XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. user agent

    Hello,

    I would like to have our proxy log all User Agent strings and possibly the referrer. This is a great way to see what is making network connections out and helps with root cause analysis. This is also import information when performing incident response.

    2 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • Superadmin role

      Currently there can only be one "super admin" on the SCFM. It would be nice to have this be a group or set of permissions that can be assigned to more than one user. This would allow multiple administrators to have control over the central management portal without the need of having the one person grant access on a per firewall basis.

      An example of this would be creating a new SCFM user and granting them the 'Administrator' privilege. This will allow them to manage all settings in SCFM, but it will not allow them to view all devices synced…

      2 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
      • 5th Std Child able to Bypass or HACK Sophos

        Dear Team,

        We are from education sector,
        our camus 5th std child bypass the sophos technology.

        he use psiphon 3 software then he bypass all policy.

        if only 5th std child can break sophos what about professional hacker.
        we feel we are not under safe UTM.

        Kindly support or raise hand not possible and return the 12 lakh rupees which ios we had pay for the same.

        2 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
        • Child Can able to HACK or Bypass Sophos

          Dear Team,

          We are from education sector,
          our camus 5th std child bypass the sophos technology.

          he use psiphon 3 software then he bypass all policy.

          if only 5th std child can break sophos what about professional hacker.
          we feel we are not under safe UTM.

          Kindly support or raise hand not possible and return the 12 lakh rupees which ios we had pay for the same.

          2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
          • Add Reports for Intrusion Attack Detected and Blocked

            Customer requesting to show reports as well for Intrusion Attack Detected and Blocked or Drop

            3 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
            • Create object option is missing

              Please add the function "Create new" to the Hostname field in E-Mail -> Encryption

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Cyberoam to Sophos XG - Sophos had empty lost configuration

                Provide / store migration logs from Cybeoram - Sophos XG
                We ended up with an empty default sophos after migration. Contacted the chat and apparently there is no way to check what went wrong, there is no log stored for this.

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                • Search for wildcard domain in Custom Web Report

                  In the Reports (in the Custom Web Report) I want to search for wildcard domains. For example *.org. But this is not working at the moment.

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                  • "rewrite html"

                    As suggested by the support I add the suggestion associated with ticket #7420116 here as well.

                    Please consider supplementing manuals for your products that include HTTP/Web proxies. The "Rewrite HTML" option causes not only HTML rewriting but also HTTP headers rewriting based on the head section <meta/> tags with the http-equiv attribute. The headers rewriting functionality seems to be undocumented.

                    Please note that such an unconditional rewriting causes problems for web pages that have a construct like the following:

                    <head><noscript><meta http-equiv="refresh"…></noscript></head>

                    Adding a HTTP header based on such a construct causes a site to malfunction because it redirects the client…

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • site permission

                      http://demo3.sbna.in

                      This is an site needed for our ERP demo. Its not a spam.
                      kindly permit

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                      • Logs show NATed IP instead of private IP when the rule is set to drop the traffic.

                        When the rule is set to drop the traffic, we are getting NATed IP on Syslog server's logs. All dropped traffic is showing public IP instead of private so we can't differentiate between logs based on private IP. We were informed that the Cyberoam firewall has such architecture. And if we want the private IP we need to set the action and allow and drop the traffic using utm features.

                        This should not happen.

                        2 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                        • DMvpn

                          Dynamic Multi-point VPN (DMVPN) is required for dynamic routing in VPN for redundant route identification (LIKE ospf,eigrp,).

                          4 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                          • Email Protection: exceptions for virus,- spam and content checks

                            Please make it possible to make specific exceptions for virus,- spam and content checks like it is possible in the UTM. Now you can only make general "Spam Check Exceptions" for "Domain Name"??? Which actually only creates an exception for the IP blacklisting check.

                            3 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • DHCP Block List

                              Need to have provision for DHCP to block assigning IP to black listed MAC Addressess. This will help the block the IP assignment to barred devices like mobile phones etc

                              2 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                              • Select 2 or more external ips (isp links) on a business rule

                                Option to select 2 or more wan ip in a business rule

                                4 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                • WAF Load Balancing - Add additional features

                                  On HTTP/S NLB I would like to have more features, such as:

                                  Weighted roud-robin
                                  Weighted least connection
                                  Hash based on Source/Destination IP
                                  Hash based on Cookies
                                  Hash based on Header/URL

                                  Thanks

                                  4 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                  • known IPs in log viewer

                                    It would be nice to be able to add notes in DHCP that popup on mouse over of a known IP or have it show the device name when you mouse over a known IP address in log viewer.

                                    4 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                    • easy way to create multiple alias

                                      XG allows to masquerade an internal network with an IP range. To works fine it need a valid Alias address configured on the out interface (valid ip = ip in the masquearding range). So if we create a range of 200 IP we MUST define all 200 ip on the out interface. This is a feature needed in different scenarios such as a primary gateway with authentication or a network overlap ...

                                      3 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Load Balancing Ratio - Usage of % instead of numbers

                                        Gateway Load Balancing accepts number and if you have more than 2 gateways, finding the ratio number can be challenging. Using percentage is less confusing and more simple to use.
                                        Thanks

                                        6 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Use McAfee database for Webfiltering

                                          Please use McAfee website databases from UTM again!
                                          Please vote this feature!

                                          18 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 31 32
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.