XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. traceroute visible

    On UTM9 there was an option to enable "Traceroute visibility" but on Sophos XG (SFOS 17.5.5 MR-5 latest firmware version) there is not way to enable this feature.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Sophos XG to support VLAN 1 ID

    Hello Team,

    We have customer requesting for Sophos Firewall XG to support VLAN 1 ID as on UTM this is supported. For your assistance please. Thank You.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Hairpining

    Can automatic NAT hairpining be built into SFOS automatically like it is in UTM? Very frustrating to have to create hairpin rules in order to access published servers from behind the same XG firewall. The best solution I've found to date is to set the source zone as "any" on the business rule governing the DNAT for the published service, however, that masks the true source IP address for any device on the outside accessing that published service because the firewall translates the source to it's own IP address. That makes it impossible to filter and restrict access to some…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. DHCP for IPSec, SSL-VPN static IP for user, capacity for adding more lease ranges or duplicate settigs for SSL VPN

    DHCP for IPSec,
    SSL-VPN static IP for user,
    capacity for adding more lease ranges or duplicate settigs for SSL VPN

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. FAILOVER - Time for the primary link be the main link again after getting down

    In case we have automatic failover set and the primary link gets down, Sophos XG would change routes to the secundary link. So far all good. However, sometimes this main link is still facing problems and will get down again very soon. This instability will cause problems to the users.

    It would be good to have an option to set the time the primary link would become the main link again after it gets down. For example, only after 5 minutes the main link being up it would replace the secundary link.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Automatic Blacklisting and Reporting of Intruders

    Linux has a program called Fail2Ban which can monitor various system logs for events like failed login attempts and then act on those events by doing things like create black list entries in the firewall to block that IP address from accessing the firewall for a configured time period or semi-permanently. It also has the ability to notify the website https://www.abuseipdb.com/fail2ban.html of the intrusion. It would be very nice if Sophos could implement this or something similar in the XG.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Monitoring of Sophos XG210

    Dear Team,

    We want to monitor the all the parameters of Sophos XG 210 firewall.

    Parameter mainly include the Interface, Power supply, temperature etc.

    Could you please create the MIB / OID values for it then will help to monitor the system

    You can refer the case ID. #8792069

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Gateway failback timeout configuration in firewall

    Hi,

    When the Active gateway comes back online, traffic should fail back to the Active gateway within specific timeout option in seconds like Gateway Failover timeout.

    There should be an option for Gateway Failback timeout.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. DNS https

    DNS over HTTPS or DNS over TLS
    I know there is a feature request for DoT already but id like to add to that request by asking for the option to choose DoH or DoT?

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Stick IP functionality for NAT Pools or any NAT rule

    Coming from a Juniper background, we have the functionality of "Sticky IP" (Junipers "Address-Persistent") for any NAT rule. In Sophos you can only do this if performing a load balance NAT to a webserver (KB:132277).
    It would be great to be able to do this in any NAT rule.
    Thank you

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable user inactivity timer issue

    Enable user inactivity time frame must be encrage ,Inactivity timer should be more then 5days (1440 to 7200 mints),we facing issue in every Monday mins after holiday next working day for authentication.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. : www.cert-in.org.in. The alerts on latest malware are published under VIRUS ALERTS section.

    JCry ransomware is designed to encrypt data and append filenames with a ".jcry" extension. Once data is encrypted, JCry opens a pop-up window and generates the HTML file, "JCRY_Note.html", then drops a copy in every existing folder. The HTML file delivers a message informing victims about the encryption and ransom demand. This activity was observed in the Information Technology Sector.

    *******************************IOC*****************************
    Analysis:

    Host
    IPv4: 172.81.182[.]63
    Sighted: 2019-03-08 [only single sightings used]
    Kill chain Phase: Command and Control
    Characterization: IP Watchlist

    Host
    URL: http://185.163.47[.]134/flashplayer_install.exe
    Sighted: 2019-03-08 [only single sightings used]
    Kill chain Phase: Delivery
    Characterization: URL Watchlist
    [MD5:C86C75804435EFC380D7FC436E344898].

    Host
    URL: http://76.74.177[.]236/flashplayer_install.exe

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Integrate a Yara Engine rules on IPS

    Integrate a Yara Engine rules on IPS

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Create and maintain a host group for all O365 services this can be updated with firmware updates?

    Create and maintain a host group for all O365 service IP's this can be updated with firmware updates?

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Require firewall rule details under Intrusion Attacks report

    Information about the firewall rule should be displayed under Intrusion Attacks report.

    It will help to filter out allowed attacks in case if the IPS logs are not available.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add DynDns to support "dyndns.org". Currently it only support "dyndns.com" for XG.

    current XG only support dyndns.com but not dyndns.org

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow port forward of TCP and UDP in same rule

    So there's a limitation currently where if you're making a DNAT rule, and you want to change the destination port number, you can't forward ports from both TCP and UDP to the same server using the same rule.

    For example, I have an environment where RDP traffic from specific external public IP addresses is forwarded from one of my public IPs to an internal server (via DNAT). RDP uses both TCP 3389 and UDP 3389, but my users connect on a different port number (52389), which I need to forward an internal server on 3389.

    I can create services to…

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to apply UTM filters on traffic from Discover Interface so to create a report for POC

    Discovered traffic from Discover interface could be made more meaningful by applying web and application filters so to get some meaningful UTM reports not just application visibility for the new customer who wants to check the UTM capability of device before buying OR before device goes to inline production environment.
    Fortigate has some nice way with one-arm sniffer interface and sniffer firewall policy.
    It would definitely help sophos gaining more customers while doing POC

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Zone Groups

    It would be good to be able to build zone groups in a similar fashion to IP host groups, FQDN groups, service groups, etc. This would allow rules to include multiple zone sets quickly.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.