XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SPX template per domain

    We only want SPX encryption being activated when a user explicitly enables "Encrypt" via the Outlook SPX plugin. In all other cases the mail should not be encrypted.
    We have a Exchange server with several domains. I want to make a rule that mails being sent from (domainA.com) are using "TemplateA" while mails being sent from (domainB.com) are using "TemplateB".
    Please make it possible to use a template based on the domain.
    Now you van only set a template for a domain (via SMTP route&scan) if you want that ALL mail is being encrypted.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. SPX: Use hostname in reply button

    The SPX PDF has a reply button which points to the IP address of the XG firewall. Make it possible to change this IP to the FQDN, for example the hostname which is configured under SPX portal settings.
    Further it should be possible to add your own SSL certificate to this FQDN so a user will no longer receive a browser warning regarding the certificate.

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. More buttons to manage spammed e-mails

    When you have to check the quarantined e-mail or the e-mail log, you can surf the pages only one by one. It would be a great improvement to have more buttons that give the choice to jump to a desire page, or to the last one.
    Futhermore, in the quarantined e-mail tag, if you want to whitelist/block an e-mail address or a domain, you cannot right click on the address and open a dialog box to perform these task.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. editable text for attachment removal

    After an attachment has been removed, a standard text is added. For a better understanding of the recipient of the mail, it would make sense to adapt the text from the administration.
    Text resource should therefore be changeable and not stored in the binary file, as is currently the case.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Mail Protection: File Protection Quarantine instead of removing Attachment

    Currently it is only possible to remove attachments from mails depending on file extensions or mime types. We would like to have a quarantine first approach which was possible on a SG.

    78 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. We should receive mail alerts and list of users who have registered on XG portal for SPX encryption module

    We should receive mail alerts and list of users who have registered on XG portal for SPX encryption module

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow FQDN host on email relay

    Enable email protection module -> relay settings -> Host Based Relay to allow from FQDN host rather than IP address. This will be useful when allowing O365 to relay through the XG firewall (required for email encryption when sending from an O365 tenant).

    36 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. S/MIME and OpenPGP Encryption

    I am not sure if something is already known about it but when can we expect that feature? Some of our customers are convinced of the XG but want to have mail-encryption with S/MIME and OpenPGP.....

    40 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Delete Emails in SMTP Quarantine after xx days

    At the moment Emails in SMTP Quarantine will only be deleted, if the Quarantine Area is full. Other Sophos products auto-delete these Emails after 30 days. It would be great, if the XG does that too.

    27 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Block mails with to many addresses in To: or CC:, so use of BCC can be enforced.

    To avoid fines it helps to be able to block outgoing mails with too many email addresses in To: or CC: field, with exceptions of course. And/or have a function to move all To: and CC: entries to BCC:.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Attachements in SPX

    Attachements of encrypted mails will be attached in the PDF file.
    It would be more user friendly, if all attachements could be seperatly attached to the eMail. Not all receipients have acrobat reader installed, but use for default Edge or similar to view PDF files.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Integration of https://haveibeenpwned.com/ into XG Firewall

    The "Have i been pwned" Service is a great thing to check for breaches in online Accounts.
    One customer had a breach because of credential stuffing. He used the same password for some online Accounts as well as his Active Directory Account.

    We checked a lot of other Mailadresses with this service.
    And found some more breaches.
    The Sophos XG, because of its insight in company Mailadresses, could potentially use this service to warn admins, that an email / password combination has been found on haveibeenpwned and immediate action is necessary.
    As a field on the Dashboard with some informations…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Policy to apply SPX to all outgoing mails from specific hosts/networks

    For automated email systems it would be very helpfull, if you can create an email protection rule that will encrypt all outgoing mails with SPX that are sent from an specified host from internal LAN

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Reject invalid HELO or missing RDNS exceptions

    For internal use it would be usefull to allow exceptions for this.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. SPX reply to include attachments

    When a recipient of an encrypted mail replies there is no option to include an attachment as part of the secure reply. This was a feature on the SG, needs to be added to the XG.

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow/Deny right to release quarantined message per-user

    In UTM it is possible to decide in which cases users get the right to release their quarantined e-mails or only an utm-administrator. We believe a lot of users do not have the competence to decide wether an e-mail is worth to be released from quarantine or not.
    Please make this feature possible in XG, because many customers don't want to switch to XG because of this feature. We also ask for the possibility to choose several data types for attachment based policies, not only one type. It is not really practicable to choose all data types and then to…

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. spam source ip column

    Currently it's not possible to view the source ip of SPAM mails being dropped by the Sophos XG. The column "source ip" is not available (while it's there in mail usage). Which makes troubleshooting impossible.

    Also for rule name "global" the subject is always "not available"

    According to the support session, both are feature requests.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add override for sender greylisting

    Greylisting is a great addition, but emails can be long when it comes to reception because of how the email server at the other end is setup. In one case I had a 100 ips cycled through before the email was accepted in the grey list. The IPs where all in the same subnet.

    It would be nice to add a feature where the administrator can automatically whitelist the greylist or say that a particular subnet is permitted to be whitelisted.

    This would save a lot of time on emails coming in for the first time from a particular source.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Mail Policy based on Sender email address/domain

    We have a customer who regularly receives encrypted emails due to the content of the email.

    We've recently discovered that if an encrypted email comes in and 'Quarantine unscannable content' is selected, the email is quarantined and the user doesn't receive their Quarantine Digest email (which is by design).

    My ideal solution would be to create a separate incoming Mail Policy which allows me to specify the sender's domain (or group of domains) where I can deselect 'Quarantine unscannable content,' so that encrypted emails from those senders aren't quarantined. I would then be able to re-order the Mail Policy to…

    32 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow modification of Data Protection notification emails

    Submitting on behalf of client.

    When using data protection and data control lists for email protection outbound to automatically SPX encrypt with "Notify Sender" checked; if someone tries to send an email hitting the rule, currently the subject line is something along the lines of "Your Email violates Organization Confidentiality Policy". Customer would like to have the ability to modify/customize this subject line.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.