XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. wccp

    Like one the previous products (Sophos Web Appliance) that had been replaced, having WCCP support on the XG appliance would allow it to be dropped in directly. Thank you.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow IP/FQDN exceptions on proxy settings

    We intended to host our website on our LAN. A public IP(a.b.c.d) was NAT to local server and it was accessible from open internet but the same public IP(a.b.c.d) was inaccessible from inside the LAN.

    On testing further, it was figured that when this public IP(a.b.c.d) is added to exception list (in advanced settings of proxy in Windows OS) as a.b.c.d or a.b.c.* etc, it worked fine.

    Sophos needs to have settings in proxy configuration where exceptions can be added, so that we don't have to make changes on >1000 computers.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Chrome SSO should work externally as well. With all our students being educated form home It'd be great to push their filter profiles.

    Chrome SSO should work externally as well. With all our students being educated fromm home it'd be great to push their filter profiles externally.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Please add safe search enforcement for duckduckgo.com on XG firewalls

    All of the top search engines should have an option to redirect to safe versions. Please add a add a safe search redirect for duckduckgo.com to goto safe.duckduckgo.com https://blog.hubspot.com/marketing/top-search-engines

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Block exe and allow by typing a password

    The idea is to block by default certain file types, and instaed of just blocking, I would like to add the possibility to download them, by using an admin password, this way, when the user faces this, an Admin can go and type the password to download the file.

    I already saw this working on other vendor, but do not rember which one...

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Unrecognized SSL Protocol Exception

    Allow exceptions for the Unrecognized SSL Protocol blocking. Currently, a single IOT device in an isolated subnet requires this feature to be disabled across the board.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow blocking of website using regex to allow for more flexibility in blocking sites.

    At the moment we can only block sites with keywords or domains, but we can add exceptions to allow sites through with regex. It would be great to be able to use regex to handle blocking also.

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos protection in MS Teams

    Although I can see that Microsoft Teams is now a controlled application, determining if a user can run it or not, I want to ensure that Sophos protects the computer from any data being passed thru Teams.

    For example, if one user posts a file that has a trojan or a virus, does Sophos catch it?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. YouTube education Filter

    It is very useful for schools and colleges if Sophos enable the youtube education filter option in web policy.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. show the reason why "This website is blocked"

    How about showing the reason a website is blocked. You are doing the blocking so you know what the reason is. Display it to the user. If it's a rule then display the text of the description box for that rule. Or even the rule name would be of some help. That way users don't have to call IT to find out the reason they can't reach a site is because they have a typo or corporate policy won't allow it or....

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Hide Protected by SOPHOS footer in website blocked page.

    Hide Protected by SOPHOS footer in website blocked page in SOPHOS firewalls to prevent from social engineering.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. User permissions distinguishing between ADDING and REMOVING an entry to web- /content filter

    A more granular permission setting than read-only and read/write in web- and content filtering would be great: distinguishing between ADDING a new category, activity or URL to a web policy or REMOVING an already existing one is often needed by clients.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Change/Override URL category for website

    I need to recategorize a site, similar used in Sophos UTM. Today I can only create a whitelist.
    Is there any possibility of doing this in the XG Firewall?

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Configure time allowed after Web policy warn

    I would like to be able to define the amount of time the device is given after proceeding through a web policy warn page. The hard coded value is 30 minutes but that is not long enough for some tasks.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Provide an easier way to deploy SSL Decryption CA on mobile devices

    I again noticed last night, the issue of getting Cert's onto Client devices in order for HTTPs decrypt and scan to work. Its fine for us IT people or Techies but for end users its always a headache (well in my case it has) So I wondered if it would be possible for Cert installation to be added as a feature of either Sophos Mobile control or another App that can be downloaded via the XG user portal or even just a link on the user portal (we already have the Client Auth cert on the user portal for IOS/Android…

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. happy eyeballs for Web protection

    As of right now, the Sophos XGs web Protection feature does not implement happy eyeballs which renders it unusable for IPv6 Endpoints - the only way to "fix" this is to simply force all http(s) traffic to use ipv4 instead.

    It would be nice to see real dual stack support by implementing Happy Eyeballs.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. executable files

    we need Sophos to add more executable files extensions MIME headers in the predefined file type that comes with Sophos.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Click-to-add Web policy modification from log viewer

    Hello Support Team,

    In log viewer of web Protection we can easily allow site by clicking right allow this site it will automatically go into FQDN site.

    It will easy to handle the site allow issue.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. File extensions mime headers

    At the moment files who match File extensions, or MIME headers are be blocked, or broke the downloaded file. It would be nice if there is a option, that only blockes files if extension and MIME Headers match.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. PAC/WPAD file hosting on XG

    Couldn't find it previously suggested, so want to throw this in the mix. It would be awesome if we could host WPAD/PAC file locally on the XG unit. If I missed it in the documentation I'd appreciate if someone corrected me.

    28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.