Allow strict RDNS checks in the Anti-Spam module to be bypassed by an exception rule
See case previously logged with Sophos support [#4752249]1 vote
I've seen to much systems with excessive memory usage.
When there is a memory leak, or for example a massive usage of swap,
this often isn't noticed before a customer problem arises.
Create a baseline of memory usage by process.
When a user changes configuration options,
or after an upgrade the process goes behond a treshold,
it should automatically be noticed.
Of course, this could be used also for physical, swap cpu and disk1 vote
In the current version, Sophos UTM send notification about uplink up and dow by e-mail and snmp. On e-mail, come specified which link is down, but in snmp traps no. It will be really cool, if in snmp trap information contain the information about which link is down or up.4 votes
Some industrial and small form factor PCs are now being offered with an on-board UPS so that no extra hardware is needed. Building this into the smaller UTM appliances and the RED would help to make the devices even easier to deploy and manage.4 votes
It would be helpfull to have an Configuration Viewer to have a look inside old saved configuration or configuration from other users. The Viewers should have the same look like the original astaro Administration surface with all the menus.6 votes
Create a menu showing the kind and amount of traffic based on incoming/outgoing interface in a scenario with more uplink interfaces1 vote
- Change the Rewrite from domain.de/ to domain.de/index.php with site path routing activated.
- WAF rewrite rules for files like *.php or *.xml3 votes
The filtering and blocking of a specific word regardless of the site being allowed. if the specific page contains that word it needs to be blocked.
IE: VIAGRA22 votes
Set a default language/keyboard setting for user portal remote access via HTMLv5 - having to change from US to UK everytime
Can you set a default language/keyboard setting for user portal remote access via HTMLv5 - having to change from US to UK everytime is very annoying and confusing for users1 vote
Add the ability to add custom HTTP Headers while processing HTTP requests through the WAF
The idea will allow me to "copy" header data
e.g.: X-My-Custom-Header: $x-forwarded-proto
When running a server behind 2 layered AWS ELB the first x-forwarded-proto header is overwritten by the 2nd layer, that mean that the application server cant see the original user requested protocol
Lahav Savir @ Emind Cloud Expert13 votes
It would be very helpful if I could use a SUM Server as Remote Log File Archive. With this feature I could centralize all Logs of all my UMT's. A addon feature to search in e.g. Webfilter Logs of multiple UTM's at the same time would also be very nice!
And if I do complex searches or log files are very big, the load will move away from productive UTM's.
Thanks in advance,
Currently, in a web profile, you can add networks and hosts to the allowed networks but not IP address ranges. Our customers typically want to have easily-recognisable ranges that go outside the 24-bit mask (eg 172.16.200.1 - 172.16.209.254) so this has to be converted to networks and hosts, which is messy.4 votes
We want the ability to use an iPhone ( or Android ) as a modem via USB tethering in the event of an internet outage at the site.
Instructions from IT would then be as simple as asking the Branch manager to plug their iphone into the red and turn hot spotting on.3 votes
Today the restriction on avoiding users from deleting apps can't be controlled from Sophos MDM (today this requires Apple Configurator that can only run on Apple computers).
Without this restriction users can actually delete the Sophos Control app as well as any other app on the device.1 vote
Please Implementate MPTCP (MultiPath TCP) with working VPN over Multiple Lines and additional Backup lines69 votes
If Webfilter is configured in Standard Mode and HTTPS URL-Filtering is activated, and it is not an option to distribute the Proxy CA Certificate to the whole clients (because no domain membership), and the user requests for example a HTTPS Website with the result "host not found", the delivered HTTPS content to the client browser is destroyed (CSS and Images). We need a solution for our users.5 votes
Hi, great that you know implemented a 2FA with OTPs. With that it is now possible to secure applications dealing with the Firewall or, in combination with reverse Proxys, even to secure web-based third-party applications. But what about non-browser based 3rd Party Tools? Wouldn't it be great to provide the 2FA also as a radius Service for those other programs? For us it would be. We are running e.g. a Password Server app that has a webinterface AND other user guis like Mobile apps. With a reverse Proxy, we could try to secure this Service from outsides threads via 2FA with the UTM, but not for those who run the mobile app.
Thanks for considering this!
Best from Germany,
Hi, great that you know implemented a 2FA with OTPs. With that it is now possible to secure applications dealing with the Firewall or, in combination with reverse Proxys, even to secure web-based third-party applications. But what about non-browser based 3rd Party Tools? Wouldn't it be great to provide the 2FA also as a radius Service for those other programs? For us it would be. We are running e.g. a Password Server app that has a webinterface AND other user guis like Mobile apps. With a reverse Proxy, we could try to secure this Service from outsides threads via 2FA…18 votes
Add the drivers for OPTUS's Huawei e3276 usb dongle to the compatible list for UTM and /or RED. As this is the only one optus sell in Australia .6 votes
Add the Optus E3276 USB Dongle to the compatible list on the utm and to the RED as optus only sell these devices in Australia3 votes
The Cisco feature is called "Management Frame Protection". This process was standardized with the IEEE 802.11w7 votes
- Don't see your idea?