XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. logoff user

    We would like the ability to Log a user off by redirecting them to a web page / site.

    At present we are using http://sophos:8090/ to log a user on, but the ability to have a log out button and or feature of the same would be great.

    We are a school, so it helps from time to time.

    Thanks

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Privoxy functionality

    Privoxy is able to supress redirects that google is placing on their search results. OR redirects to analytcs sites.
    Blocking categories makes the search sites not usable.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Web Filtering Category with coinminer type website

    In asia so many bitcoin miner case.
    Taiwan was test target with many countrys.
    so many business customer want to detect inside or outside problem with miner attcked.
    but some miner website is normal and legal.
    Just hacking category can't include all miner webside, just only inlegal webside is not enough.
    Endpoint protection this product has application contral with miner type category.
    so why in XG can't do this?

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. "Skip Logging" for Web Filter Exceptions

    It would be nice if there was the option to "Skip" Logging of specific web requests in the Web filter. For example, I see my logs spammed with certain domains, even if it's blocked, such as ( trouter.io ) and it's quite annoying to sort through.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Find missing certificate in reliable source, such as AIA fetching.

    SOPHOS could deploy in XG a way to locate the missing certificates on a trusted certificate site, otherwise we will have to manually add the CAs to firewall. This feature is possible in browsers thanks to the AIA fetching extension.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Policy change intimations

    I want to intimate my employees whenever the web or Application or traffic shaping policies changes. It has to come as pop-up for the first time login after policy changes.from the second time it should not to come.once they accepts the terms and conditions.

    Is it possible,where i can configure this?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. surfing quota

    Sophos XG's time based quota works on logon time and session. When a user logs on to a machine the session will start and the quota will be triggered.

    If a user has granted web surfing Quota of Daily 1 hour Cyclic and he logons his PC at 9:00 hrs then his quota will expired at 10:00 hrs whether he has used Internet or not.

    As per the support team this is not possible right now and suggested a feature request.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. A URL for people to sign out of captive portal

    Right now if keepalive is not used, if a user closes their preserved browser window there is no way for users to log out. There should be a URL that users can call to log out. This is also a problem when people use iPads or iPhones, which has a network detection utility, and a popup login window. there is no browser logout window that opens when using an apple device.. thus no way for people to logout.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add support for RTMP/RTMPT/RTMPS over Web proxy

    RTMP/RTMPT/RTMPS failed to connect or not working with Allow all and Scanning.

    It is not supported with XG proxy as of now and need to add URLs or server IP under exception to connect with streaming server.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Import URLs in Exception

    In Web Protection Exception, we can not add more than 128 URLs and also there is not option to import. It is tedious job to enter so many URLs for exception.

    One may ask what is the need to make exception for such a large number of URLs, I got stuck in getting the Windows 10 Upgrade and the Support team gave me the list of URLs to add in exception, that is where I faced this issue.

    It'll be helpful in such scenarios where there is a large number of URLs to bypass.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Block tracking pixel and other beacons

    Enable the firewall to block the (currently 1x1) pixels used for tracking. Expand with other web beacons.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Custom header injection

    Option to inject custom header on specific ip or fdqn

    Please will be a great option for restriction in today's world of SAAS.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. 14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. More predefined Web Protection Exceptions

    Especially when using HTTPS decryption, but also the AV Scanning itself causes at lot of web services / sites and apps to break. It would be nice if Sophos provided more predefined exceptions that can be enabled as needed. Even if this is not directly implemented to the XG firmware itself, it would be nice if Sophos took the initiative to provide a central collection point for known issues with this e.g. a KB Site that has lists of commonly used exceptions to fix certain issues.

    With HTTPS Decryption enabled there's plenty of stuff that breaks:
    GoToMeeting, Zoom, TeamViewer, RMM…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. QOS application and web category profile functionality

    Hello,

    If it were possible, create QOS profiles that could be put to the user group or the firewall firewall rule. These profiles would contain the web and application categories inside, being possible to set different QOS for each application or WEB category. So we could limit the speed of a video from youtube to a user who is in a profile of qos and to another that is in another profile could get more speed. The idea would be not only to be global the configuration.

    That would be a great differential for the tool. The QOS configuration is…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. [#8003352] Need to add Exception in HTTPUpload Dynamic Category web policy

    This is regarding your service request number 8003352.

    Just to reiterate, we have taken the following steps to resolve the issue:

    1.As discussed on the chat you need to add exception in the HTTPUpload Dynamic Category policy to deny specific file types in the Custom Web Filter policy.

    2.We have guided you as of now it is not possible to add like this exception in HTTPUpload policy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Better categorisation of websites

    There needs to be better categorisation of websites. Currently we have to block the "Entertainment" category in school because a lot of illegal movie streaming sites are categorised under this category. There should either be another category made for "Illegal media download/streaming" or they should at a bare minimum be categorised as "Video Hosting"

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Web proxy client

    Add the ability to protect roaming user (system on Datacard, Public WiFi, Hotspot). It should not be dependent of any browser line Endpoint Protection but pure network LSP client.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. URL Groups Clone or Import Facility

    Feature of creating list of URLs is already there in Sophos, which is a really an essential featured. But for separate policies we need to create separate URL groups, in which most of the URLs are common. So I suggest like there is a option of Policy Cloning, we should have similar option of cloning a URL group/s or import and export of complete list of URLs in/from a group. This will ease the process of creating different URL groups for different policies. Currently we have to type of copy/paste only one URL at a time for creating a new…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Web Filter should log if a transaction is decrypted or not

    Insert a column in the logviewer to indicate if a page is decrypted for https when "Decrypt & Scan HTTPS" is on.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.