XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Attachements in SPX

    Attachements of encrypted mails will be attached in the PDF file.
    It would be more user friendly, if all attachements could be seperatly attached to the eMail. Not all receipients have acrobat reader installed, but use for default Edge or similar to view PDF files.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make Sophos XG scan archives in mail attachments for forbidden file extensions

    In both - MTA and Legacy mode, currently there is no way to block file extensions which are inside archives. Example - php file in .zip as attachment.
    Tested and confirmed by the support guys - Ticket #7781559.
    Please add this functionality, because what we mostly see is malicious script droppers (.js mostly). This is not only my opinion, but as your partner we received multiple negative feedbacks regarding this.

    33 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Exception for unscannable/encryted files based on file extension

    I have a customer who sends and receives software specific files between other customers using the same software. These files are deemed unscannable by the XG and are quarantined. Without having to disable "Quarantine Unscannable Content" it would be handy to have the option to allow a particular file extension through based on a manually defined exception list. A secondary problem is the XG does not notify users of quarantined email if it has been categorised as "unscannable" leaving the user to guess if the email has been sent to them or they have to check the quarantine via the…

    22 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Customizable Quarantine Email Notification

    I would to request for a customizable Quarantine Email Notification, message send to the End-User and also after releasing Quarantine Emails.

    39 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. SPX

    Indispensable add Outlook-add-in for the versions of Office 2016 and 365.
    SPX is a perfect component for GDPR, but it does not work with new Office Click-to-Run.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Update Outlook add-in for newer Office versions

    Indispensable add Outlook-add-in for the versions of Office 2016 and 365.
    SPX is a perfect component for GDPR, but it does not work with new Office Click-to-Run.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Do not send multiple copies of quarantine digest in A-P HA mode

    Only send 1 copy of quarantine digest when XG is configured in Active-Passive HA.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. in the mail logs screen add two columns to select which email is spam or not spam

    add two Columns in mail logs with check boxes so the administrator can easily add/remove to the scope of quarantine filter

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Insert Banner on Inbound Mail

    Banners can be added for outbound mail, but not for inbound mail. Being able to add a banner such as "This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender." could help in slowing down phishing emails

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Customizable Emails

    We would like the email to come from “Company Name” instead of “Sophos”

    Ex: It will say "Sophos <XYZ-sophos@xyz.com>".

    I realize there is not an editable field to modify from the services tab----> administration---> notification tab; but seeing how we manage many of these devices; is there some way around this limitation?

    For what it is worth; I believe this was an editable option in past series.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. DMARC Support

    Please add DMARC to the E-Mail Protection. More Information under https://dmarc.org.

    This is a very important Security Feature for us.

    Thanks

    91 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow/Deny right to release quarantined message per-user

    In UTM it is possible to decide in which cases users get the right to release their quarantined e-mails or only an utm-administrator. We believe a lot of users do not have the competence to decide wether an e-mail is worth to be released from quarantine or not.
    Please make this feature possible in XG, because many customers don't want to switch to XG because of this feature. We also ask for the possibility to choose several data types for attachment based policies, not only one type. It is not really practicable to choose all data types and then to…

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow modification of Data Protection notification emails

    Submitting on behalf of client.

    When using data protection and data control lists for email protection outbound to automatically SPX encrypt with "Notify Sender" checked; if someone tries to send an email hitting the rule, currently the subject line is something along the lines of "Your Email violates Organization Confidentiality Policy". Customer would like to have the ability to modify/customize this subject line.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. FQDN for quarantine notifications to avoid certificate errors for users

    FQDN for quarantine notifications to avoid certificate errors for users

    35 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add override for sender greylisting

    Greylisting is a great addition, but emails can be long when it comes to reception because of how the email server at the other end is setup. In one case I had a 100 ips cycled through before the email was accepted in the grey list. The IPs where all in the same subnet.

    It would be nice to add a feature where the administrator can automatically whitelist the greylist or say that a particular subnet is permitted to be whitelisted.

    This would save a lot of time on emails coming in for the first time from a particular source.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Select which public IP MTA responds to

    When running MTA, MTA responds to all the public IP addresses available on the XG. To stop the MTA working on those public ips, you can create a firewall rule that does port forwarding to a non-existent IP address. This stops the MTA working on those public ip addresses.

    When you do a port scan on those public IP addresses, port 25 still shows as open.

    I think it should be possible to configure which public ip addresses MTA actually listens on.

    Support suggested I should raise this as a feature request.

    In configuration of MTA, you never specify the…

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support ISO-2022 encoding for Japanese mail quarantine

    The ISO-2022 code used as standard in Japanese is not displayed.

    UTF-8 is used very little in Japan.
    Please correspond to ISO-2022.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. notification of email spool backlog

    Mail spool will occasionally queue up incoming email messages and then never send them off to email server. MTA service is running but will not be able to successfully resend them until the service is restarted or a malformed email is delete from spool. Would like to at least have some type of notification of the mail spool queue growing (maybe beyond 50 records) and a GUI restart option for the MTA service.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Spam Action Reject

    Black holes are a problem.
    There MUST be the option to REJECT an e-mail when detected as spam.
    Consider the following situation:
    Somebody sends a genuine e-mail to your organization. Your Spam protection considers it as spam and DROP it (false positive) and the intended recipient, don't receive it.

    The sender will never know that the e-mail was not received. In fact, for the sender, the email was delivered because if you check the sender's smtp log, you will find a "250 message queued"
    And the recipient will never know he has not received a valid e-mail.

    If instead of…

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. More buttons to manage spammed e-mails

    When you have to check the quarantined e-mail or the e-mail log, you can surf the pages only one by one. It would be a great improvement to have more buttons that give the choice to jump to a desire page, or to the last one.
    Futhermore, in the quarantined e-mail tag, if you want to whitelist/block an e-mail address or a domain, you cannot right click on the address and open a dialog box to perform these task.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.