Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Wildcards for HOST BLACKLIST

    I really get a ton of spam. And some companies have dozend (!) of real smtp (spam) servers with fixed IP addresses like these one. And you can easily see that there seem to also have smtp spam server "relay61.brm24.de" to "relay89.brm24.de" and "relay118.brm24.de" to "relay129.brm24.de" from which I still didn't got an email yet (so they are not blocked now):

    relay59.brm24.de 78.46.76.140
    relay60.brm24.de 78.46.96.74
    relay91.brm24.de 213.239.212.235
    relay101.brm24.de 78.46.44.235
    relay102.brm24.de 85.10.209.133
    relay103.brm24.de 88.198.61.232
    relay104.brm24.de 213.239.213.207
    relay105.brm24.de 88.198.35.24
    relay106.brm24.de 78.46.78.116
    relay107.brm24.de 46.4.90.229
    relay108.brm24.de 213.133.97.146
    relay109.brm24.de 88.198.7.133
    relay113.brm24.de 88.198.51.236
    relay114.brm24.de 88.198.58.40
    relay116.brm24.de 88.198.66.66
    relay117.brm24.de 78.46.49.11
    relay130.brm24.de 213.239.214.166
    relay131.brm24.de 213.133.98.213

    It would be…

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • being able to switch off broadcasting for certain times of day on the APs from the Webadmin,

      Customer wants to be able to switch off broadcasting for certain times of day on the APs from the Webadmin, He is a school admin and wants kids to only be able to see any access the APs at lunch and after school. He does not want to manually use the hide SSID feature. Rather he wants to be able to have an option in the GUI to only broadcast at certain times of day.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Remove the link "Add exception for this URL" from the err_ssl.html template

        When the customer gets this alert for example - URL untrusted website warning, within this there is a link called "Add exception for this URL" which re-directs users to the user portal. However this customer gives no access to the user portal for any user.

        The issue is that in the templates page this template is not in the list anywhere so cannot be edited.

        It can be manually removed from the file here but everytime an update is applied it will be over written.
        /var/storage/chroot-http/etc/templates/err_ssl.html

        So customer wants to be able to edit this from the GUI like the…

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
        • Generate .onc file in user portal for ChromeOS VPN

          ChromeOS VPN can import .onc files to configure connections that can include all connection parameters and certificates. It should be fairly easy to create the appropriate files in the user portal along with the other platform files.

          The ChromOS import is at chrome://net-internals/#chromeos

          11 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
          • let us decide, if we want to block the Dropbox app or the Dropbox homepage

            Now automatically both features are blocked, but I just don't want the App on my system. I don't mind if the users use Dropbox via web page.

            4 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • Add IP PBX subscription

              I have a lot of customers that need to install an IP PBX inside their network,
              instead of installing a third party solution,
              Why not Sophos Sg series integrates with Asterisk, as it is open source

              14 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Flag idea as inappropriate…  ·  Admin →
              • 3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                • 3 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                  • IEEE 802.1X authentication on RED devices

                    It would be great if you could define MAC-based authentication on the RED devices with 802.1X and a RADIUS server to ensure that just our own notebooks and phones on the remote locations can enter our company network. Foreign MAC-adresses should not be authenticated and blocked.

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Implement a UDP helper

                      You really need to implement a UDP helper (akin to Cisco's 'ip forward-protocol udp' command) to selectively forward UDP broadcast traffic to other networks. Such traffic is commonly used to auto-discover systems and services.

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                      • Integrate FIDO U2F as form of two factor authentication

                        We are heavily using Google Authenticator together with our UTMs but would like the ability to issue a user an open source hardware solution that can go on their key ring. Our power users tend to run out of battery life on phone while traveling and a device on a key chain would allow for ease of access and a knowledge that all users can get in and accomplish the important business items they take care of.

                        Our other solutions allow us to use something like a Yubikey Neo and gain access to everything no matter batter conditions.

                        Benefits:
                        No…

                        12 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                        • Removing the internal IP from OWA log in screen

                          I've just set up WAF for my internal Exchange Server and Outlook Web Access. I noticed on the log in screen it says "The server %FQDN of mail server% is asking for your user name and password. the Server reports that it is from %internal IP%.

                          This is such a huge security risk. Anyone attempting to access my mail server knows the internal IP structure. Please remove this from the log in screen!

                          8 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                          • Source/Destination Tranparent Bypass

                            Similar to this:

                            http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/6002140-web-filter-exception-transparent-bypass

                            However, would it be possible to do a source AND destination match only instead of this source or destination?

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • SafeGuard Portable for mac

                              Hi, can we please get SafeGuard Portable for Mac it works great for windows

                              4 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Operating System  ·  Flag idea as inappropriate…  ·  Admin →
                              • 1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
                                • Store the SPX password specified in the subject using [secure:<password>] in the UTM for <receiver> so that subsequent e-mails to <receiver>

                                  Store the SPX password specified in the subject using [secure:<password>] in the UTM for <receiver> so that subsequent e-mails to <receiver> will be encrypted using that password without the need to specify the password again and again. Let's reset the password for <receiver> using the existing functionality 'SPX password reset'. Or alternatively provide a different way to specify a permanent password for <receiver>.

                                  2 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Google Domains Dynamic DNS

                                    Google Domains includes support for dynamic DNS (see https://support.google.com/domains/answer/6147083) which uses the dyndns2 protocol. It would be useful to have Google Domains as an option within the UTM's list of dynamic DNS providers.

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Firewall Change Log reporting

                                      Provide the ability to report on all configuration changes on a monthly basis. This is required for many companies that have security controls.

                                      3 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Device Management Hotspot from UTM Webadmin

                                        Would like to Manage the Devices that are Registerd for an Hotspot Voucher from the UTM Webadmin Page.

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • [Mail Manager]Japanese mail support of "View" function

                                          So as not to mojibake even if Japanese mail is displayed by "View" function, the modification is requested.

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base