Smoothwall

Any and all ideas and feedback for Smoothwall

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. IDex Agent exclude specific usernames

    Some desktop software uses it's own domain user account to authenticate and communicate with servers. This can cause that user to be logged-in on that workstation rather than the real user.

    Option to configure a list of usernames that IDex should ignore if seen by the Agent.

    Workaround: Change service usernames to include a $ symbol at the end and they will be ignored by IDex Agent.

    27 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    • IDex Agent replicate all groups on first install

      IDex Agent by default replicates AD group overnight, however on new install it would be useful if it did this once automatically to allow group mapping.

      Current workaround is to use manual command; https://kb.smoothwall.net/Content/authentication/idexdirectory-synchronize.htm

      17 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
      • user activity column filters

        User Activity, Can it be made so that on the user activity page the columns can be filtered? That way I can only list users who are logged in via a certain mechanism (if you use RADIUS/BOYD it floods the list)

        49 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
        • Restore specific web filter policies

          Hello,

          I would have like to have the option to restore only specific web filter policies so that I could upload them to my test machine and trouble shoot issues our cutomers expirience.

          Cheers,
          Hanna

          34 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
          • Ability to add notes to exception IP addresses

            Quite often when looking through our Smoothwall boxes we come across IP addresses in the exceptions list that we don't recognise. This may be due to settings being implemented a long time ago, or by another member of the team. Our main concern is that if there is an address that we can't identify we need to make sure that it hasn't been implemented as a quick fix solution to bypassing the firewall, therefore exposing a user to potentially inappropriate material.

            For example it may be an IP address of the schools boiler monitoring system phoning home, which is fine.…

            8 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
            • Firewall audit trail log or report needed

              Either in the firewall logs to be able to export an period on whatever we want. Or a full audit trail on the same options in firewall logs.

              5 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
              • The export function appears to be broken

                When exporting firewall logs with filters, the resulting csv is not comma de-limited, so its pretty much useless.

                4 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                • Need a way of sending log files onto a syslog server or SIEM.

                  This idea seems to have been raised however I will add my voice to it. Sending web browsing logs to a SIEM is key for Security Operations as;
                  1. SecOps need to see what internal host is talking to whatever site on the internet and vice versa
                  2. Retain and be able to retrospectively query web filter logs for Security or Forensic purposes

                  Retaining the logs in a JSON file without giving admins the ability to either pull this content from the appliance or push it out to a logger creates a huge security blind spot.

                  10 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                  • Acceptable Usage Policy Prompt User First Access

                    It would be useful if you could store and electronic version of organisations internet usage policy within Smoothwall and on first access to the internet from a user they are prompted to read and accept the version of the usage policy that is current in the system before being granted internet access.

                    Smoothwall will then log that the policy has been read/ackknowledge by the user for reporting purposes.

                    If the Administrator then updates the usage policy the next time a user attempts to access the internet they are presented with the revised policy to review and accept.

                    12 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • Cross-origin Resource Sharing

                      Cross-origin Resource Sharing is a mechanism to allow content from a potential blocked site to be allowed if the originating reuqest comes for an allowed site. Some vendors call this "authorised Referer".

                      Example:

                      Allowing facebook requires that these 3 URLs (facebook.com, fbcdn.net and akamai.com) are allowed. Facebook.com to allow access to the homepage and the other two, to delivery content to the page. If all 3 aren't allowed, then content from fbcdn.net and akamai.com get blocked. The result, the page looks broken, logins don't etc...

                      However, with "Cross-origin Resource Sharing" in place, you could authorise "facebook.com" to "Fetch" content from…

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        1 comment  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
                      • Increase Report Groups

                        Increase the number of reporting groups from 20 to 1024.
                        We have a large number of schools now using the safeguarding reporting features but need the daily report emailing to multiple email addresses at the school. 20 reporting groups is nowhere near enough.

                        4 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                        • Change it back?

                          You have over-complicated a glass of water with this page. Hate it! Stop moving things around. Not necessary and about enough to make me rethink having this device.......

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            1 comment  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
                          • uefi boot

                            Hi,

                            Is it possible to have the Smoothwall boot with UEFI? Both ISO/CD/DVD and grub? It should be not that big issue I guess. More info for boot debian by uefi: https://wiki.debian.org/UEFI

                            21 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                            • Safeguarding report user access level

                              We need an option to only allow a group to report on a specific group.
                              For example, Staff should only be able to report on students, not each other and Admins.
                              This is true for both the new Safeguarding section, and the traditional reports. The alert email also contains information above the level of the group receiving the email.

                              83 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                              • Alert for blocklist being out of date

                                A configurable alert for the blocklist being out of date, that will then notify select users so they can investigate.

                                1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Update OpenVPN to use TLS 1.2, SHA-2 and DH 2048

                                  The current OpenVPN implementation uses TLS 1.0, uses SHA-1 for auth and DH 1024.

                                  It is considered best practice to use TLS 1.2, SHA-2 for auth and DH of at least 2048.

                                  Please can the current Openvpn version be updated so that these options can be set to improve the security of the SSL VPN tunnels.

                                  3 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
                                  • strip spaces

                                    strip out spaces, when pasting a url in to the url box

                                    2 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
                                    • system software update alert - email - changed from hourly to daily

                                      when email alert are on for system software update alerts it emails hourly! this is way overboard, please change this to daily.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Layman's explanation of what each function does

                                        There is a huge amount of functionality that organisations might not use but could be using if there were more user friendly explanations of functions. For example if someone did not know what a global proxy was how would they then set about using it? The explanations are circular using the same terminology to explain themselves. Get a non-tech to write introductions!

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
                                        • IDex Client - Identification only mode

                                          Allow IDex Client to work in an Identification only mode so it provides user and group information to Smoothwall so it can be associate to the Client IP but does require it to be used as a proxy service.

                                          Web traffic could be then filtered using any transparent / non-transparent core auth policy.

                                          1 vote
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 47 48
                                          • Don't see your idea?

                                          Feedback and Knowledge Base