Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable Host based relay for basic guard subscription

    We love the new basic guard subscriptions because we are now able to sell UTMs to our small business custumers. But there is one big problem, the UTM can only be used for inbound mails. Please enable Host based relay for basic guard subscription! In our opinion this is a basic feature and should be also available in basic guard subscriptions.

    12 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • Send e-mail/SNMP trap when a load balanced node goes offline

      No information is sent when the UTM considers a load balanced node to be down. One thing is having Nagions surveilance on the nodes itself, but that wont trigger anything if only the UTM considers a node to be offline for some reason.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Let me set my own server timeout.

        Let me set my own server timeout, sticky sessions hard coded at 300 sec might not be enough for some applications.

        6 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
        • PCI-express RED card

          RED device in the form of a PCI-Express card.
          Would be very useful to install in to servers.

          5 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
          • Whitelist for encrypted attachments

            I'm using the UTM9 soft appliance as an SMTP proxy, but I'm having trouble configuring this w/ regards to incoming Emails with encrypted attachments (like password-protected zip-files). Basically, what I want to do is:

            -default action for encrypted attachments should be quarantine
            -define a whitelist for sender addresses allowed to send plain text Emails with encrypted attachments

            Problem is, even though I defined a whitelist and skipped the "Email Encryption" check for it, emails w/ encrypted attachments coming from the senders I whitelisted are still getting quarantined. The only way I found so far to get those Emails through is…

            23 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • 9 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Networking: USB 3.0 Network Adapter Support

                USB 3.0 LAN adapters are fast 1000 Mb/s and it would be nice if the drivers was added to the kernel.
                Special thoose with Asix chips, they are all over!

                AX88179
                http://www.asix.com.tw/products.php?op=pItemdetail&PItemID=131;71;112

                31 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  6 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                • Enable override of the the default SNMP system description

                  Many SNMP monitoring tools show the system description (sysDescr.0). By default this is pretty useless: "Linux my.hostname 3.3.8-56.h79cdcd-smp64 #1 SMP Fri Mar 8 11:46:42 UTC 2013 x86_64". Would be nice if the web admin interface allowed you to define your own friendly description which was accessible via SNMP.

                  4 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    2 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
                  • Browse Button on Filter Action Allow and Block URL

                    Hi, it will be great if its possible to add a Browse Button on Filter Action "Allow these URLs/sites" and "Always block these URLs/sites" so we can reuse the regular expression objects in other Filter Actions.

                    I know that is possible to import and export the domains list but It's not the same thing because the regular expression objects will have different names.

                    7 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow backend groups to point to AD containers or OUs

                      When creating a backend group in UTM against Active Directory, you cannot specify an OU or Container for membership. In eDir backend groups, you can point it at an OU and everything under that resolves to the group. The same is not true for AD; the user does not resolve as a member of the group if backend membership is limited to an OU, it only works when pointed to an actual group object.
                      I suggest mirroring the features from eDir group processing in AD group processing, and allowing backend group membership to be determined by OU or Container.

                      4 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                      • Localized keyboard support for HTML 5 VPN portal (RDP)

                        Transfer local keyboard layout to RDP to host

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • Fair votes

                          Only let user that have a password votes.
                          Now some users is voting with others email (that isnt password-protected)

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • email encryption expire time for internal user certificates

                            The user s/mime - pgp has a live time 10 years, but i can not see when the certificate expire

                            3 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • Html5 VPN RDP resolution increase/scaling

                              Please consider adding any size features to the RDP sessions through html5 vpn. The current window size can render the entire feature unusable for clients unable to operate in the 1012x700 (?) resolution.

                              29 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                5 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                              • Integrations with KeyShield SSO

                                It would be useful to add authentication via KeyShield SSO. KeyShield SSO concept is designed for any client platform. It provides SSO functionality for Windows, Linux, Android, Mac, iPad and iPhone. The principle of KeyShield SSO integration is very simple to implement - when UTM get a connection request, it ask KeyShield SSO server about the origin IP address. The response is fdn within one of configured directories (eDirectory, ActiveDirectory, LDAP) or "unknown".

                                12 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                • email appliance: search export

                                  the ability to export search results in the email appliance "search" section to excel or similar format

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
                                  • attack rules

                                    Provide the ability to include the necssary source IP and destination host for the Top Rules executive reporting. It is useful to assist the administrator to identify which internal or external hosts that causing the problem.

                                    4 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                    • WebAdmin: Speedup GUI when there is a lot of objects e.g. >2000

                                      The GUI seem to get sluggish with a lot of objects, often I find my self waiting while lists are populated or updated.

                                      On modern hardware searching and filtering through a couple of thousand items should be near instantaneous.

                                      Please optimise the GUI for high object counts.

                                      3 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Show Reverse IP in the RED Connection Status

                                        I suggest to put following IP information the reverse ip information also.

                                        It will help us to idenfity fastly what is the telecom operator that the RED use to connect to ASG.

                                        May be will be like this.

                                        SV REDXX (reds1) [ID REDid] online from 201.75.79.148 - 201.75.79.148.dyn.opp.net

                                        SV REDYY (reds2) [ID REDid] online from 205.215.12.89 - 205.215.12.89.ip.opp2.com

                                        etc...

                                        10 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          1 comment  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Sophos UTM - VoIP - SIP ALG checkbox to enable or disable this feature. Every xDSL-Router has this option.

                                          Many VoIP provider recommend for their ATA-Fax-Boxes to disable the SIP ALG function, to reduce the noise during transmitting a fax.
                                          In the Network Prottection / VoIP dialog of the Sophos-UTM, I would enjoy to see this option as a simple Checkbox.

                                          12 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base