Smoothwall Filter (On Premise)

Any and all ideas and feedback for Smoothwall

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SSL VPN Road Warrior - filter by geo location

    We get incessant SSL road warrior connection attempts from hostile IP addresses. I can limit by groups and can block IP's manually via firewall rule, but that's a rough way to cut down on this traffic. The VPN control panel is therefore drowning in "unfinished" road warrior connections. I'd love it if there was a geo location way to filter traffic in general, but more specifically for SSL VPN. Especially useful for an SMB like us who only have employees in the U.S. and can safely block SSL VPN attempts from all other countries

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
  2. vpn ssl - control panel

    It would be good to know what time a connection was established

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Subscription Expired

    After subscription expired, what will happen to its functionality? What features will be disabled and what will remains?

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  4. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  5. We need LACP

    The LAN bond feature needs to support LACP, so that, if we are using more than 1 Gigabit WAN connection, we can use it! As it is now, we have 2 ISPs, with 1Gb each. However, because there is only 1 LAN connection, at 1Gbps, the maximum we can send/receive from the WAN is 1 gigabit per second. The LAN connection becomes saturated, even though the ISP connections are only at 50%.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Central Management, Clustering & HA  ·  Flag idea as inappropriate…  ·  Admin →
  6. Auto Blocking IP's based on rules / policy / triggers.

    I spend my mornings checking who has tried to hack us - when I see IP's that have been trying for hours / days I add their IP to my block-list.
    This is now getting too time consuming to manage. Can we not have an auto block to any IP's that continually try to hack us. Maybe we can set some thresholds that when any IP triggers they get an auto block. But going forward I think this is a must.

    I am sure my lfd on my Linux web server auto blocks hack attempts. Would love my Smoothwall to…

    29 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →
  7. More Time Slot Options

    Your competitors gave us the ability to set schedules not just by recurring weekly time slots, but by specific dates as well. This helps a lot when there will be events or people on campus that need the filter changed/disabled but only temporarily. This enables Sys Admins to schedule these things without having to worry about it after hours or on days off. For instance, I find out that there will be a team of contractors on campus during summer during a certain set of days when I happen to be scheduled to be out of the country on vacation…

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  8. Colour on block page changes to Amber if it is Softblock (from red for block)

    If the page is soft blocked the ribbon across the top should be amber, rather than red when the page is blocked.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Layer 7 rules should be both allow and deny

    Presently (Kennilworth) layer 7 filtering can only be applied to deny rules. This doesn't seem helpful to organisations that begin with a "block all ports and open only what we need" strategy which seems to be the most common strategy.

    It would be most helpful (and an excellent selling point) if we could just allow Dropbox or Skype or WhatsApp with the bare minimum of effort.

    27 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Firewall & Routing  ·  Flag idea as inappropriate…  ·  Admin →

    Currently this is not possible to achieve, as layer7 relies on allowing a few “unknown” packets through before we get an idea of what the traffic is. As such, you can’t work out what the traffic is until too late for an “allow”.

    We’re looking at Layer7 options that provide a “first packet ID” but this is early stages

    Tom

  10. OPen up a new window when a link is clicked.

    I enter an IP and when I click on one of the URLs, it opens in the same page and I need to arrow back to get to Smoothwall. From there my results of the IP I entered are gone along with the IP I entered.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  11. Filtering by MAC Address

    FIltering by Mac address would be a great idea. It seems that locations can only be IP's. I would like to be able to create a group of Mac Addresses that can be filtered together without having to assign static or reserved IP addresses. This would also allow these machines to have the same filtering rules no matter which network they may be on such as a guest network or the main network.
    Thanks.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to add notes to exception IP addresses

    Quite often when looking through our Smoothwall boxes we come across IP addresses in the exceptions list that we don't recognise. This may be due to settings being implemented a long time ago, or by another member of the team. Our main concern is that if there is an address that we can't identify we need to make sure that it hasn't been implemented as a quick fix solution to bypassing the firewall, therefore exposing a user to potentially inappropriate material.

    For example it may be an IP address of the schools boiler monitoring system phoning home, which is fine.…

    97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  13. Automatic LetsEncrypt SSL certificate generation/renewal for local domains on reverse proxy.

    Why can't Smoothwall just generate unique SSL certs requests for each domain it reverse proxies, submit them to LetsEncrypt and handle the 90-day automatic renewal (it is, after all, proxying all requests anyway, so it could handle the ACME protocol renewal).

    Then we can just tick a "SSL this site" box for each reverse proxy entry, and we're done.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Proper headers when generating reports

    When you generate an report via email or 'scheduled' they should have more information about what the report pertains to. Report title, username(s) or group(s), just to name a few.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  15. update HTTPS Interception page ASAP

    Needs updates for:

    iOS - extra steps - https://support.apple.com/en-gb/HT204477

    Android - custom OS, needs manually installing

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Guardian Filtering  ·  Flag idea as inappropriate…  ·  Admin →
  16. IDex Agent exclude specific usernames

    Some desktop software uses it's own domain user account to authenticate and communicate with servers. This can cause that user to be logged-in on that workstation rather than the real user.

    Option to configure a list of usernames that IDex should ignore if seen by the Agent.

    Workaround: Change service usernames to include a $ symbol at the end and they will be ignored by IDex Agent.

    57 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    12 comments  ·  Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Chris Humby responded

    We’re planning a small bug-fix update to IDex Agent soon.

    If there’s time I’d like to include this feature request too. For now this would likely be an additional configuration field where a list of usernames to exclude can be specified.

    Would this fulfil your requirements? Please add your comments to the discussion on uservoice.

  17. Tick -box for 'Select Safeguarding ruleset' when editing Notifications

    A Tick-box for 'Select Safeguarding ruleset' when editing Notifications to replace the current drop-down list which only lets you select one option. This would mean we don;t have to create a separate notification for each type of safeguarding alert.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. Prevent multiple reports being generated

    If you click on a report, it does not start for some time. I often find I clcik it again and can end up with two or three copies of the same report running, which I have to cancel the spurious ones.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. Safeguarding Reports keep Timing out

    This seems to be a problem with all reporting of any size...takes too long to run and then times out. Reporting continues to be a weak feature with Smoothwall.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. Printable views for Rulesets and other configuration pages

    When reviewing certain configuration pages, the displayed information (for example Firewall Rules - e.g. Network » Firewall » Firewall rules) in some of the columns is truncated - or additional text is only visible if a field is "expanded" (by clicking something) or by hovering the mouse pointer over the text field. This makes reviewing the overall ruleset (in one go) quite difficult.

    It would be useful if there was a "print" button that created a nicely formatted printable version of the page, with *all* information present, that could either be viewed onscreen (perhaps via PDF) or (dare I say)…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  User Experience  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Smoothwall Filter (On Premise)

Feedback and Knowledge Base