Do you recognize a good idea when you see one? We want to hear from you!
Header Image

UTM (Formerly ASG) Feature Requests

Do you have an idea for Sophos UTM? Do you recognize a good idea when you see one? We want to hear from you!

I suggest you ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. WebSocket for XG Appliance

    Make the Sophos XG Firewall to work with WebSocket

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Web Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • show the hostname in the UTM headline

      If you have more than one UTM - it would be nice to see that you logon to the right gateway.

      1 vote
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Voucher Features Requests

        Hi Sophos,

        I would like to check whether this few feature can be implemented?

        1) Set Daily Limit to Voucher (eg, 400mb per day)
        2) Set Alert to notify when Voucher validity is about to end.
        3) Set Voucher duration to unlimited or 3 years and above.
        4) Auto renew Voucher when it expires.

        Regards,
        Nicholas

        1 vote
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Remote Access DNS server be a dynamic network Definition rather than a static setting.

          have UTM > Remote Access > Advanced > DNS server be a dynamic network object rather than a static setting.
          That way when you update the network object the DNS settings updates as well.

          3 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Email Quarantine Report

            Increase the number of available Email Quarantine Report scheduled times or have the F/W email users as their messages are quarantined.
            Having the quarantine report emailed twice daily causes issues with time critical emails, if they are stopped as false positive.

            3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • credit check free uk

              https://www.creditcheckfree.co.uk : you need to perform an immediate steps to rectify their status. Try, to repay the debt with very tired, to begin the payment of any of the bad debt. If a potential employer you are asked to sign the paperwork that allows you to check your credit report you are them,

              3 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
              • Web appliance: Force logout for individual users

                It would be very useful if admins could force individual users to be logged out from the web appliance. This would help in cases where the authentication timeout is very long and the user has closed the captive portal window that allows them to log out.
                This can already be done from the backend

                3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                • Block Windows 10 spyware

                  Given that Windows 10 has been exposed as spyware, how about an option to the Sophos software that blocks it? Of course, it's a bit of a long-term project in that, no doubt, Microsoft will be constantly changing the details of how the spyware works in order to defeat the many blocking schemes which will arise from various sources.

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • Accept own domain only from internal interfaces

                    There is a leak in the mail protection.
                    Whan a spammer connects to the UTM and uses our own domain as the sender, the UTM will not block the e-mail.

                    It would be nice to accept e-mails from our own domain only through internal interfaces and not the WAN interface.

                    4 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • web application firewall : better modsecurity scanning

                      web application firewall : better modsecurity scanning

                      it is more a bug than an idea, we figured out that there are a couple of words we cannot push via HTTP POST to a webserver through the WAF - actual now we know about these words: curl, wget and style

                      however, the words would pass through WAF if they are in the beginning of the text string but not elsewhere in the middle of the text string

                      1 vote
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • eMail notification for policy violation unblock request

                        When a user receives a blocked page notification and submits a request to have the site unblocked. I need to have this request send an email notification to a custom email address.

                        3 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Notifications  ·  Flag idea as inappropriate…  ·  Admin →
                        • Wireless Client Disconnect

                          Under the wireless clients, it would be nice to be able to disconnect a device if we do not want it to be connected.

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
                          • DSL reconnect invalidates route cache

                            Automatic DSL reconnects don't invalidate the route cache.

                            Hosts can not be reached until the uplink monitoring detects the interfaces being restarted.

                            Details are discussed with support legend BAlfson in the forums: https://community.sophos.com/products/unified-threat-management/f/54/t/74255

                            3 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                            • Mail Protection: attachment extension whitelisting

                              It would be useful if there was a way to whitelist specific extensions to prevent them from being blocked. For example we need to be able to receive GeoGebra files (with .ggb extension) but for some reason the UTM picks them up as being JavaScript and they are blocked.

                              1 vote
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Allow you to choose the IP Address of the Captive Portal

                                Currently, the captive portal IP will be returned to users based off the first interface which the device detects. In our situation, the first interface is a management interface and we have a 10Gbit module installed in interfaces from H I J K so we cannot re-arrange the interface numbering.

                                Please allow it so that we can choose which interface IP is returned to the clients to connect to the captive portal.

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                • Shell access based on AD groups and users

                                  In environments where backend access is highly utilized and vital due to security policies, having only 'root' and 'loginuser' can be limiting. Having shell access based on AD groups and users would be beneficial in several ways.

                                  Using only 'root' and 'loginuser' does not provide the ability to link an individual user to their access. Only source IPs are logged, which is not helpful in environments where users may be frequently connecting from different addreses, or where multiple users connect from the same IP.

                                  Should a password be compromised, all users are not affcted. In AD one can disable the…

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Create custom challenge questions for SPX password

                                    Be able to create custom challenge questions for the SPX password. The same way how CISCO does it.

                                    1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Appliance Hardware  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Whitelist for Mailserver per Domain

                                      It should be possible to describe a whitelist of mailservers, who are allowed to send Mails for a Domain in order to stop faked mails for a domain. For example our own Domain is example.de and our mailserver is mailserver.example.de or 111.111.111.111. So the UTM should bounce any incoming mail like fake-subject@example.de which is not sended by the correct mailserver on the whitelist, which would be mailserver.example.de/111.111.111.111. It would be perfect, if there would be a whitelist, where several servers could be added for a domain.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Quarantine Report not per emailadress but per user

                                        Don't send the Quarantine Report per single email address but per (domain) user. It's very much better for user with a lot of addresses.
                                        If you are using more than one UTM as MX gateway, a central spam quarantine server was very helpful.

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  UTM Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Add support for Dynamic DNS with ZoneExit

                                          Adding support for this provider should be very easy

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Networking  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 127 128
                                          • Don't see your idea?

                                          Feedback and Knowledge Base