Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can vote and comment on it.

If it doesn't exist, you can post your idea so others can vote on it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  1. Wireless: AP turn lights on/off

    Possibility to turn status lights on APs on/off so the lights won't distract in a office/home environment.

    7 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • Wireless / WLAN Deployment helper (wizard)

      As the configuration of a wireless network and the subsequent options for DNS, DHCP, packet filter, etc. is quite complicated, I'd love to have some kind of a wizard or deployment helper (like for RED) to ease the configuration.

      15 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Application control - iHeart

        Can you create a new application control for iHeart radio streaming? Cannot block access via group DNS entry as users cannot get to some legitimate sites.

        3 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
        • Endpoint Protection: Activity Report

          Client requesting the ability to create a recurring report (emailed daily/weekly) that lists all the systems by last update, with errors, and/ or those that differ from policy. Should be able to create a report on any tab or policy that exists in the product based on computer name, policy or container name

          26 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            1 comment  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Web Application Security: Block access to specific URLs

            Right now i'm trying to use the Astaro WAS for a setup, where we normally would use a linux server with apache configured as reverse proxy.
            In this constellation we could block the access on some URLs from the outside via simple "Order deny" directives on the reverse proxy.
            As far as i can see there's no similar option on the Astaro.
            The URL Hardening feature is no option for us here, as you can do only whitelisting with that.

            6 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • disable all download scanning

              Customer wants option or button to disable all download scanning on WS

              2 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • Networking: Make bridge interfaces immune from HA link monitoring

                Even when "HA link monitoring" of Bridge interface is "OFF", if this interface carries out a link down, TakeOver will occur.

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
                • 3 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                  • Reporting: Detailed country-based reports for bandwidth, sources and destinations

                    I would like to be able to see a report that I can sort desitnation hosts by foreign country. I would like to see what internal hosts are communicating out and what service they are using.

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                    • Web Protection: Device-based Authentication Profiles (BYOD)

                      ability to discover phones and tablets trying to get on the network.
                      If a user is trying to get on the network, the admins would like to automate the process and reduce the interaction required by users or admins.

                      If an employee brings their smart phone to the hospital, they get some sort of log in screen automatically, they check the box, agreeing to terms and the rest of the authentication process would be automated. Like logging on to a hotel network on a laptop.

                      4 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        Under Review  ·  0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • 9 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                        • RED: Support Backup Hostname for RED Connection

                          Currently, REDs and ASG must find and connect through the definition of a single host-name that is fully resolvable in the public. While this can use the DynDNS feature in ASG already for "fail over", it might be more simpler to just offer another host-name field to be used in the event RED looses connection to the main host-name?

                          Even with multiple WAN links avaialable to an ASG, the REDs use of just a single hostname poses a problem if that particular WAN link or ISP should drop for a time (e.g. fiber cut, dead modem, etc). The downed REDs…

                          98 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            Under Review  ·  4 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Reporting: SNMP support for License Information

                            We like to know the licenses state to see when a license is running out. Would be nice to get this info directly from the astaro device (or from ACC)

                            23 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
                            • Set IP Address manually to Access Point

                              It would be great, if i can set the IP Address to Access Points manually and not via DHCP.

                              2 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Mail Protection: Outlook Plugin for reporting SPAM

                                How about creating a plug-in for Outlook so that the user has a button labelled "Report spam" so that the email that they have open at the time is then forwarded on to your labs with all the information that you require and minimal input from the user.

                                14 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • Add predefined templates for compliance to the wizard or additional documentation

                                  In the setup wizard when you first log in, it would be very nice if the wizard asked in one of the steps what you needed for compliance such as HIPPA/FIPS/ETC to start you off with a base configuration compliant with said requirements, or a bit of documentation within the firewall highlighting key points required for configuration on the compliance that you need to put in place while configuring the unit.

                                  This would help out for those customers who were handed a project wanting a firewall with "x" compliance as mandated by whomever but don't know the finer details of…

                                  4 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
                                  • adjust size from bounced mails

                                    Hi,
                                    I have a problem with bounced mails.
                                    Exim only 100k size to the returned mail.

                                    ------ This is a copy of the message, including all the headers. ------
                                    ------ The body of the message is 4414249 characters long; only the first
                                    ------ 106000 or so are included here.

                                    Every bounced mail > 100k has a corrupt attachment.
                                    Our archiv system try to scan the attachment and throw a error.

                                    Is there a config to limit the size (bounce_return_size_limit) @ astaro?
                                    Is there a config to stripe the attachment from the bounced mail?
                                    Thank you
                                    Michael

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Web Protection: Coaching Mode for Warning / Educating User

                                      Today with UTM we can only allow or block a web site based on the categorie.
                                      now customer what is called a coaching mode where user get a warning that he is about to get access to a web site that is not relevant for his job and not compliant with the security policy
                                      The goal of that approach his also to educate customer regarding his web browsing habits and advise him that It knows what he does
                                      most of our competitors in web security do that
                                      and Sophos also provide this behaviour/mode with his Sophos Web Appliance
                                      so i…

                                      6 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Networking: Support NAT64 for IPv6

                                        NAT64 is a mechanism is importend(http://en.wikipedia.org/wiki/NAT64) with RFC 6146 and 6147. The The IPv6 client will communicat to IPv4 server.

                                        14 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Wireless: Reboot / Restart of Access Points

                                          Ability to restart a connected wireless access point from the ASG web interface. Sometimes I find they are not working corrected and need to be rebooted/restart/powercycled. It would be nice if this could be done remotely, right from the web interface.

                                          135 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            10 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base