XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SMTP Quarantine Added Feature: Customizable Quarantine Digest Settings

    The Quarantine Digest (QD) is currently an all or nothing affair short of deciding if individual users receive the QD . There is no setting for individual users to have questionable emails bypass the digest and be delivered directly to them if they do not wish to bother with the extra steps of logging into the User Portal.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. SMTP Quarantine/Reject/Drop based on keyword/ip address

    Currently in MTA Mode you only have the ability to block inbound spam based on email address of FQDN. Having the ability to block by keyword and or ip address would be a significant gian. We curerntly get 20 od emails a day from "Famous Parts" all different email domains. If we could block "Famous Parts" or IP these would be siginificantly reduced.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable Release Link in Quarantine digest email

    Enable Release Link in Quarantine digest email for XG 18, like UTM, instead to message: "You can release quarantined emails only from user portal. To release them, sign in to user portal."
    Or remove the link.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. remove releaselink in Quarantine Digest

    please remove releaselink in Quarantine Digest.
    The standard user is not able to distinguish between harmless SPAM mails and dangerous SPAM mails.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Send additional Quarantine Report

    In UTM it is possible to send a second quarantine report on a different date.

    When the Quarantine Setting is on daily there should be an option to enable a second time.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable Quarantaine Digest for Public Folders

    At the moment there is no easy way to enable Quarantaine Digest for Public Folders as it was at the UTM 9
    Please sync public folders with the Exchange server

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Customizable Quarantine Email

    How do you change the default content within the Quarantine Digest.

    We want to add a company logo and change the default text within this email to something more user friendly.

    We also want to add instructions to this email for our users.

    How can this be completed.

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. SMTP MTA listen Interface/IP

    When enabling the SMTP Relay option for WAN, the SMTP port is open for all IP addresses (including Alias) you have assigned to the WAN zone.

    The feature to use the ACL (Administration-> Device Access -> Local service ACL exception rule) to assign a service to an IP is missing the option to bind the SMTP port to a set interface or IP address.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Email Exception Source IP

    Can you please implement a way that a Network Range of IP Addresses i.e MailChimp Mail Send IP Addresses can be added into the into Exception Source Hosts / Hosts? As it stands currently as of version 17.5.9 MR-9 is that you can add individually but not a range. Considering these ranges are a /16 /20 this could take some time to enter.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Switch to sha256 and 2048 bit key in transparent email scan mode

    Dear ladies and gentlemen,

    I would like to use the Sophos XG in transparent email scan mode, but the local anti-virus software (Kaspersky) complains that the (man in the middle) certificate issued by Sophos for the email server was issued with too weak an encryption algorithm.
    Signature algorithm is sha1, I think sha256 would be better
    and the public key is only 1024 bits long, better would be at least 2048.
    Just like Sophos does when re-encrypting SSL connections.
    All this would only be a minor problem internally, but I can't disable the re-scan on the client machines, because they…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. NDR

    I would like the ability to disable NDR's.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Key word blocking

    Our SG-210 had the ability to block/quarantine emails that had key words. It also showed the originating IP that the XG does not provide. These were great tools that I would like back.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. 5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Block inbound e-mail based on "Address Group"

    The ability to block inbound e-mail based on "Address Group" would be good as you can import addresses from a TXT or CSV, at the moment the only way to do them is manually in general settings and add them one at a time, which takes long if your blocking hundreds of e-mail addressees associated to ransomware/malware/trojans etc.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Outbound mail released from Quarantine does not use configured IP in MTA rule instead it uses WAN interface IP

    Outbound mail released from Quarantine does not use configured IP in MTA rule instead it uses WAN interface IP and as all the DNS records available only for the Configured SNAT IP in MTA rule and there is no DNS record for the WAN interface IP.

    Quarantine mail failed to release as it takes WAN interface IP instead of configured SNAT IP.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Malware scan feature

    Regarding the MALWARE scan mechanism, many times we have complains from office users that emails are moved to Quarantined because some files in them fail to be scanned.

    Can there be a discrimination on a future update, regarding the exact sub-reason of an attachment being unscannable ?

    For example, due to an error differs fromfile being locked with a password or a modified pdf failed to open or do open but with a pop up error message that user can bypass and view/edit file.

    To activate/deactivate above said parameters, based on specific Sender address / domain etc.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. SMTP Log Source and Destination IP

    Currently we have to way to find out from which source ip a rejected or accepted mail is coming.
    Also for Outgoing emails we dont know which remote server received our email.
    Please add to columns to the SMTP Log showing the SRC and DST IP.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. MTA SPAM Filter

    We need to have a better spam filter/content filtering in the XG Firewall. the SG Firewall has a better filtering/blocklist to prevent spam. the XG allows messages that were not allowed through on the SG. not sure if this was from one of the blocklist/RBL but we need that one back, the XG filter is fairly week. can you please put a better one in? also need better content filtering

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Email sending thru the corporate network should have the approval of email from the authority before it goes outside

    This is to check whether the mail going outside the network be authenticated and none of the malicious user would be able to share the confidential information thru email to the outside network

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Export Rejected mail Log Option

    We are using Sophos SXG310 and it is configured in transparent mode and for Mail, It is configured as MTA mode. So Mails which are been rejected based on RDNS or IP Address basis by Sophos, Neither recipients or Senders are aware of this failed delivery. So we want to export mail logs based on filter "rejected" for some specific time period from Sophos so that we can manually intimate the recipients regarding failure of Delivery.
    Please consider this requirement in next release.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7 8
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.