Smoothwall Filter (On Premise)

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Address Object Created

    Problem: Having to go back and forth to find information on Address Object.

    Should be able to view the IPs when overing over the Object(popup) in port forward, anywhere when we use the object.
    This will reduce support time and customer time and set some clarity when fault finding.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
  2. Auto Blocking IP's based on rules / policy / triggers.

    I spend my mornings checking who has tried to hack us - when I see IP's that have been trying for hours / days I add their IP to my block-list.
    This is now getting too time consuming to manage. Can we not have an auto block to any IP's that continually try to hack us. Maybe we can set some thresholds that when any IP triggers they get an auto block. But going forward I think this is a must.

    I am sure my lfd on my Linux web server auto blocks hack attempts. Would love my Smoothwall to…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
  3. More Time Slot Options

    Your competitors gave us the ability to set schedules not just by recurring weekly time slots, but by specific dates as well. This helps a lot when there will be events or people on campus that need the filter changed/disabled but only temporarily. This enables Sys Admins to schedule these things without having to worry about it after hours or on days off. For instance, I find out that there will be a team of contractors on campus during summer during a certain set of days when I happen to be scheduled to be out of the country on vacation…

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  4. SSL VPN Certificate

    Can you update the VPN subsystem so that the certificate is generated with SHA256 (or better) instaead of md5, as newer versions of OpenVPN clients don't support md5 hash algorithms.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. Colour on block page changes to Amber if it is Softblock (from red for block)

    If the page is soft blocked the ribbon across the top should be amber, rather than red when the page is blocked.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Layer 7 rules should be both allow and deny

    Presently (Kennilworth) layer 7 filtering can only be applied to deny rules. This doesn't seem helpful to organisations that begin with a "block all ports and open only what we need" strategy which seems to be the most common strategy.

    It would be most helpful (and an excellent selling point) if we could just allow Dropbox or Skype or WhatsApp with the bare minimum of effort.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →

    Currently this is not possible to achieve, as layer7 relies on allowing a few “unknown” packets through before we get an idea of what the traffic is. As such, you can’t work out what the traffic is until too late for an “allow”.

    We’re looking at Layer7 options that provide a “first packet ID” but this is early stages

    Tom

  7. OPen up a new window when a link is clicked.

    I enter an IP and when I click on one of the URLs, it opens in the same page and I need to arrow back to get to Smoothwall. From there my results of the IP I entered are gone along with the IP I entered.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  8. Filtering by MAC Address

    FIltering by Mac address would be a great idea. It seems that locations can only be IP's. I would like to be able to create a group of Mac Addresses that can be filtered together without having to assign static or reserved IP addresses. This would also allow these machines to have the same filtering rules no matter which network they may be on such as a guest network or the main network.
    Thanks.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow temporary BYOD Ban

    Can we have the ability to temporarily ban access through BYOD authentication whilst still allowing access through other methods, so we can temporarily block students who install bypass software on their phones \ tablets (or if we can temporarily block a device if it is recorded as matching certain firewall rules too many times).

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. Ability to add notes to exception IP addresses

    Quite often when looking through our Smoothwall boxes we come across IP addresses in the exceptions list that we don't recognise. This may be due to settings being implemented a long time ago, or by another member of the team. Our main concern is that if there is an address that we can't identify we need to make sure that it hasn't been implemented as a quick fix solution to bypassing the firewall, therefore exposing a user to potentially inappropriate material.

    For example it may be an IP address of the schools boiler monitoring system phoning home, which is fine.…

    97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatic LetsEncrypt SSL certificate generation/renewal for local domains on reverse proxy.

    Why can't Smoothwall just generate unique SSL certs requests for each domain it reverse proxies, submit them to LetsEncrypt and handle the 90-day automatic renewal (it is, after all, proxying all requests anyway, so it could handle the ACME protocol renewal).

    Then we can just tick a "SSL this site" box for each reverse proxy entry, and we're done.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Proper headers when generating reports

    When you generate an report via email or 'scheduled' they should have more information about what the report pertains to. Report title, username(s) or group(s), just to name a few.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  13. update HTTPS Interception page ASAP

    Needs updates for:

    iOS - extra steps - https://support.apple.com/en-gb/HT204477

    Android - custom OS, needs manually installing

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  14. IDex Agent exclude specific usernames

    Some desktop software uses it's own domain user account to authenticate and communicate with servers. This can cause that user to be logged-in on that workstation rather than the real user.

    Option to configure a list of usernames that IDex should ignore if seen by the Agent.

    Workaround: Change service usernames to include a $ symbol at the end and they will be ignored by IDex Agent.

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Chris Humby responded

    We’re planning a small bug-fix update to IDex Agent soon.

    If there’s time I’d like to include this feature request too. For now this would likely be an additional configuration field where a list of usernames to exclude can be specified.

    Would this fulfil your requirements? Please add your comments to the discussion on uservoice.

  15. Tick -box for 'Select Safeguarding ruleset' when editing Notifications

    A Tick-box for 'Select Safeguarding ruleset' when editing Notifications to replace the current drop-down list which only lets you select one option. This would mean we don;t have to create a separate notification for each type of safeguarding alert.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. Prevent multiple reports being generated

    If you click on a report, it does not start for some time. I often find I clcik it again and can end up with two or three copies of the same report running, which I have to cancel the spurious ones.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  17. Safeguarding Reports keep Timing out

    This seems to be a problem with all reporting of any size...takes too long to run and then times out. Reporting continues to be a weak feature with Smoothwall.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. Printable views for Rulesets and other configuration pages

    When reviewing certain configuration pages, the displayed information (for example Firewall Rules - e.g. Network » Firewall » Firewall rules) in some of the columns is truncated - or additional text is only visible if a field is "expanded" (by clicking something) or by hovering the mouse pointer over the text field. This makes reviewing the overall ruleset (in one go) quite difficult.

    It would be useful if there was a "print" button that created a nicely formatted printable version of the page, with *all* information present, that could either be viewed onscreen (perhaps via PDF) or (dare I say)…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  19. Wildcard Usage

    Please add the ability to use wildcards at least in blocked content. For example: *.fmovies.* If we could just put that in, we wouldn't have to spend more time blocking 5t3.fmovies.com or fmovies.com and .net..whatever. You get the point I am sure. This would ease administration for smaller districts that use your product that don't have someone that JUST handles filtering and firewall operations.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  20. Time based controls on Content Modifications

    I really, really need time based controls for youtube in the content mods.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base