We are using Sophos SXG310 and it is configured in transparent mode and for Mail, It is configured as MTA mode. So Mails which are been rejected based on RDNS or IP Address basis by Sophos, Neither recipients or Senders are aware of this failed delivery. So we want to export mail logs based on filter "rejected" for some specific time period from Sophos so that we can manually intimate the recipients regarding failure of Delivery.
Please consider this requirement in next release.

we are creating free wifi zone at our Mall. In that regards we have used your device and we would like to suggest that currently your Login page is coming first and later on the registration page. Our suggestion is that the Registration page should come first so that user registers first and then the login poge should appear where they can login and use the service.

Version 18 has changed how Business Application Rules work. DNAT is done by a combination of NAT policy and regular firewall rules, which can have scheduled on/off times.

WAF/Webserver Protection rules cannot currently be associated with schedules.

This item is created so that folk who previously supported the Business Rule schedule feature because of a WAF requirement can transfer their votes here.

Show the public IP address of REDs in the network interfaces page in addition to the interface address of the WAN port on the RED. Currently, the only way to check the public IP is to grep for the RED device ID in /log/red.log in the advanced shell.

We need session time out after 10 minutes for specific user but this setting availed for all users not for one specific user so please add this feature in firewall.
I recommend you to add captive portal session in suffering quota where is Cycle hours.

I have a new request about issuing shared limit network quota for a group.
Now when I assign to network quota to group , that group each user will getting that particular data quota.

Ex: User Group Name - Test and Allocated 200GB to group, The test group have 10 Users.
As now In sophos Each user will get 200GB. But I want to use this 200GB as a Shared Data bundle.

Aruba’s Wireless APs have the possibility to block macs after a x attempts with wrong creds (psk or enterprise un/pw)

This is a good security feature and better than simple whitelisting.

we need a Report based on the destination IP address, based on the destination we need to find the source IP address.

Need the Option to add multiple WAN interfaces in Sophos Connect client settings.
if there is 2 WAN connection and 1 connection is down then the remote client don't have any option to connect to VPN through 2nd available ISP. if this option is available then the user will have 2 profiles in their Sophos connect client.

This is the only feature that is preventing me from migrating from UTM to XG

I use the POP3 prefetch mode heavily for mail hygeine, but it is not possible in XG, and as this is used at home, I cannot alter my MX records as my ISP's IP ranges are blacklisted

I created few groups and enabled each group network traffic quota.
Now I want get each group allocated data and available data report.
Unfortunatly sophos not available that feature.
so i'm requesting to enable that feature.

I'm using AD as authentication service in my sophos xg.
But users can't change password using user portal.
So pls enable that option for the AD.

I have a huge problem with doing HTTPS Decryption and Scaning.
Because in my enviroment haven't AD to push self-signed certificate.
So I want to add CA Author Signed certificate, But unfortunatley any of CA Authority not providing root certificate. Therefore I have new suggestion , Pls add sophos own CA Signed root certificate to sophos firewall. It will be helpful all of sophos users to enable HTTPS Decryption and Scaning without installing certificate manually. Because browser will trust certificate automatically. I still waiting for solution for this.

Considering the high internet connections already available to home users I think it would be important to at least increase the CPU's limit.
Currently is 4 threads, whichs is a problem because in most home installations the firewall is virtualized and this means that you can only use 2 cores (4 threads).
I think a limit of 8 threads would be fine. Right now the firewall with the IPS enable can hardly go above 300Mbps and I have 2 cores and 4 threads at 3.8 Mhz Zen2.

I want to add second override hostname for vpn settings.

According to the Sophos KB 134148, the Radius SSO feature is supported by APX models.
But customer bought a lot of AP55C, please also support the Radius SSO feature for AP55C.

Dear Sophos Developer Team,

Please develop a solution to customize the SSL VPN Email Notification Alerts in your next OS release. We are receiving Hundred of emails per day after enable the VPN Email Notification Alerts of up/down status. Please do the needful.

Thanks
Regards
Farrukh Naveed

If you use the Sophos DHCP Server and another DNS Server it is necessary that the option 81 is active to set and update the reverse zone pointer in the DNS Server.
It is possible to add per CLI options to the DHCP Server but just to set an option without to know which fields has to be set makes no sense.
Please add the option 81 to the DHCP Server.