XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. MAC not capture in Authentication agent app

    MAC not capture in Authentication agent mobile app
    To impliment MAC bases authentication.
    Please provide New version of App in Android and ios to capture MAC also.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to restrict ALL system services under Administration -> Device Access

    This is similar to https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/16593775-assign-the-built-in-services-vpns-admin-etc-to which was marked as "Already Possible" even though it is not. I want to restrict RED device access to a single external IP address. Currently ALL external/WAN IP addresses have port 3400 open listening. I can restrict SSL VPN and User Portal but I cannot restrict RED access or IKE (port 500) even if I wanted to. This is causing me pain in my PCI compliance scans. If this cannot be done then I need to be able to enable these services per IP address and not per Zone like it currently is.

    If I…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Sophos XG Firewall Gateway Specific Web Filtering/Application Control

    Would be great if we had this feature. When using a backup gateway on a rule we don't necessarily want to allow as much traffic to pass over that gateway as on the primary gateway. Our backup gateway may be capped or not able to sustain such a large amount of traffic rendering it unproductive in the event that we need to use it. If we could setup gateway specific web and application filters that would allow us to limit or restrict what traffic passes over a gateway - specifically a backup gateway - we could limit and block all…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Shared Network Quota

    I have a new request about issuing shared limit network quota for a group.
    Now when I assign to network quota to group , that group each user will getting that particular data quota.

    Ex: User Group Name - Test and Allocated 200GB to group, The test group have 10 Users.
    As now In sophos Each user will get 200GB. But I want to use this 200GB as a Shared Data bundle.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. AD Password Change using user portal

    I'm using AD as authentication service in my sophos xg.
    But users can't change password using user portal.
    So pls enable that option for the AD.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Include trusted Certificate on sophos

    I have a huge problem with doing HTTPS Decryption and Scaning.
    Because in my enviroment haven't AD to push self-signed certificate.
    So I want to add CA Author Signed certificate, But unfortunatley any of CA Authority not providing root certificate. Therefore I have new suggestion , Pls add sophos own CA Signed root certificate to sophos firewall. It will be helpful all of sophos users to enable HTTPS Decryption and Scaning without installing certificate manually. Because browser will trust certificate automatically. I still waiting for solution for this.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. With active MPLS link bypass Particular Server IP Traffic through IPSEC S2S VPN link

    A particular Server IP address which is included in the Static Route range for MPLS

    connection need to redirect through IPSEC Site to Site VPN link.(Case ID 9440485)

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Alert on advance threat Protection and Web protection

    PLease allow us to receive alerts for advance threat Protection and Web protection. If there is any kind of DoS or DDOS attack and any type of Web application blocked, admin can get alerts instantly on email.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. PPPOE time period option to reconnect after long outage

    PPPOE connection does not reconnect after being out of service (Outage) for too long. Need an option to set a time period for a attempt to reconnect after a long outage. The only solution for now is to get back to the office and reconnect manually which is a pain.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Load Balancing of inbound SSL VPN connections

    It is better to have load balancing on SSL VPN. This will help us in managing the traffic when 50 users connected to SSL VPN

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Match IPS Signatures between all appliances

    Sophos XG IPS signatures differ between 1U and 2U appliances. As of today, 1U and virtual appliances scan for 7,000 signatures; however, 2U appliances scan for over 22,000. We have been told this is by design given the lower compute on 1U/Virtual appliances. This means that customers with a 2U appliance are better protected than those with 1U. We would like signatures to match between all appliances and have an option to trim up signatures, if needed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. control ICMP handling like in UTM

    Ther is no possibility to disallow ICMP packages to the gateway adresses from the used adapters

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Apply different load balancing condition for specific firewall

    Customer would like to have different load balancing condition for specific firewall rule created. For your assistance please. Thank You.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. TOR exit nodes as a WAN Source

    Please create and update daily the TOR exit nodes as a WAN Source network. Ideally we would want to block anything attempting to access, scan or interact with our WAN IP Space from such a risky source.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Bypass voucher login for specific host (MAC)

    I have third-party WiFi APs connected to a network port on Sophos XG firewall and hotspot/voucher defined on Wireless configuration. I have specific hosts that need to be able to authenticate/access Internet without voucher login. These specific hosts do not have web browser or capability to login with a voucher (example: PoS terminals) and hence the need to bypass login based on either MAC address or IP address by creating a firewall rule. However, this is not working and it forces the host to login.
    Ticket #9121971

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. nmap in XG Firewall

    Install nmap in XG devices would be very useful as it is in SG devices. Is that possible to do it in next releases?

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. DHCP flease for more than 30 days

    DHCP lease for more than 30 days, 30 days are not enough in some cases!!!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. High availability between physical and virtual

    Allow high availability between physical machine and virtual machine in Sophos XG.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Vunerability Check Tool

    Hello.

    Today I miss a tool that verifies possible faults in the XG firewall, for example, browser exploit, vulnerability with control communication, zero day, download of infected files, among others.

    I believe that the development of this type of tool is important for an overview of the environment, regarding possible vunerabilities.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Port Triggering feature on Sophos Firewall

    Hello Sophos Team,

    We don't have feature of Port Triggering on Sophos Firewall, Can we have a feature on Sophos XG Firewall. It can help me solution over Ransomware,

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 9 10
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.