Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Customer wants more control over the reports in the UTM

    Customer wants more control over the reports in the UTM: statistics from DB about Network usage per User, usernames, machine name, IP - more detail below:

    Detailed description of Feature request for Reporting subsystem
    1)
    Name: Show user names in Network usage report, instead NXDOMAIN, when use Transparent proxy with Browser auth
    Business requirements (reason for feature): Network usage report used for internal billing of Internet usage
    Importance: 1 = Critical

    Customers can’t use external systems, which based on Syslog, because there is no information about amount of data in Logs: SMTP, POP3, etc
    Customers don’t have access to DB,…

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Logging  ·  Flag idea as inappropriate…  ·  Admin →
    • End-User Web Message customization for Country Blocked

      Under Management>Customizations>Web Messages>End-User Messages, there is no option to customize the Sophos "Country Blocked" Web page.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
      • Generate .onc file in user portal for ChromeOS VPN

        ChromeOS VPN can import .onc files to configure connections that can include all connection parameters and certificates. It should be fairly easy to create the appropriate files in the user portal along with the other platform files.

        The ChromOS import is at chrome://net-internals/#chromeos

        14 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
        • Enterprise Console: Client prefer to have an option to deploy SAV to a preferred drive

          Client asks if there will be an option for SEC to setup the deployment of SAV to other Drive instead of automatically pushing it to C:/

          1 vote
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
          • Web Filter (Management Appliance) and HTTP User Agent strings

            It would be helpful to be able to search for, filter on, alert, and even block traffic based on HTTP User Agent
            Block User Agent for Java at proxy
            Query logs for visited hosts that used Java user agent•
            Aggregate by host, sort by frequency, analyze
            Generate exclusions
            Attacker can not modify the user agent before exploit attempt
            Esp helpful for Java.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • include mac/apple with UTM endpoint protection

              There are lots of places that have both windows and macs in their business. Both need to be protected with endpoint protection so they can be managed. Why have one and not the other?

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Add 'Allow' and 'Block' options in Sophos Cloud for the Spam category

                Currently there is no way to allow or block the 'Spam' category in Sophos Cloud, sites under this category are always blocked. Can this be changed to add an 'allow' option under Web Control?

                1 vote
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                • add the ability to receive an email notification whenever a user connects via SSL VPN for Remote Access.

                  add the ability to receive an email notification whenever a user connects via SSL VPN for Remote Access. It would be nice to also have the option for a disconnect notification.

                  19 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                  • Usability: Filtering Certificates before building the certificate lists

                    Hello,

                    on adding WAF at a client installation with heavy Remote Access usage two usability issues came up:

                    1) if i try to select the server certificate for the WAF site, the list builds for a very long time and then presents all certificates - in my case ~ 960 User certificates, the local certificates and the three Server certificates I imported... This is let's say, "suboptimal"... ;-)

                    2) The certificate list is sorted case sensitive, which is, again, "suboptimal" - it means that TEST..., Test..., and test... are at three different positions in the list. Combine that with the…

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                    • add transparent mode browser authentication over HTTP

                      This would allow the UTM admin to select the captive portal to be presented over http instead of https to prevent SSL errors on guest devices. I appreciate there's a security issue around this but it should be made clear while selecting this option that it's less secure

                      6 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                      • All Trap Adress should be readable through SNMP

                        All MIB OIDs for SNMP Traps should also be readable via a SNMP Request. So you can get the whole Status of your UTM via SNMP Poll

                        3 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  SNMP Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
                        • How do I reset my password so I can get documents??!!!!

                          How do I reset my password or get my old password so I can download documents?????!!!!!!!!!

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • WAF Reverse Proxy with authentication: forward session cookie to backend http server

                            When using the WAF (Web Server Protection) with authentication, a session cookie named BACKENDHOSTNAME_COOKIE is exchanged between Browser and UTM on each http request. For our application which is launched via Webstart from the web application and communicates via http we need to forward that session cookie to the external client process.

                            Therefor the session cookie should be made optionally forwardably from the UTM to the backend http server.

                            4 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              1 comment  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • Sophos UTM: FIlter out internet analytics

                              Filter out the internet analytics and services so that web usage reporting in only showing the 'real' websites visited instead of muddying the waters with all the analytics and services information. If if this could be hidden on the export of the report to managers etc...

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                              • iView reporting on Sophos UTM.

                                It would be good to break down the web usage by time bands. This would allow us to see which users where doing what on the web at specific times.
                                Thanks

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                • Notify users about ActiveDirectory password expiration on WAF Reverse authentication form

                                  Users logging on via the reverse authentication form Feature should be able to Change their Password from here - or be notified about an expiring/expired Password.

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                  • forward messages

                                    in SEA, (Sophos Email Appliance) customer requires a feature so they can forward messages to Sophos Lab or other actions from Mail Queue, currently its only available for Quarantine queue.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Refresh button for DYNDNS to force update

                                      There needs to be a way to force an update and refresh of the IP to the DNS vendor. There currently is no way to do this. Turning it off and back on does not do this. If for any reason the IP gets set from another location it will not update with the correct IP because the service does not see that the IP on the firewall has changed.

                                      14 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        2 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Voucher control

                                        Create a better control for vouchers. On our company we give a voucher for the employee so can use for a few months, but if he left the company i cannot know his voucher or I have to keep very complicated spreadsheets. It would be nice if on the portal while the user inserts its voucher it need to provide his email or his name. or if UTM keep a list of Device-Name and voucher used. So we can cancel a voucher when needed.

                                        2 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Improve Flow monitor

                                          Improve Flow Monitor, it is slow and seems to not reflect real traffice. For example when opening Flow Monitor from dashboard clicking on WAN1 In for example, the dashboard show the link with 95% (30MB link) used buth Flow monitor show many connections using little speed and a few using 1 or 2 MB. So I never can find who is killing the bandwith.

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base