XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Mail Protection: File Protection Quarantine instead of removing Attachment

    Currently it is only possible to remove attachments from mails depending on file extensions or mime types. We would like to have a quarantine first approach which was possible on a SG.

    78 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Implement Soft Greylisting

    The bigger mail providers are sending the mails from its customers with different mail servers which are having different IP addresses to balance the load. But this is very difficult for a greylisting mechanism which is programed very strict. As a result some mails are coming through late or senders which are on the whitelist are blocked.

    There is a mechanism around which is called "Soft Greylisting". For example: The last byte inside of an IPv4 address is not getting analyzed in the assumption that the mail server are normally together in a subnet.

    I would like to get "Soft…

    46 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. MTA SMTP policy filter mails by headers from, to, etc..

    In the legacy mode of the e-mail protection module there are filter options of the e-mail headers, in the MTA mode there are no such options, as well as those of probable SPAM, probable virus, etc.

    It would be very interesting to have these options.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Combine Mail exceptions

    Combine Mail Exeptions like Sender (and/or) Mailserver (and/or) receipient address to
    make it more powerful and flexible.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. DLP protection sensitivity

    It has come to my attention that DLP on the XG only catches certain things like social security numbers and bank accounts if there are 10 or more listed in the email. Most my clients when sending emails are referring to a single account with one or maybe two social security numbers, so these would never get caught. Even one social security number or bank account not encrypted in an email is a big problem.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add blocked file type in log viewer or mail logs

    Please add blocked file type in the log viewer or mail logs so that we don’t have to go into policy test and see what file type is been blocked.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. SMTP authenticated relay on Sophos XG

    Hello Team,

    We have customer here requesting for XG to have a function as SMTP authenticated relay.
    For your assistance please. Thank You

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos Outlook add-in encrypt forwarded messages

    When a user replies or forwards a message that was previously sent as encrypted, the Outlook ribbon will show the Encrypt button as being pressed. This gives the end-user the impression that the mail will be sent as encrypted. But the add-in will not insert the "x-sophos-spx-encryption: yes" line in the e-mail header, so the XG will not encrypt the message. Please get the Outlook add-in fixed so that will properly modify the e-mail header when the Encrypt button is shown as pressed.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow FQDN host on email relay

    Enable email protection module -> relay settings -> Host Based Relay to allow from FQDN host rather than IP address. This will be useful when allowing O365 to relay through the XG firewall (required for email encryption when sending from an O365 tenant).

    36 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. S/MIME and OpenPGP Encryption

    I am not sure if something is already known about it but when can we expect that feature? Some of our customers are convinced of the XG but want to have mail-encryption with S/MIME and OpenPGP.....

    40 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Filtering mails based on their language

    We can block connections from country based rules, thanks for theSophos.
    But we can not filter mails if there is chinese , arabic or russian characters in its body.
    It would be very nice if we can filter mails with predefined character sets.
    For example if the subject has chinese charset or if the body has russian charset.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Export mail logs to CSV or extend email logs under log viewer

    When looking through Email - Mail Logs i'm able to view previous days/months. When looking through log viewer i'm only able to see the previous day. I would like an option to export mail logs from the Email - Mail Logs menu as this contains more usable data.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Configurable SPF settings

    on 17.5 new SPF settings if enabled, the behavior for SPF is if SPF results is NONE it will reject the email. There should be option to either reject or accept emails with no spf records.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Remove Specific SMTP Headers

    I'd like the ability to remove specific SMTP Headers from outbound emails, as was possible in UTM 9.

    This can be used, for example, to remove internal server names and IP Addresses from emails sent over the Public Internet

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sophos SPX Outlook Add-in - improved user friendliness

    Sophos SPX Outlook Add-in - improved user friendliness

    Problem/issue:
    The Sophos SPX add-in for outlook enables a user to encrypt outgoing emails. This add-in works just fine from a technical point of view, but it is not as user-friendly as it could and should be. When a user clicks on the Encrypt-button and enables encryption, it turns grey to indicate that it is enabled. But this is not easy to see for the user. This is not a clear indication showing that encryption is enabled, and especially if a user has enabled the dark or grey themes in newer versions…

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Validate passwords entered for smarthost and notifications

    It appears that passwords of a certain length or containing certain characters are not properly handled by Sophos when it attempts to authenticate with a smarthost. The result is that Sophos cannot authenticate with the smarthost and outbound e-mails remain stuck in the spool, showing as failed. There is no indicating in the logs accessible in the GUI that the problem is an authentication error.

    It might save users some frustration if Sophos were to either include validation logic to reject problematic passwords when they are entered and/or including a note or tip in the GUI indicating the applicable parameters…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable SPF protection on transparent mode as well as current MTA mode

    Enable SFP email protection in transparent mode.. with the phishing these days, it only makes sense (not just MTA mode as not everyone can use this efficiently or if they have additional anti-spam measures on their own mailserver.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Determine Outgoing Mails not only through sender domain (Problem with Spoofing Mails)

    Currently the Sophos XG and UTM Mailfilter seem to make a difference on Outgoing and Incoming Mails.

    An incoming Mail seems to be determined by checking the protected Domains. All Domains that are not protected Domains are incoming Mails.

    An outgoing Mail seems to be dtermined by checking the protected Domains. All Protected domains are incoming Mails.

    That could lead to several problems, because only the Domains are taken into account in this decision.


    1. In my opinion when "Scan outgoing mails" is not checked there is no check on "outgoing" mails. That could lead to problems with spoofing mails not…

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. SPX: Use hostname in reply button

    The SPX PDF has a reply button which points to the IP address of the XG firewall. Make it possible to change this IP to the FQDN, for example the hostname which is configured under SPX portal settings.
    Further it should be possible to add your own SSL certificate to this FQDN so a user will no longer receive a browser warning regarding the certificate.

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add Report for Outgoing Emails Attachment Size

    In Mail Usage Report on Cyber Roam Please add Attachment Size in an email Also Mention on report.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.