Intrusion Prevention -> Modified Rules -> Advanced
When adding your own "Modify Rule" It asks for the Rule ID,
when it is really the rule SID you need to use.
A Minor change to the wording, but I've been caught out by this several times over the years.

It would be good to be able to change the notification display name which is hard coded now. I manage few firewalls and all notifications come with the same display name "Firewall Notification System" so to identify where it is coming from I have to open the notification and check for the full email address.

In the network services area of the utm it would be nice to have a an option to program a list mac addresses of server / pcs that you would want to wake from power off state.
Also in the dhcp server option for the dhcp server to log PCs to this database also.

We often deploy new Configurations and Software to our real servers behind about 15 SLBs. By now we always have to login to WebUI to manually rebalance the Real Servers we wan to maintain, and rebalance them back for the second half of a SLBs Real Servers.
It would be nice to have an SSL+Login API to do it automatically using something like Capistrano or even a predefined per-SLB HTTP Response Code, the SLB knows to rebalance to 0 for specific Servers.

Please put ASAP the PPoE option in the RED 50, DHCP/StaticIP is not enough, in my country PPoE is used by the principal broadband operator and once this option is not present and once the ADSL modem is not routed, I need keep another router between the red and adsl modem to provisionin IP to RED.

Improve Email Encryption possibilities similar to Zertificon Z1 (refers to most ideas also)

Automatically select only the applicable IPS rules and performance settings based on the network protection rules, e.g. only select HTTP Rules and HTTP performance settings if by filter only HTTP is allowed

to provide a web access for customers inside hotel or public domain with only name, surname and email adress for example.

Button to flush the conntrack table on need

It would be great if the AP30 also had the repeating option. The AP50 is too expensive for normal clients.

The Remote Client should get a virtual pool IP from the local DHCP Server when he is connecting via SSL VPN, instead of the UTM vitual pool IP.

It would be great to have the ability to disable the On-Access-Scans for a certain amount of time on the client.
E.g. via right click on the systray icon:
"Disable On-Access-Scans..."
"for 1 hour"
"until reboot"

This should, of course, only be possible for admins, perhaps only after entering the tamper protection password!?

For web sites with larger uploads (e.g. ownCloud) there is currently a 128MB (134217728 byte) limit in Web Server protection, the so called request body limit in ModSecurity.
Please add the possibility to configure this parameter (it's "SecRequestBodyLimit" in the Apache config) to allow larger uploads to sites protected by WAF.

I am using my UTM625 as my mail gateway and I allowed some of emails to relay messages to the gateway.One of my users email has been hacked and used to sends mass amount of emails within short period of time without my IPS on my UTM stopping it.I suggest you add this feature as it, I think, is basic Spamming/DOS preventing method.

Client is looking to report on detection specifics based on how the potential threat is detected, i.e. – on-access or scheduled scans. It appear much of the pre-reqs should already be in placed as the endpoints report this data in the alerts they email out and the fields appear to exist in the database however they do not correlate properly. The field is specific is the 'ScannerType' in the ThreatEvents table. The 2XX data fields in the database do not accurately reflect anything

ES5000, no facility to exclude subdomains from policy using wildcards. ie. Be able to exclude gsx addresseses from being encrypted if the policy for SPX encryption is based on subject CONFIDENTIAL, At the moment only domains can be excluded not subdomains.

Vote

Company and Contact Information
Company: Ausco Modular Pty Ltd (Parent Company: Algeco Scotsman)
Contact: David Wedrat - +61 7 3864 7862 / +61 434 601 401
Sophos Partner (if applicable): N/A

Sophos Product Information
Sophos Product: Sophos Anti-Virus
Version in Production: 10.2.7

Feature Request Summary
How will this new feature address your business requirements?: Bug Fix
How would you rate the importance of this feature?; 1 – Robocopy is VITAL to our business.