It would be nice to have an traffic counter on every firewall rule that keeps track of how much data has been processed by a certain firewall rule. Sophos XG and other vendors have had this feature for very long which makes it easy for administrators to see which rules are unused or which rules are frequented very much.

We happened quite frequently to have an up2date failing, particularly when doing it in a Active/Passive UTM Cluster, because /var/up2date/sys is full.

It happens when gpg image is being uncompressed.

The most raging point is that there are many other mountpoints with GBs of space remaining.

There should be a way in a gui (there seems to be already possible with auisys.plx) to move the location of the Up2date files and working folders, so that update jobs don't fail with "no space remaining"

WebAdmin tab memory usage grows and grows until it crashes both in Chrome and Firefox.

There does not appear to be any way to view an active NAT translation table with connection states from the SG series web-interface.

Similar to pfSense "states table", would be very handy to see active NAT translations, with source IP / port, translated IP / port and destination IP / port.

Also good would be optional method to close some connections from the web-interface.

The column widths in the Central interface are fixed. This does not make sense and makes many items in the Alerts and RCA sections unreadable. The user should always be able to adjust all column widths.

This should also be true for the Central Endpoint client. It makes no sense that the window is a fixed size that can not be expanded or maximized and that the columns cannot be adjusted. I cannot read most of the lines on my system which severely limits the usefulness of the log.

As SUM is doing backups for all the connected UTM`s - I would like to get the backups by email from the SUM.

You can't reorder Administrator Local Service ACL Rules after initial creation. Reordering involves deleting and adding rules to create new orders

i want to turn the user portal off for security and to stop users downloading vpn software to any computer - but if OTP is enabled i get 'OTP users cannot access auto-created tokens in user portal' - so my work around it to turn off auto generate OTP then turn off the portal but this makes it hard to turn back on

i want to be able to turn the user portal off no matter what

SG series firewall having a good desk-board where we can see all WAN's, LAN's and VLAN's live traffic and bandwidth monitoring and also monitoring usage of bandwidth of individual users. ( We are using ASG220 since last 6 years).
After upgrade to XG series firewall with firmware version SFOS 16, GUI is totally different and very difficult to troubleshooting of monitoring of live bandwidth usage of VLAN. There is no way to monitor live VLAN traffic in XG firewall.

exactly that " speed test on dashboard " and also a test like "namebench" in dashboard or in Network Services

Is possibile in future release of Sophos XG rename the port connection? it will be more usefull for the implementation of rule and routing

in aplication control, we should be able to edit all the item´s in the main screen, by using the edit, delete or check -box option in each item, i wish to add an image (edited) for ilustrate the idea, but i can´t doit in this post.

if the web manager allow me for do this i guess i´ll could be more clear

when 'Auto-create OTP tokens for users' is enabled on OTP tab and i try and disable the userportal i get 'OTP users cannot access auto-created tokens in user portal'

for security i only enable the portal when i need to tell a user how to setup the ssl vpn client connection all other times i disable for security

to get round this i have to disable the auto create option then i can disable the userportal this is a pain as i need to enable both next time

Is possibile in future release of Sophos XG to view the comment of the firewall rule in the list and not only when i modify a single rule?

With the new Sophos XG I think is more clear if it's possible to Group every rule by the zone and you can expand the Group you need, like every rule from WAN to LAN, every rule from LAN to DMZ ... etc. it is possible?

Please include a combo-box to choose between the running DHCP servers in the IPv4/v6 Lease-Table-Tabs.

I'm not a fan of using non-standard port numbers for protocols. Whilst you can reconfigure the Admin Console to use the standard HTTPS port of 443, it then prevents you from being able to use the User Portal (unless I've missed something!)

I'd like to be able to connect to the admin interface with one address (e.g.: https://fw-admin.domain.net) and the user portal with another (e.g.: https://portal.domain.net)

Sophos Clean provides a switch, /scanonly, to specify a drive to scan however this doesn't scan subfolders. Being able to effectively scan removable drives AND subfolders with Sophos Clean seems to be critical to determine if a removable drive is clean. Sophos Clean is a 2nd opinion scanner, is it not?

1. How will this new feature address your business requirements?: allow us to effectively scan subfolders for potential malicious files without having to pick one at a time.

2. How would you rate the importance of this feature?; Critical