XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sophos protection in MS Teams

    Although I can see that Microsoft Teams is now a controlled application, determining if a user can run it or not, I want to ensure that Sophos protects the computer from any data being passed thru Teams.

    For example, if one user posts a file that has a trojan or a virus, does Sophos catch it?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. "Blacklist" of MAC addresses of wireless devices that are not allowed by an AP for a connection

    For each connected AP you should be able to specify a "blacklist" of MAC addresses in the XG that are not allowed by the AP for a connection. This is to ensure that stationary devices such as printers, WiFi cameras, streaming devices can only connect to the AP that is intended for them and that is located nearby.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Create CSV file for client less user and static IP in DHCP

    As of now only users can import and export in CSV file.
    But is it possible to export CSV or other file type for Client less user or DHCP static IP.
    So it's easy to when we migrate Cyberoam to sophos XG firewall ..
    Some time So many Client less user and DHCP static entry.
    So reduce the manually entry , if possible in cyberoam .

    Because Some time .tar file in not working, when we export selective configuration from cyberoam to sophos

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cyberoam  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sophos firewall rules/web policy/App Policy Create/Modify Email Alerts.

    Sophos XG Firewall create or modify any Firewall rules/web Policy/App policy by any admin users should get Email alerts, which admin are create or modify.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  5. Capture Host and Mac in DHCP Case

    Do you mean that in reports section you see the user name and the ip address of the user but you are not able to see the mac address ??

    Our reports does not show mac addresses.
    It only shows the ip address and the user name

    Ticket no [#9659603] Web support query [#99793330]

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  6. Downloading the Sophos Connect Client from User Portal

    There should be the posibility to download the Connect Client from the User Portal and not only from Webadmin

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. Need MS_CHAPv2 Across user clients and portal

    Trying to bring a client up to NIST standards. While MS_CHAPv2 is provided with a Radius Authentication server, and a command is available to set allowed authentication methods for VPN clients. The same cannot be said about authenticating the user portal/ firewall and admin access. XG firewall defaults to PAP with no command or capability to set allowed authentication methods. So we've just lost a nice XG feature set because of this issue. :-(

    There are various requests to get MS_CHAPv2 working with AD authentication servers. Just bumping that feature request with this one as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  8. Why is there on the different pages no reference to the name off the firewall. If you manage different firewalls and you have differe

    Why is there even on the control center page no reference to the firewall name.
    I don't memorize all serial numbers.
    If you manage different firewalls or have multiple firewall windows open, it is easy to make a mistake because you cannot easy see the name off the device you are working on.
    At least the control center window should have the firewall name, but also on other pages this would be very helpful.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for HSM to Protect XG Appliance Private Keys

    Sophos is heavily promoting TLS inspection, especially with the engine improvements in v18.

    Given that those features require creation and enterprise wide trust of an issuing CA certificate for the XG, there are obvious concerns about the security of this key.

    Can Sophos include support for cryptographic Hardware Security Modules (HSM) via network and/or USB to protect the confidentiality of these crucial keys and provide a higher level of confidence in defending against unauthorised extraction of the private key from the XG appliance.

    The client authentication feature also requires enterprise wide trust of a private key for the XG appliance(s).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cyberoam  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow "IP Range" on “Access Permission”

    If you do “Add new item” on “Access Permission” then it does not show any IP host that are configured as “IP range” for example I wish to add host “IP-Group-1” which is there and shows correctly when you look in IP host section. But it allows you to create a new range at that point but not use existing. I think this is more of a bug than a request but support told me to log it here.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. YouTube education Filter

    It is very useful for schools and colleges if Sophos enable the youtube education filter option in web policy.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. show the reason why "This website is blocked"

    How about showing the reason a website is blocked. You are doing the blocking so you know what the reason is. Display it to the user. If it's a rule then display the text of the description box for that rule. Or even the rule name would be of some help. That way users don't have to call IT to find out the reason they can't reach a site is because they have a typo or corporate policy won't allow it or....

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. WAN Authentication for Firewall Rule

    I miss a Pre-Authentification Option for WAN 2 LAN Rules. Example for TS Access. ALL Sonicwall Boxes have/can this!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. firewall rule with last access date and time

    It would be great for audit unused firewall rules, if all rules had information with the last access date and time.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Malware scan feature

    Regarding the MALWARE scan mechanism, many times we have complains from office users that emails are moved to Quarantined because some files in them fail to be scanned.

    Can there be a discrimination on a future update, regarding the exact sub-reason of an attachment being unscannable ?

    For example, due to an error differs fromfile being locked with a password or a modified pdf failed to open or do open but with a pop up error message that user can bypass and view/edit file.

    To activate/deactivate above said parameters, based on specific Sender address / domain etc.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. A group setting for multiple MAC host.

    In SYSTEM > Hosts and services , there are group setting for IP host and FQDN host.
    Please also add the group setting for MAC host.

    Customer is using the Sophos wireless; when they configure "MAC filtering", they hope can select a MAC group rather than MAC list.

    One specific name mapping to a MAC address , then grouping multiple MAC addresses to a group, for easy to maintain the MAC filter table.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Log retention report priod require in Number of days

    The log retention report period start from 1 month. in our case , the log storage has not enough if i even keep 1 month for all the category. The same trouble to purge the report. I would suggest that the retention period set as number of days which helps to mention the days 10,20 or 25 as well as in purge settings.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. SMTP Log Source and Destination IP

    Currently we have to way to find out from which source ip a rejected or accepted mail is coming.
    Also for Outgoing emails we dont know which remote server received our email.
    Please add to columns to the SMTP Log showing the SRC and DST IP.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Planed Firmware Update Sopohs XG

    In Sophos XG in there is no option to plan a Firmware Update. You just can update it manualy. I woul'd like to have the option to plan a installation of the Firmware Update.
    It would be very helpful.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 68 69
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.