XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SPX

    Indispensable add Outlook-add-in for the versions of Office 2016 and 365.
    SPX is a perfect component for GDPR, but it does not work with new Office Click-to-Run.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Update Outlook add-in for newer Office versions

    Indispensable add Outlook-add-in for the versions of Office 2016 and 365.
    SPX is a perfect component for GDPR, but it does not work with new Office Click-to-Run.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. in the mail logs screen add two columns to select which email is spam or not spam

    add two Columns in mail logs with check boxes so the administrator can easily add/remove to the scope of quarantine filter

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Customizable Emails

    We would like the email to come from “Company Name” instead of “Sophos”

    Ex: It will say "Sophos <XYZ-sophos@xyz.com>".

    I realize there is not an editable field to modify from the services tab----> administration---> notification tab; but seeing how we manage many of these devices; is there some way around this limitation?

    For what it is worth; I believe this was an editable option in past series.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. notification of email spool backlog

    Mail spool will occasionally queue up incoming email messages and then never send them off to email server. MTA service is running but will not be able to successfully resend them until the service is restarted or a malformed email is delete from spool. Would like to at least have some type of notification of the mail spool queue growing (maybe beyond 50 records) and a GUI restart option for the MTA service.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. More buttons to manage spammed e-mails

    When you have to check the quarantined e-mail or the e-mail log, you can surf the pages only one by one. It would be a great improvement to have more buttons that give the choice to jump to a desire page, or to the last one.
    Futhermore, in the quarantined e-mail tag, if you want to whitelist/block an e-mail address or a domain, you cannot right click on the address and open a dialog box to perform these task.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Block mails with to many addresses in To: or CC:, so use of BCC can be enforced.

    To avoid fines it helps to be able to block outgoing mails with too many email addresses in To: or CC: field, with exceptions of course. And/or have a function to move all To: and CC: entries to BCC:.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. spam source ip column

    Currently it's not possible to view the source ip of SPAM mails being dropped by the Sophos XG. The column "source ip" is not available (while it's there in mail usage). Which makes troubleshooting impossible.

    Also for rule name "global" the subject is always "not available"

    According to the support session, both are feature requests.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Own CCL definition on Sophos XG

    Email protection and DLP on Sophos XG is possible use just with Data control list based on predefined dictionaries (CCL - content control list).

    Could you add support for definition of the own dictionary/CCL (based on keywords and regular expression)?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Sophos XG does not send quarantine digest for outboung emails

    Sophos does not send a quarantine digest if an outbound email is quarantined by antispam. I checked antispam engine for outbound traffic by using the gtube string. My Outbound message has been quarantined as expected. I am not notified about that issue. So my users are not able to recognize that important Business email are not delivered.

    I opened support case 03082732 for that behaviour. They told me:

    “Regarding the quarantine summary digest for the outbound emails, right now this feature seems not be supported on the XG.”

    Please improve quarantine digest.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Show traffic summary in log view

    Make the log items in "Email / Log Viewer" expandable and show traffic details with time stamps like:
    - incoming connection from
    - mail from
    - mail to
    - blocked because of
    - outgoing connection

    These information is sometimes crucial to trouble shoot mail problems and is otherwise buried in log files.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Switch to sha256 and 2048 bit key in transparent email scan mode

    Dear ladies and gentlemen,

    I would like to use the Sophos XG in transparent email scan mode, but the local anti-virus software (Kaspersky) complains that the (man in the middle) certificate issued by Sophos for the email server was issued with too weak an encryption algorithm.
    Signature algorithm is sha1, I think sha256 would be better
    and the public key is only 1024 bits long, better would be at least 2048.
    Just like Sophos does when re-encrypting SSL connections.
    All this would only be a minor problem internally, but I can't disable the re-scan on the client machines, because they…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block inbound e-mail based on "Address Group"

    The ability to block inbound e-mail based on "Address Group" would be good as you can import addresses from a TXT or CSV, at the moment the only way to do them is manually in general settings and add them one at a time, which takes long if your blocking hundreds of e-mail addressees associated to ransomware/malware/trojans etc.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Outbound mail released from Quarantine does not use configured IP in MTA rule instead it uses WAN interface IP

    Outbound mail released from Quarantine does not use configured IP in MTA rule instead it uses WAN interface IP and as all the DNS records available only for the Configured SNAT IP in MTA rule and there is no DNS record for the WAN interface IP.

    Quarantine mail failed to release as it takes WAN interface IP instead of configured SNAT IP.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Validate passwords entered for smarthost and notifications

    It appears that passwords of a certain length or containing certain characters are not properly handled by Sophos when it attempts to authenticate with a smarthost. The result is that Sophos cannot authenticate with the smarthost and outbound e-mails remain stuck in the spool, showing as failed. There is no indicating in the logs accessible in the GUI that the problem is an authentication error.

    It might save users some frustration if Sophos were to either include validation logic to reject problematic passwords when they are entered and/or including a note or tip in the GUI indicating the applicable parameters…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable SPF protection on transparent mode as well as current MTA mode

    Enable SFP email protection in transparent mode.. with the phishing these days, it only makes sense (not just MTA mode as not everyone can use this efficiently or if they have additional anti-spam measures on their own mailserver.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add Report for Outgoing Emails Attachment Size

    In Mail Usage Report on Cyber Roam Please add Attachment Size in an email Also Mention on report.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. IP List Object for MTA mode

    This is more of a bug than an actual idea. However the tech support for ticket #8659892 insists this is a new idea .
    When creating Exceptions in MTA mode , it allows us to create an IP List object when we want to define a new object to be selected. However This IP List object couldn't be selected at all.
    This behaviour is more of a bug than a new feature especially considering that it took them to find out for themselves that IP List is not supported (else they would have replied me that right away instead of…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improve DLP Notifications to sender

    When DLP encrypts a mail the notification that the sender receives has an attachment with the headers of the encrypted mail. Not all senders of email are IT admins. Please change the senders DLP notification so that they are made aware of which email sent was encrypted and why e.g. Your email sent to (recipient) at 27/1/2019 13:00 was encrypted as it contained an IBAN number.....

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. MAIL with Protected file got quarantined and not delivered to the recipient

    While some one send a mail with protected File as an attachment, Sophos will not show any logs in the e-mail Logs Troubleshooting and it quarantine mails even-if sender address/mail domain is added in the white-list.
    Sophos will send bounced back mail to the sender regarding nondelivery of the mail for those recipients who are in CC that sopho could not able to send the mail with recipient error .

    As of now solution is send the protected file as zip format in the attachment.

    Rakesh Maniya

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.