendor-class-identifier" for example.

      4 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
      • UTM endpoint Agent package

        in v9.3, the full installer is no longer available, only the slim installer is there. customers asked to put that option back just like the previous firmware version.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Possibility to change Sophos Content Control Lists Rules quantity

          Some rules in Sophos Content Control Lists Rules are alerted only when quantity reached for example 10 of items. It's too much, sometimes you need only 1. So it would be nice that you can change quantity.

          3 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Web Protection: Configurable ports full transparent web filtering - HTTP and HTTPS

            Would be useful for example to use this feature for web filtering in front of an existing web proxy that has already been configured for other port than 80 (e.g. 8080) without changing for all the clients/applications the proxy settings (e.g. from 8080 to 80).

            5 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • Make the notification editable and fix the typo in the "Notification of potentional leak of data"

              I just setup a new UTM and enabled SPX encryption. The sender receives a notification with a subject of "Notification of potentional leak of data". First off, the word in the subject is misspelled. Users are slamming my department for this "mistake". Secondly, the title of the notification sounds so ominous and negative to the end user. Everyone is worried they are doing something wrong when the action is completely legitimate. I would love to have the ability to customize this notification or just simply turn it off. With the notification turned off the sender still receives the email that…

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
              • WebProtection time that user was surfing on sites

                Currently, Sophos show the total time that a user spent on sites, but will be interesting that shows the hour when user was on sites.

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                • Add SAML support as an Authenticaiton Source for the UTM manager interface

                  Make it so that you can authentication admins for the UTM system using SAML to something like ADFS.

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                  • Remote uninstall / shutdown

                    Sophos should include a feature to allow an administrator to remotely shutdown or uninstall the client from the enterprise console. Most other enterprise AVs have such a feature. It isn't always easy to walk to every machine or obtrusively RDP into a workstation. The process should mirror installing through the enterprise console, silently and remotely.

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                    • new feature

                      Add feature to show more than a 1000 results for mail logs in the Sophos PureMessage appliance and add a feature to download the results as a file.

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                      • Active Directory backed groups to be usable in the Firewall configuration

                        We require the Active Directory backed groups to be usable in the Firewall configuration. In our environment we have a secure data centre housing our customers servers. Our support manager or IT team assign rights to individual members of staff on a ticket by ticket basis for access to various parts of the hosted environments. For example one support ticket may require Remote Desktop access, whereas another may
                        require SQL server access.

                        We have configured the relevant rules in the UTM to allow people in a specific AD group to connect to the Remote Desktop ports over the VPN. The…

                        2 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                        • Enhance Web Antivirus Configuration

                          Currently we only have the option of selecting one, two or both antivirus engines (Sophos/Avira/Both). There does not appear to be anywhere to edit the settings of these scanning engines. I know from using both Sophos and Avira on desktops that they have numerous settings. Avira in particular allows the user to change heuristic sensitivity (high/medium/low) and also enable macro heuristics. With Avira you can also select what you want to include in detection (eg dialers/jokes/phishing, as well as traditional malware). Sophos Anti-Virus has the option of enabling detection of 'suspicious files' also, which I should imagine is Sophos' heuristic…

                          9 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                          • Display Web Protection Usage Reports by Hour or Minute

                            Currently web usage reports in Web Protection are only searchable on a daily basis, the only way to get reports for specific hour of traffic or 10 minute periods is by utilising "Search Log File" function which is not displayed in a management friendly report even when utilising "Display in Report Format". Having the web usage reports selectable by time not just date would allow for much more management friendly reporting.

                            8 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • add the ability to receive an email notification whenever a user connects via SSL VPN for Remote Access.

                              add the ability to receive an email notification whenever a user connects via SSL VPN for Remote Access. It would be nice to also have the option for a disconnect notification.

                              4 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                              • Mobile Control

                                Fully integrate Sophos Mobile Control into the UTM WebAdmin console.

                                13 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                                • Endpoint Protection via MSI

                                  Can't believe that an 'Enterprise' grade product doesn't have the ability to push install the Endpoint client via MSI.

                                  Definitely a big issue.

                                  Please can we have this?

                                  10 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Devices based firewall rules

                                    In Present Era of BYOD,would be great to have device based firewall rules & UTM controls..eg: Android devices in network could be blocked,Windows devices to be allowed etc

                                    4 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Command & Control summary

                                      Need log of bottom percentage of traffic to evaluate its potential as C&C residing on the network.

                                      4 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                                      • SPX Encryption > Receiver Password Portal Setup & Reset

                                        A way to remove the need for Password Notifications send to User, Administator or Other. An external facing portal page that allows a notice to be sent to the receiver for them to register w/ e-mail verification to setup to access their password for the SPX attachment. Basically allowing a local service similar to Cisco RES for messages sent from your Sophos UTM. Obviously, this could be limited in that if a per-email password is used by the sender it would not be able to work. Also a password reset would only work for future e-mails as the PDF is…

                                        59 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          5 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • New DynDNS provider: OVH

                                          Update-URL for OVH is on the bottom of this page: http://hilfe.ovh.de/DomainDynHost

                                          I'd like to see this implemented.

                                          3 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base