If Webfilter is configured in Standard Mode and HTTPS URL-Filtering is activated, and it is not an option to distribute the Proxy CA Certificate to the whole clients (because no domain membership), and the user requests for example a HTTPS Website with the result "host not found", the delivered HTTPS content to the client browser is destroyed (CSS and Images). We need a solution for our users.5 votes
create a feature that allows admins to schedule the pattern updates to run at a specific time. i.e. during a service window weekly at 3:00A
Schedule Pattern Updates for specific time.1 vote
We would like to be able to configure how long browsing is allowed for after passing through a 'Warn'. It will allow us to give more flexibility to warn users for longer periods rather than them constantly getting cut out and having to click proceed again.
It is very annoying to have videos drop out when your watching them and then having to click proceed again.1 vote
The reason for this is to allow different domains and DNS settings per VPN profile. This allows for companies with odd networking setups, like a single internet access point for multiple domains on different servers, to use the same Sophos UTM for VPN traffic and authentication.1 vote
Request that the Sophos UTM supports HTTP Strict Transport Security (HSTS). RFC6797 - https://tools.ietf.org/html/rfc67978 votes
Astaro/Sophos UTM will happily use an external LDAP server as an authentication source. And then apply over that its own TOTP layer. But it cannot provide that TOTP service to other devices, except for internal websites using the reverse proxy.
I'd like to see Astaro offer an external facing LDAP service, as a proxy for other LDAP servers with an optional OTP enhancement. This would allow an organisation to provide a single OTP source against a whole range of services such as mail servers, file servers and much more; all without configuring multiple OTP servers.3 votes
It's important in case of using EAS (Exchange Active Sync) that the TCP connection timeout can be increased within the gui. At the moment only one unsupported workaround exists:
It's an important feature if you use EAS.
You will find more information about this topic here:
We want the ability to use an iPhone ( or Android ) as a modem via USB tethering in the event of an internet outage at the site.
Instructions from IT would then be as simple as asking the Branch manager to plug their iphone into the red and turn hot spotting on.1 vote
I believe we should be able to specify which authentication server to use for each login method.
It should not fallback to any other servers not specified.1 vote
Make it possible to search for IPv6 in mail manager4 votes
Allow a comment to be added to the mac address table so that you can record what devices the address is for. This makes it easy to manage the list if a device is to be removed.
It would also be nice if the wireless clients list could look up the comment and display it next to the record so you could see the device in the list.4 votes
It would be nice if there was a "HOLD" feature in the mail manager. If there was a way to “hold” the e-mails on the UTM – when I was done checking the exchange servers, I could then “unhold” them and release the e-mails.4 votes
Customization for sent mail, which are quarantined
because normal users do not respond to English emails
or they can not read6 votes
I wanted to tell you about how much I like Sophos Antivirus for Mac, Free Edition and realized that you could increase your customers input if you built in a Feedback menu item into the program itself.1 vote
would be nice to have colour coding in the DHCP Lease Table view to know immediately if leases are about to expire, expired, or alive/dead
about to expire = orange (light version of nice orange used in fonts for ui)
expired = grey
alive = green (light version similar as above: signifies machine is online)
dead = red (light version: signify machine is not online)3 votes
It would be great to see the WLAN MAC adresses of the AP's directly in WebAdmin. This would be very helpful for example when creating a Heatmap .3 votes
It would be helpfull to have an Configuration Viewer to have a look inside old saved configuration or configuration from other users. The Viewers should have the same look like the original astaro Administration surface with all the menus.3 votes
Customer would like the same function in the UTM as per the Email Appliance to specify what types of messages they can add a banner to.
For example, they currently want to add a banner for outgoing messages with attachments only - not all messages.1 vote
It would be nice if the "Notification regarding potentional leak of data" email sent to administrators would list what Content Control Lists Rule triggered the alert.
I have my UTM set to allow the email but alert me when content is suspected to have been confidential. I was hoping to use the alerts to help decide what rules are going to be useful in my environment but without an indication of what triggered the alert the message is not very useful.
It also appears that "potential" is spelled wrong in the subject line.1 vote
in UTM 9.2*, adding host based path routing on port 443 with user portal and ssl vpn on the same port allows the users and administrators simple configuration and usability by not having non-standard ports to content with and the implications of special firewall burns from various site which are not allowed non-standard port connections. feedback from the customer in case 46524050 votes
- Don't see your idea?