Smoothwall UTM/SWG

Any and all ideas and feedback for Smoothwall

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Reporting again Please vote if you want to change this. We require simple reports that we can hand over to our HR team about users interne

    Reporting again Please vote if you want to change this.

    We require simple reports that we can hand over to our HR team about users internet activity. Something that would say joe bloggs was on Facebook at 14:00 for 2 Hrs on this date.

    Every report we run means we have to spend hours simplifying these reports for a non IT person to be able to understand.

    Subject name on each group in a report so multiple queries can be run in a single report with simple headings for each group query. This will help creating reports for managers with…

    304 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      25 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
      started  ·  Chris Humby responded

      Hi,

      This is one of our most voted ideas and we used the feedback to help build our Safeguarding reports in Framlingham and Glamis releases. Aim was to provide something that;

      • Simple and easy to understand so it can be delivered and used directly by Safeguarding officers, HR and other non-IT personnel with minimal understanding of web technology.
      • Highlighted the breaches and intent with specific colour coded breach levels and relevant information highlighting the user intent.
      • Report broken down in to headers on a per user basis.
      • Ability to delegate, email or print reports directly to the relevant department, minimising IT departments overheads with this work.

      We know many customers are using these reports already and have received much positive feedback.

      However, I can see from previous comments there’s still room for improvement and you have some smart ideas on how to take this further. I’m…

    • If NTLM Authentication fails instead of displaying the "NTLM failed" message, to apply the unauthenticated group permissions

      NTLM Authentication fails instead of displaying the "NTLM failed" message, to apply the unauthenticated group permissions or the group permission that unauthenticated requests are mapped to in the authentication policy.

      Reasoning behind this is that if a none domain laptop is brought into the school and gets WPAD sending them to the NTLM port. Would like to have the ability to choose if the NTLM Failed message is displayed or if it is allowed through as unauthenticated IP requests.

      177 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        8 comments  ·  Flag idea as inappropriate…  ·  Admin →
        Chris Humby responded

        Hi,

        I know it’s been a while since our last update on this idea. There have been a few tweaks to NTLM and AD authentication since the last update but there are still technical limitations with what we can do with the ageing NTLM protocol.

        If you are having issues with NTLM good news is we recently introduced our own Identification system called IDex in the Kenilworth release. This can work either with Client software, like NTLM but without the authentication exceptions. Or you can use an Agent which runs on your AD domain controllers.

        Either way you can test IDex out alongside NTLM, instructions are included in our help along with download links. https://help.smoothwall.net/Kenilworth/Content/idex/about.htm

        Regards,
        Chris

      • Customise SSL Login Page further including different login pages for different locations

        Have extra options for customising the SSL Login page such as displaying an AUP before being presented with the login page.

        Another option to forward to a specified web page after login such as a portal page with useful School links.

        Also being able to customise different login pages based on Groups & Locations would be great.

        168 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          13 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
        • Administrators of Smoothwall should be authentiated via Active Directory/RADIUS (i.e. not local users)

          Currently administrators of Smoothwall are local users. I'd like to be able to integrate the administrators to Active Directory or RADIUS..... i.e. no local users. The same could be said for Portal Users. I don't want to have to administer a whole host of local users and passwords.

          165 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            under review  ·  5 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
          • Option in the report to include user Display name

            Username does not always make sense to the intended recipient of the user - display name would be good to include in the report

            122 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
            • Foreign Country IP Blocking Dynamic List / Geo Blocking

              Most Firewalls allow you to select which countries you would like to block. I can manually add a subnet but each country generally has like 200 subnets to type in. It would nice to select what countries you would like to block and have that list part of a definition file that gets updated like the content filter.

              115 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                44 comments  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
              • Change Tracking / Auditing

                Change tracking or auditing of changes applied would be useful. The addition of adding a note would serve as a reminder of why/who/when a change was made. Would be specially useful where multiple admins maintain a single Smoothwall or a cluser.

                114 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                  started  ·  Chris Humby responded

                  Update:
                  Here’s a preview of the log imported to a spreadsheet: https://twitter.com/ChrisHumby/status/925409517239750657
                  Longer term we’d love to build this into the UI, perhaps with a roll-back mechanism. However for now will this help with figuring out who made what change?

                  We’ve taken another look at retrofitting some improved auditing within our SWG / UTM products to help track configuration changes.

                  Initially our plan is to improve the logging so you can import it to a spreadsheet and see what Guardian changes were made at a given time. We aiming to get this into our Leeds castle release so we won’t be able to include much more than this for now.

                • WIFI Hotpsot service including guest ticketing module

                  provide a Wifi hotspot module to allow public, guest and paid for wireless access. Provide options for guest ticketing and/or self registration

                  112 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    under review  ·  5 comments  ·  Flag idea as inappropriate…  ·  Admin →
                  • Safeguarding report user access level

                    We need an option to only allow a group to report on a specific group.
                    For example, Staff should only be able to report on students, not each other and Admins.
                    This is true for both the new Safeguarding section, and the traditional reports. The alert email also contains information above the level of the group receiving the email.

                    105 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      3 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                    • Ability to add notes to exception IP addresses

                      Quite often when looking through our Smoothwall boxes we come across IP addresses in the exceptions list that we don't recognise. This may be due to settings being implemented a long time ago, or by another member of the team. Our main concern is that if there is an address that we can't identify we need to make sure that it hasn't been implemented as a quick fix solution to bypassing the firewall, therefore exposing a user to potentially inappropriate material.

                      For example it may be an IP address of the schools boiler monitoring system phoning home, which is fine.…

                      96 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        7 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
                      • Enhancement - Real Time Web Filter Log

                        Under - Logs and reports » Logs » Web filter

                        It would be helpful and a lot less time consuming if you could hover over the user name and have 4/5 standard reports the admin can run against this user.

                        This would complement the real time web filter view, as if there was a breach you could pause the log, hover over the user name that has breached a web policy and run a quick report.

                        Reports would be standard Smoothwall templates (user analysis reports for that username)

                        80 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                        • IPv6 Support

                          2015 and no IPv6 support... Like it or not IPv6 is here... and we use it! Please develop support

                          76 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            8 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            started  ·  Chris Humby responded

                            Hi,

                            I know it’s been discussed for some time but IPv6 development is finally underway! Thanks for the feedback so far and those who helped fill out our survey.

                            As it’s a mammoth project to make entire Smoothwall networking and all modules support dual stack IPv4 / IPv6 it will be completed in stages over the next few major releases.

                            I’m now looking for willing customers who are planning to move to IPv6, or perhaps already are deploying IPv6 on their networks to help us gain valuable feedback as the project develops. This will include discussion on your requirements and early previews of the work we’re doing in our agile demos.

                            Please email me at chris.humby@smoothwall.net and let me know if you’re interested in participating. I’ll also keep uservoice posted with updates as the work progresses.

                            Regards,

                            Chris Humby
                            Product Manager
                            Smoothwall

                          • MITM page - make it customisable

                            I've got the Edinburgh-0 release and i've seen the MITM page, its good however i think it can be improved:
                            - Give users the option to customise the page (logo of school, background, text colour, line colour, etc)
                            - Show versions of OS aswell as browser - i ask users to install cert on machine rather than through the browsers
                            - maybe have some pictures with instructions as users love pictures
                            - add a button which says continue browsing once installed

                            76 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              2 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
                            • user activity column filters

                              User Activity, Can it be made so that on the user activity page the columns can be filtered? That way I can only list users who are logged in via a certain mechanism (if you use RADIUS/BOYD it floods the list)

                              73 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                1 comment  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
                              • Bandwidth Reporting

                                Is there a way to run a report on smoothwall to show our bandwidth usage. When i say bandwidth, i don't mean how much is downloaded from a domain, i mean how much of our pipe we are using, at say, 5 min internals over a given period. That way i can show the SLT that we are maxing out on our 30mb connection.

                                It would also be nice to show which IPs were consuming the most of this 30mb connection and what URLs were been accessed.

                                Also @ Smoothwall (if anyone is listening), the Realtime Traffic Graphs page needs…

                                70 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  4 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                • Splash Page whilst Proxy restarts

                                  When you restart the proxy, at the minute anyone browsing will get a page not found, I think this could be made more efficient generating less internal helpdesk calls, by using some for of captive portal/splash page to inform users the internet will be back shortly (or something more appropriate.

                                  71 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    6 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
                                  • add a delete all reports button in "recent and saved"

                                    When there are a lot of scheduled saved reports these can build up (our system has 5 a day for the last 2.5 years). This results in a "recent and saved" page that takes minutes to load. The only way to remove these old reports is to click the little red X next to the first few reports one by one.

                                    If there were a button to clear out all saved reports, or to delete all after a certain age, this would be of massive assistance!

                                    66 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Responsive Design for SSL Login Page

                                      Currently, when using SSL user authentication on mobile devices (especially phones) the user is bought to a logon page formatted for a desktop web browser, which results in a suboptimal user experience.

                                      It would be nice if the login page could recognise mobile devices and arrange the layout respectively.

                                      65 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Allowing Skype using Layer 7 rules

                                        By default, Skype uses undefinable Ports and IP addresses to make and receive calls. Where this doesn't work, it falls back to HTTPS URLs containing an IP address. Allowing Skype via either of these methods can also allow certain types of VPN and Anonymous proxy.

                                        Given the Smoothwall already has Layer 7 signatures for Skype, it would be a great benefit to be able to leverage these for allowing traffic, rather than solely for blocking traffic. This way, Skype could be allowed, whilst maintaining strong Firewall and Web Filtering policies.

                                        65 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Automatic Session Log out for SSL Login (Could apply to other methods) based on group and times

                                          Currently how SSL login works is based on when you sign into the SSL Login. What would be useful is to be able to define Session end times, based on groups, and if the login time out applies so if you have long session slots, a time out can still apply.

                                          This will give the advantage over a single timeout policy as you can make sure all students get logged out of Mobile device that can be passed about at the end of the session/lesson.

                                          How this would work is have config page where you defined each days Session end…

                                          63 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            6 comments  ·  Mobile Devices  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 58 59
                                          • Don't see your idea?

                                          Feedback and Knowledge Base