Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can vote and comment on it.

If it doesn't exist, you can post your idea so others can vote on it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  1. canonical.com updates application control for QoS

    limit ubuntu clients to have a upper limit of bandwidth when downloading updates from canonical.com. Right now DNS Group only resolves one ip address when using dns group canonical.com.

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
    • Create a cheaper UTM based on the tilera platform.

      Create a cheaper UTM based on the tilera platform 9 core cpu or higher. The Mikrotik products that I use have inspired me to request this. I know its lofty but it just seemed like a good idea.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
      • In Secure Email Gateway

        In Secure Email Gateway can you please add a twice a week SPAM notification email sent to the user (say Sunday and Wednesday)?
        Currently it can only be set for every day (which is too frequent) and once a week (which is not often enough).

        Thank you

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Endpoint Alerts, mass purge

          Customer would like to have the option of purging multiple alerts from the UTM. They don't want to have to go and click on each individual Endpoint and clear the alert especially when using 350 endpoints.

          1 vote
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Link proof for incomming E-Mails

            The Utm checks Content opened via Webbrowser very well! Do I get a E-Mail with a link inside and it is Malicious or other Dangerous Content it will be blocked by Webprotction.

            It would be great if E-Mails containing links get a Link proof. The Links will be checked for Dangerous Content/Targets similar to the Webprotection when I open the link in the Webbrower in the WWW.
            Then UTM could remove the link an forward the E-Mail so the User knows about the Mail but no Dangerous Content arrives the User. The UTM could replace the Link with an Information…

            6 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • 4 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
              • UTM Endpoint: Client for Apple / Mac

                Have the ability to have Macintosh Endpoint Protection Clients

                209 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  6 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                • Run SAV on kiosk mode

                  It would be handy to have the SAV available in a Kiosk mode. So, when
                  a particular user is logged in, all a user can do is perform

                  a scan on removable storage devices such as USB memory sticks and CD's. This would be for standalone virus scanning stations and would allow users to scan these devices, but not use the computer for anything else. This would keep the process very simple for

                  users who are perhaps a bit unsure of how to use these machines.

                  3 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • bei der Multipath-Konfiguration auch gleich den bereits definierten DHCP-Bereich auswählbar machen, würde einen Schritt sparen...

                    bei der Multipath-Konfiguration auch gleich den bereits definierten DHCP-Bereich auswählbar machen, würde einen Schritt sparen...

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
                    • if-then rule for e-mail encryption

                      In UTM 9.2 SPX Encryption will be added.
                      At the moment eMails wont be delivered if you use SSL/TLS and the receiver doesnt support encryption.

                      My suggest is to force SPX Encryption if SSL/TLS doesnt work, with automatically notification to the user "hello, mail was sent with pw "xyz" to recipient "abc", pls provide pw to recipient and note that recipient doesnt support encryption". or so.

                      2 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • html5 vpn portal swedish keyboard

                        Please add swedish keyboard to html5 vpn portal.

                        21 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                        • Change object type on SUM for network definitions.

                          Change object type on SUM for network definitions.
                          For example: On a SUM-Server it would be very useful to change an object from a Host to a DNS-Host or DNS-Group. This would give administrators the possibility to change objects without revisiting any UTM where this object being used.
                          Of cause there are situations where it is tricky to do it because some configuration fields just allow certain objects but an error message could be helpful here.

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Management  ·  Flag idea as inappropriate…  ·  Admin →
                          • Please add support for blocking LimeWire in the Application Control.

                            We need a way to block LimeWire. it's not in the list.

                            1 vote
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                            • HA Setup let ***** takeover before master reboots

                              We currently have a HA setup with 2 UTM320's.
                              Whenever there has to be a reboot of the master device (either manually or due to an upgrade of the software) all RED connections break as well as all site-to-site connections.
                              I know this happens, so I can schedule updates and reboots, but shouldn't it be possible that the ***** first takes over everything from the master before the master goes down, effectively keeping any connections up?

                              9 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  HA/Clustering  ·  Flag idea as inappropriate…  ·  Admin →
                              • ip filtering web application firewall

                                Have the ability to specify which source networks, hosts are allowed to access a published website. This way we can add the IP-restrictions on the UTM box itself for a specific site instead of having to do this on the webserver hosting the site itself.

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  1 comment  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • MailSecurity: support smime certificates with 4096-bit key

                                  In the time of NSA spy attacks, encryption is getting more and more important. Therefor strong encryption is getting more important.
                                  I'd like to use smime encryption with certificates having a 4096-bit keylength and SHA-2 hashing.

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • ES1100 Performing a reverse DNS check on incoming email, the sender domain address can quickly be verified against the sending server domain

                                    By performing a reverse DNS check on incoming
                                    email the sender domain address can quickly be verified against the sending
                                    server domain, if this does not match or is incorrectly registered the
                                    email could be quarantined/blocked. In my experience 100% of all
                                    spam, virus and unsolicited emails fail this test because they are sent
                                    from unregistered bogus host servers. Yesterday we received virus
                                    loaded emails from companieshouse.gov.uk however the sending server was
                                    rotordisk.com an obvious compromised email server however the emails got
                                    through and we suffered a virus outbreak as a result.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • I suggest that in reporting can also view the first name and last name of the user that is integrated in active directory

                                      I suggest that in reporting can also view the first name and last name of the user that is integrated in active directory

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • 3 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                                        • RED conneting to UTM with multiple WAN lines

                                          It should be possible to configure a availability group on RED device to establish a connetion to a UTM with multiple WAN lines. This would increase connectivity to the main office, if one WAN line on UTM side fails.

                                          21 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                                          1 2 5 7 9 81 82
                                          • Don't see your idea?

                                          Feedback and Knowledge Base