Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can vote and comment on it.

If it doesn't exist, you can post your idea so others can vote on it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  1. Networking: Make bridge interfaces immune from HA link monitoring

    Even when "HA link monitoring" of Bridge interface is "OFF", if this interface carries out a link down, TakeOver will occur.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
    • 3 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
      • Reporting: Detailed country-based reports for bandwidth, sources and destinations

        I would like to be able to see a report that I can sort desitnation hosts by foreign country. I would like to see what internal hosts are communicating out and what service they are using.

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
        • RED: Support Backup Hostname for RED Connection

          Currently, REDs and ASG must find and connect through the definition of a single host-name that is fully resolvable in the public. While this can use the DynDNS feature in ASG already for "fail over", it might be more simpler to just offer another host-name field to be used in the event RED looses connection to the main host-name?

          Even with multiple WAN links avaialable to an ASG, the REDs use of just a single hostname poses a problem if that particular WAN link or ISP should drop for a time (e.g. fiber cut, dead modem, etc). The downed REDs…

          101 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            Under Review  ·  4 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
          • Networking: Support NAT64 for IPv6

            NAT64 is a mechanism is importend(http://en.wikipedia.org/wiki/NAT64) with RFC 6146 and 6147. The The IPv6 client will communicat to IPv4 server.

            14 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
            • Reporting: SNMP support for License Information

              We like to know the licenses state to see when a license is running out. Would be nice to get this info directly from the astaro device (or from ACC)

              23 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
              • Management: Unify Static DNS / DHCP mappings to Object Definitions

                Use the same data for DNS static entries as for Network host definitions.
                Like this we would not need to enter the same data twice.

                9 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  Under Review  ·  2 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                • Wireless: Reboot / Restart of Access Points

                  Ability to restart a connected wireless access point from the ASG web interface. Sometimes I find they are not working corrected and need to be rebooted/restart/powercycled. It would be nice if this could be done remotely, right from the web interface.

                  136 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    11 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • Set IP Address manually to Access Point

                    It would be great, if i can set the IP Address to Access Points manually and not via DHCP.

                    2 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • Mail Protection: Outlook Plugin for reporting SPAM

                      How about creating a plug-in for Outlook so that the user has a button labelled "Report spam" so that the email that they have open at the time is then forwarded on to your labs with all the information that you require and minimal input from the user.

                      14 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Networking: Summarize DHCP Leases with a Total

                        When the DHCP server is configured with a large scope - say a capability of a range of 200+ leases. then it can be very difficult to determine how many leases are currently active, especially when leases that have already expired are still shown in the table. One has to manually count the entries in the table. It would be wonderful if a counter was available at the top of the lease table showing the number of current active leases.

                        15 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          Under Review  ·  3 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                        • Add predefined templates for compliance to the wizard or additional documentation

                          In the setup wizard when you first log in, it would be very nice if the wizard asked in one of the steps what you needed for compliance such as HIPPA/FIPS/ETC to start you off with a base configuration compliant with said requirements, or a bit of documentation within the firewall highlighting key points required for configuration on the compliance that you need to put in place while configuring the unit.

                          This would help out for those customers who were handed a project wanting a firewall with "x" compliance as mandated by whomever but don't know the finer details of…

                          4 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
                          • 3 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • adjust size from bounced mails

                              Hi,
                              I have a problem with bounced mails.
                              Exim only 100k size to the returned mail.

                              ------ This is a copy of the message, including all the headers. ------
                              ------ The body of the message is 4414249 characters long; only the first
                              ------ 106000 or so are included here.

                              Every bounced mail > 100k has a corrupt attachment.
                              Our archiv system try to scan the attachment and throw a error.

                              Is there a config to limit the size (bounce_return_size_limit) @ astaro?
                              Is there a config to stripe the attachment from the bounced mail?
                              Thank you
                              Michael

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Web Protection: Coaching Mode for Warning / Educating User

                                Today with UTM we can only allow or block a web site based on the categorie.
                                now customer what is called a coaching mode where user get a warning that he is about to get access to a web site that is not relevant for his job and not compliant with the security policy
                                The goal of that approach his also to educate customer regarding his web browsing habits and advise him that It knows what he does
                                most of our competitors in web security do that
                                and Sophos also provide this behaviour/mode with his Sophos Web Appliance
                                so i…

                                6 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • Mail Manager: SMTP Quarantine: Attachment Extraction/ Save

                                  Dropdown option to save attachemts from quarantined messages for further review, before releasing from quarantine.
                                  Should be fairly easy with the uudeview command already available in linux.

                                  4 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Web Server Protection: Max File Upload Size

                                    It would be nice to limit the maximum file size that could be uploaded.

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      1 comment  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Whitelist for PureMessage that over-rides all lists

                                      Feature Request Summary – To allow any white listed mail addresses to be outside and unaffected by the content violations.

                                      How will this new feature address your business requirements? – As above. We block the word facebook however this appears on most email signatures these days.

                                      13 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Endpoint: Patch Management

                                        I see that Sophos has a Patch Assessment tool that scans PCs on the network and alerts you to outdated Programs. Add this into your UTM Endpoint please.

                                        37 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          1 comment  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Authentication: Dedicated AD / LDAP Server Agent

                                          We would like a program(s) that could install directly on our Active Directory or LDAP server that would update the appliance on what user currently has what IP(s). This way their user objects could be automatically kept current without the need of the Client-Agent you offer, and give me super precise control by User.

                                          6 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            Under Review  ·  3 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base