XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Download restriction of sslvpn configuration file for user in user portal

    Download restriction of sslvpn configuration file for user in user portal

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enhancements to Web Policy Overrides

    The "Web Policy override" is a welcome addition to Sophos XG, however I believe that there needs to be more options to enable admins to effectively control when these overrides are active and how they are implemented.

    I think Admins should be able to remove the "Allowed website categories" option so staff can only enable specific domains.

    Instead of the "Restricted to time periods" option i would prefer it if we could allow staff to select a start date and time, and pick from an admin controlled list of durations for the override (e.g. staff could set an override to…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. AD SSO Auth By Join Appliance to AD

    It will Be Helpful to back to old method Auth. between AD and SFOS like UTM that will be decrees the most of the STAS problems.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Better integration of eDirectory

    At present, eDirectory integration is very weak to the point of being unusable. Why?

    - Group membership cannot be imported from eDirectory but has to be manually assigned for EACH and EVERY user who is not supposed to be a member of the default group. The fact that this is not implemented is so surprising that it took even Sophos support a long time of treating this as an incident until they finally told me "It's not a bug,feature is simply not implemented." (case #7928200; case opened on 19.02.2018;case closed on 15.05.2018).

    - The manually assigned group membership does not…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Automatically submit unknown Web address for categorisation

    When blocking of unknown sites is activated you always have to submit many websites when you are surfing unusual websites such as blogs and personal websites of small companies etc.
    Could you please give XG an function to automatically submit unknown Websites for categorisation to Sophos when XG detects an unknown Website while surfing?
    This could improve the quantity and quality of the Sophos Website categorization data a lot!

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to block a specific web page

    Currently you can only block domains such as docs.google.com. Phishing attacks are being produced using google docs so I would like to be able to block an entire url
    ie. https://docs.google.com/forms/d/e/1FAIpQLSeRTnbGoDaAuJx_gZ0bHOIeS5MW9UI6PxoCJQ9It0mAFdUwSw/viewform

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Safeguarding

    Safeguarding reports to meet prevent duties and keywords monitoring preconfigured.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Targeted Verified Email List

    Procure Data is an established and renowned name in the field of email marketing solutions and marketing databases for clients across the US, Canada, Europe and other countries.

    http://www.procuredata.com/

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. whitelist exception for office 365 by default

    We've found that XG v17 and even some v16.5+ firmware breaks office365 activations, updates and downloads by Sophos' IPS/content filtering. The only way to get it to work is to go through the VERY long list to whitelist all the URL's to make it work. Office365 is a fairly widely used product for installations. Wouldn't it make sense to put in the exception's list (even if not enabled by default) in order to not have to do this for every firewall out there? Either that or fix the IPS/content filtering so that it stops tripping up on O365 updates and…

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Request to Increase the Inactive time to UNLIMITED for Android and IOS web clients

    Dear Team,

    Present in XG210 (SFOS 17.1.2 MR-2) Firewall, for Android and IOS web clients maximum inactive time is limited to 1440 minutes. If any user is not connected to Network with in 1440 minutes,he automatically logged out from Network.

    Kindly Update this, Android and IOS web clients maximum inactive time to UMLIMITED As soon as possible.

    Thanking you,

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Device specific web filtering for XG as in SG firewall

    Allow web filtering policy based on device types - Chromebooks, IOS, MAC OS, among other device types including Windows and Linux. This was really very useful in SG firewall

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Lifestyle Says

    Lifestyle says brings you a plethora of fashion, health, travel, etc. for the ever young and vivacious you. Keep yourself updated on the recent trends and innovation in the Lifestyle sector. We let you live your life to the fullest, enjoying every moment.

    http://www.lifestylesays.com/

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. URL Rewrite

    I'd like the ability to rewrite a URL for outbound proxy connections.

    For example, this could be used to remove or inject a specific setting into the query string for specific websites.

    I believe this is similar to how search engine "Safe Search" is set/enforced, but this could be set for other websites as well.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Map IP Address to a user

    I'd like to ability to map an unauthenticated IP Address to a particular user.

    This could require the user to 'sign-in' the first time, and have the firewall 'remember' their device/static IP address, or it could be set manually in the firewall for an IP address/range/list.

    This would need to work transparently with other authentication methods, such as Active Directory

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. allow exclusions for certificate validation

    for Web Protection it would be good to have the option to download / exclude certificates for certificate Validation (Block invalid certificates in General Settings).
    the setting like we have in SWA is missing in XG: http://wsa.sophos.com/docs/wsa/webhelp/swa/tasks/ConfigGlobalPolCertValidAddFromWeb.html

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web Block Tags

    When users see a blocked page it would be beneficial to see what group they belong to so that adjustments could be made quickly.

    Currently the only supported tags are: {user}{url}{category}

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. need require interface internet date, timing with speed wise report monthly

    need require interface internet date, timing with speed wise report

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. OCSP stapling

    OCSP stapling for the XG Webproxy.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Quota Time in actions (Policy Web Protection)

    add the option Surfing Quota in actions in the policies of the web protection as already exists in the UTM

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. DNS Web filter

    DNS Web filter would be a good add to Sophos XG.

    Reference:
    https://cookbook.fortinet.com/dns-web-filtering/

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.