Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can vote and comment on it.

If it doesn't exist, you can post your idea so others can vote on it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  1. allow the UTM Endpoint to apply Web Protection policies according to the logged on user when full Web Control is used for PC's off the LAN

    Can the UTM Endpoint fetch and apply Web Protection policies according to the logged on user. At present we still have to use another product to filter web usage when laptops are used outside the network with more than one user.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • User Portal Whitelist and Blacklist directly from the Mail Log

      It would be great if the User Portal would allow users to add to the whitelist and blacklist in their profile directly from the Mail Log on a per line item basis. This would eliminate users having to mouse-highlight/copy/paste and would also eliminate having to continually change modes.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Allow RED to access the internet line when the Main UTM line is disconnected

        This added mode could mean no disruption to the branch operations in case the UTM is down due to internet issues and cannot be up soon enough. Once the RED detected the UTM is up, it will establish connection and all traffic can be channel to the UTM once again.

        65 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          1 comment  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
        • Data path for config

          Use data path for config files that follows Windows Design requierements, e.g. C:\ProgramData\sophos or even better user Profile path.
          common places show informations for all Computer users.
          Next Problem: %programdir% is write protected for users. To config or change a connection administrator right are rewquired wihich a user should never have! Serious security issue.

          13 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            1 comment  ·  Usability/GUI  ·  Flag idea as inappropriate…  ·  Admin →
          • Report on number of times each rule was triggered

            We support subsidiaries in several heavily regulated industries and the ability to report that we are, in fact, protecting sensitive data is incredibly important. We
            would like to be able to report on the number of times each rule was triggered over a period of time (Weekly, Monthly, Quarterly,etc) and be able to drill down within each report to see information on the messages that are included in that count. Ideally we
            would like the ability to schedule the reports but that is not as important as having insight into what rules were triggered and being able to easily see…

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • Puremessage Exchange Alerts

              Puremessage Exchange: Email Alert in the Exchange store settings. To recive an email with the alert wisch server have the Problem.

              3 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • RED: VLAN port configuration on RED

                It would be extremely handy to be able to configure the individual ports on a RED to support different VLANs -- for instance, port 1 and 2 could have VLANs 20 and 30 tagged, with ports 3 and 4 running untagged (VLAN 1)... really handy for a branch office setup with VOIP, etc. It would also be nice to be able to configure a hybrid port as well.. .that is, one that you can configure a native VLAN on (untagged) with tagged VLAN IDs all on the same port, a la Cisco, etc.

                102 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  7 comments  ·  Remote Ethernet Device (RED)  ·  Flag idea as inappropriate…  ·  Admin →
                • Licensing

                  Currently the UTM has a 7 day timer concerning active IP running through the UTM, This is a built in feature that is not adjustable. If you could adjust it to only 1 day you could then justify having to upgrade you license. With it being a 7 day timer you could have one day where you exceeded the license count but then the rest of the week be under the count.

                  20 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • Separate antispam action for incoming and outgoing emails

                    It could be great to have separate spam policy for incoming and outgoing emails.
                    This feature should be used by ISP or large messaging providers.

                    With this feature, messaging administrators can mark incoming spam message and block outgoing spam messages with 2 differents policy.

                    Another trick to achieve this type of filtering can be to assign an existing profile to a specific interface adress (external adresses will accept spam and mark the subject and internal address will block spam and expression).

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • Enable additional functionality in the WebAdmin interface for the integrated ISC DHCP server.

                      The current WebAdmin interface offers a limited feature set for configuration of the integrated ISC DHCP server. Supporting additional configuration options would allow for more advanced DHCP confiurations: Multiple pools per subnet, groups, allow/deny unknown-hosts (per pool) and members, client classing (with match), lease limits, etc.

                      2 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                      • More predefined Web Filtering Exceptions...

                        like Java updates and other Services...

                        3 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                        • Search field in email appliance to show From header address in addition to Envelope from

                          Currently the envelope sender/recipient field is used when searching or
                          just listing email in the admin interface. The To and From fields from the
                          full mail message should also be shown/logged as these are most
                          recognizable to users. Sender can sometimes and seemingly often is blank
                          and therefore not useful in searching through logs to find specific email.

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Option to quarantine messages rejected by rbl's

                            We deal with many small business from which we receive very important emails and when they get blacklisted and we don't know they sent an email because they got rejected this is bad. Our previous spam service from macaffee had this option

                            4 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • Mail Protection: Configurable SMTP Retry Timeout

                              A feature to allow administrators to reduce the SMTP relay Retry Timeout Limit would be excellent. Very useful for freight business who rely on email to get CON notes out quickly.

                              70 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                12 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Wireless: External Captive Portal support

                                Support to redirect WIFI users to External Captive Portal like AmigoPod. External captive portal can authenticate users, create user as autoregistered and introduce advertisement depending of user data.

                                63 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • SSL VPN run Active Directory login scripts on connection

                                  Upon connection, Active Directory users should have their login scripts run (mapping network drives and printers.

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
                                  • disabling the web link in yahoo chat window

                                    On behalf of customer, we would like to know the status of this ticket. Please kindly advice if disabling the web link in yahoo chat window is possible?

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Tune Nat Values

                                      It would be awesome to have an interface within the webAdmin tool to adjust the nat values into areas like /proc/sys/net/ipv4/netfilter

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • 1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Add USB 3.0 Network Adapter Support

                                          Sophos UTM 9.1 currently supports USB 2.0 Network Adapters, but they are old and slow. It's about time Sophos bring us USB 3.0 support so we can use gigabit USB adapters in our home and small business/small remote office environments.

                                          3 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base