XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Unique (non-default) OTP Authenticator Account Name per XG instance

    We have two Sophos XG firewalls and are setting up OTP 2FA with Sophos Authenticator. After scanning the barcodes for both, the Sophos Authenticator displays both accounts with the same default non-unique account name "Sophos SFOS." This makes it difficult to differentiate as to which token goes with which firewall.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  2. Rolling firmware updates for WAPs

    Would be extremely beneficial to be able to roll out firmware updates for wireless APs in a staged manner - i.e. update one at a time instead of all together, so that there's no (or minimal) interruption to service.

    At the moment, I can't update access points during the day, because it will disconnect WiFi for all users. If we could do them one at a time, it would become possible.

    UniFi has this feature (they call it a "rolling update") and it's really nice. Updates each AP in turn, and doesn't start the next one until the last is…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Long Usernames with Active Directory

    When configuring Active Directory login on Sophos XG firewall you will have problems if the username is over 20 characters long. This is a limitation of the sAMAccountName field in AD. If you configure it as a LDAP authentication you can specify the userPrincipalName field for the username. This field doesn't have a character limitation. I would suggest an option when configuring Active Directory that we can choose to change the field used for login. This would work also in networks where there is more than one domain for authentication.

    Then users could just type their full email (ex. username@domain.com

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  4. firewall name

    When you are configuring something using the web interface you can't see the firewall name unless you are in the dashboard. It would be nice to have the firewall name at the top of the web page.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improved AP management

    I'd like to see a few improvements to management and monitoring of APs being controlled by an XG appliance:


    • Display other competing networks and channels strength for channel selection

    • Show access point utilization and establish thresholds for utilization trends

    • Integrate floor plans to position APs visually.

    • Couple the former with perhaps a mobile app to identify potential deadzones/heat mapping

    Use case currently is that I've been getting reports from one of my sites that wifi has been having intermittent issues, and the data needed to remedy it effectively is much more difficult to obtain than it needs to be

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add testbutton for SMTP notifications

    Please add a 'test' button on the Adminstration > Notification settings page. Also show a decent error when the test e-mail could not be sent.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  7. Network Interface Status

    Can you show Network Interface up/down status at Main/First Screen
    (Control Center --> Interface)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos XG v18 Rule & Policies display size

    Can we please increase the size of the box used to show the Firewall rules to something larger that 5 rules?

    Making it expandable either manually or automatically as you expand or collapse rules..

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. karthik@zog.live

    Please add the modification for hotspot voucher templets and captive portal registration page

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Let's Encrypt integration like the SG already has.

    Please integrate Let's Encrypt. I remember an anouncement at one of the first XG Roadshows that new features will be provided for xg and later maybe for sg. But SG gets Let's Encrypt first and un XG we waiting for it since years....

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. scan ftp for malware on encrypted FTP

    requesting for scanning of encrypted FTP

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. VPN - Inform the user via Email that he has been connected or failed

    This would increase the security that not somebody else is trying to steal his identity. It would be also great that the admins are informed with too many failed logins.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. Client certificate based authentication for SSL VPN remote access

    Clients should be authenticated based on the client certificate instead of username/password for SSL VPN remote access. The Sophos XG should validate the certificate via a CRL or via OCSP.
    This functionality is supported by most other vendors and solutions (e.g. Cisco Anyconnect or OpenVPN).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. subodha@idawngroup.com

    Hi Team,

    On now Sophos can add bandwidth limitation to user wise/ Application wise and Rule wise.
    But if bandwidth limitation had on network adapter wise and VLAN wise, It will be very helpful to all of them. So I'm requesting to add that feature ASAP.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. please provide filter option under intrusion prevention under Spoof Protection Trusted MAC it is very difficult to change the mac or ip

    please provide filter option for mac with ip
    under intrusion prevention
    under Spoof Protection Trusted MAC
    it is very difficult to change the mac or ip numbers . In our organization 250 Hosts are bind with mac for security purpose. There are 40 pages across we have to search it is very difficult. Thee is no option for export also. This feature is available in cyberoam 100ing firewall. but in sophos XG210 its a major pain to always scroll all the pages to find a single entry.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. GUI Control for 'NATting' system initiated traffic

    currently there is no easy way to control NATting of System initiated traffic, this would be incredibly useful when using a 4G SIMs

    Which uses a Private IP address range not a public. there are also ISPs which use Private IP addresses and route Public IPs to the private IP.
    which means you cannot register or control using Central.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. subodha@idawngroup.com

    Hello Team,

    Pls add bandwidth usage for user wise / group wise in to reporting.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. Schedule Reboot Sophos IView

    Hello Team,

    We have a request here from customer to have option for schedule reboot for Iview.
    For your assistance please. Thank You.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. WAN link report and SD-WAN routing policy report

    We should have the report for WAN like how many throughput per WAN link in the Report menu (Currently, We just have system graphs). Moreover, XG Firewall v18 have SD-WAN routing policy we should have the report for SD-WAN routing policy as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. Block Internet Explorer 10 & 11

    Currently Internet Explorer 6 – 9 are listed in the Applications list on our Sophos XG310s. We would like to be able to prevent our end-users from using Internet Explorer 10 and 11.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 71 72
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.