XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. multiple addresses in dhcp relay on xg firewall

    Describe how 2 addresses in a dhcp relay are processed, please.
    Round-robin?
    Failover?
    Is the second address completely ignored?
    Are both addresses tried, fastest response wins?

    If Round-robin, please add option to choose Failover.

    If Failover, what are the failover conditions?
    Please allow at least a timer condition that can be set.
    If Failover conditions are met, when does the relay revert back to the primary address?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. firewall hard drive maintenance routine

    I recently experienced a firewall freeze/crash and from what I read in the forums, the most common cause is some type of hard drive failure/corruption. I suggest the following:

    Create a maintenance routine and/or structure that allows the firewall to check its hard drive at regular maintenance intervals for file corruptions, bad sectors, etc. in order to promote a continuously healthy hard drive and firewall!

    Perhaps a parallel/mirrored drive system could both facilitate this maintenance routine as well as improve the firmware update process if it is not already existing.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. preventing user to changing password of user account

    When we provide same username for more than 2 person in case of examination or class . means multiple login with same user id, then any one can change the password and other will suffer. if password changing option will be disable then we need not to worry about these conditions

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Can Cyprus (Greek) and Cyprus (Turkish) be added?

    The Greek part of Cyprus is a member of the EU. An EU country group would need to contain the Greek part of Cyprus, not the whole of Cyprus.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. is it possible to display e.g. Hoste IP/Host FQDN items or groups, how and where the object is being used?

    is it possible to display e.g. Hoste IP/Host FQDN items or groups, how and where the object is being used/linked in the XG?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Grant Admin Rights to AD Groups instead of just users

    Would be great to be able to grant admin rights to an entire group instead of just a user.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add a UTC or GMT timezone

    There are only cities available for selecting a time zone. Some customers may want to their logs to be in UTC/GMT which is not a clearly available option. Adding a definition for UTC/GMT would be great.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. XG Firewall integrate with 3rd NSPM (Network Security Policy Management)

    I suggest create an integration of XG Firewall with 3rd solution of NSP for optimization and check rules duplicated, overlayed or shadowed. The XG Firewall not realize this functions and some customers want this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to use FIDO 2 and U2F Tokens to log in into Sophos XG management website and user accounts

    Using FIDO 2 Tokens for logging passwordless in into the Sophos XG Firewall as an Administrator or User would make it more comfortable and secure to log in.
    Using it as a 2FA using the U2F standard would make the login much more secure.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. iview

    I need to install VMware tools for integration with backups. There are many people that asking about this problema but nobody has open this idea.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatically turn down other Member interfaces in the bridge when one of the interface states is switched to down

    Automatically turn down other Member interface(s) in the bridge when one of the interface states is switched to down.
    For example, transparent deploy FW for detection. There are two interfaces (Port1 and port2) in a bridge group.
    PortE3 and PortE3 are connected to a switch (PortE3 --- switch A, PortE4 - switch B). If portE3 is switched to the down state, switch B will still send data to Port E3. After 4~5 seconds, STP will detect this change.
    We want PortE2 to switch to the down state immediately when the PortE1 state is down.In this case, stp can switch lines…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. import specific config

    when importing configuration from another device, it would be nice to have an ability to import specific configurations only like IPsec, SSL, etc instead of importing the whole configuration

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. User must change the password feature for Captive Portal when user logged in using LDAP

    When User login into the Captive Portal using his/her LDAP Credentials, he should be prompted to change his password on very first login or should be having an option to change his own password.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. GUEST Users details export

    After having created GUEST USERs (especially if they are many users), should be nice to be able to export the guest users details (Username, password -not encrypted-, duration, etc) in order to be used for other purposes, like to print some customized tickets (tickets with Company logo and other information).
    The "exported" list should be created in a plain (not encrypted) format (like text) or in a standard format to be used with Excel, or Word mailmerge function and so on.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Stop auto loading the Live Graph

    When navigating to Diagnostics --> System Graphs the page automatically renders all the graphs for the last 2 hours. This forces you to wait to change the time period. Please stop the auto rendering, and allow the admin to select the time period and click the update button.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Duo MFA integration to Sophos XG

    Apparently the older Sophos UTM has Duo MFA integration. Please build this into Sophos XG firewalls. Duo is extremely powerful, flexible, usable for individuals, companies or full-blown MSPs unlike most of the other MFA solutions available.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. 4G/5G USB Dongle Support

    I think it is high time Sophos updated the USB Dongle HCL to include modern technologies such as 4G/5G. With 3G ending for a lot of people soon many of the devices on the current list are about to become obsolete.

    https://docs.sophos.com/nsg/sophos-firewall/v17.0.9/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FAppendixD.html%23

    https://community.sophos.com/kb/en-us/123939

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add more note fields

    On the SG devices there are several fields for notes and comments which really help us in our job. The XG is only a few of them and in most cases there is no chance to add any comment to it.
    Please add at least the note fields from the SG devices.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Periodically sync with Active Directory

    Please allow us to sync periodically with Windows AD to pull new users, remove old ones, etc... and same with groups.

    It’s very difficult to manage 30+ firewalls with users being able to login to any of them depending which site they visit.

    Also need to allow nested groups support.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Update the BIOS on SG to change the HW ID so it appears as an XG once upgraded to SFOS?

    Right now we can upgrade later SG models to the latest firmware and essentially turn them into an XG at least from a firmware standpoint. Unfortunately they still show up as SG models which in turn prevents us from creating an HA pair with the same exact XG model even though the hardware is virtually identical. If you compare an SG230 Rev.1 and an XG230 Rev.1 they appear to be exactly the same. Why not give us a BIOS update so our upgraded SG model can now become an XG?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 39 40
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.