XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. firewall name

    When you are configuring something using the web interface you can't see the firewall name unless you are in the dashboard. It would be nice to have the firewall name at the top of the web page.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Network Interface Status

    Can you show Network Interface up/down status at Main/First Screen
    (Control Center --> Interface)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Sophos XG v18 Rule & Policies display size

    Can we please increase the size of the box used to show the Firewall rules to something larger that 5 rules?

    Making it expandable either manually or automatically as you expand or collapse rules..

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. karthik@zog.live

    Please add the modification for hotspot voucher templets and captive portal registration page

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Let's Encrypt integration like the SG already has.

    Please integrate Let's Encrypt. I remember an anouncement at one of the first XG Roadshows that new features will be provided for xg and later maybe for sg. But SG gets Let's Encrypt first and un XG we waiting for it since years....

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Make DNS-Request Routes actually use the additional DNS-Servers specified

    When creating a DNS request route via Network -> DNS -> DNS request route, one may specify a list of hosts to be queried for this specific DNS-domain. According to the UI, the order of this list indicates priority of the servers.
    However, should the first server fail to reply (because it is down or unreachable), NO other DNS-server will be queried. According to Sophos Support, this is the intended behavior as the additional Servers are only queried if the first server replies with NXDOMAIN.

    This is obviously not usable as a failover scenario and is certainly not the behavior…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Include reserved ip addresses in backup

    Unless I'm mistaken, experience taught me that restoring from backup will not re-populate reserved IP addresses based on MAC.
    This, combined with the manual-only method of entering reserved IP's makes for a lot of work in situations where a long list of reserved IP's exist and need to be kept.
    Could this please be reviewed?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Turn on/turn off an IPv4 unicast route

    Hello all, could you add the option to turn on/turn off an IPv4 unicast route? UTM v9 has had this feature for years and I think for many reasons other administrators would welcome it too.

    Thank you in advance
    alda

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Sophos XG - Policy Tester - Exception

    Sophos XG should display the Name of Exception on results of Policy Tester.
    If You test a policy, the result show only which exceptions skips is applied.
    So, will be very nice if show the name of Exception to troubleshooting.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. v18 - firewall rules - nat rules - visibility of linked rules

    v18
    In firewall rules interface, you cannot see which NAT rule or MASQ is being applied to the firewall, you need to switch between two interfaces tabs, this is a nightmare for datacenters with BGP where a customer has a separate BGP ip... and troubleshooting. Ergh!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Configure Hotspot users for backend/radius authentication on XG Firewall

    We use this feature on our SG System for internal and external User.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. 3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Why is there on the different pages no reference to the name off the firewall. If you manage different firewalls and you have differe

    Why is there even on the control center page no reference to the firewall name.
    I don't memorize all serial numbers.
    If you manage different firewalls or have multiple firewall windows open, it is easy to make a mistake because you cannot easy see the name off the device you are working on.
    At least the control center window should have the firewall name, but also on other pages this would be very helpful.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support for HSM to Protect XG Appliance Private Keys

    Sophos is heavily promoting TLS inspection, especially with the engine improvements in v18.

    Given that those features require creation and enterprise wide trust of an issuing CA certificate for the XG, there are obvious concerns about the security of this key.

    Can Sophos include support for cryptographic Hardware Security Modules (HSM) via network and/or USB to protect the confidentiality of these crucial keys and provide a higher level of confidence in defending against unauthorised extraction of the private key from the XG appliance.

    The client authentication feature also requires enterprise wide trust of a private key for the XG appliance(s).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. WAN Authentication for Firewall Rule

    I miss a Pre-Authentification Option for WAN 2 LAN Rules. Example for TS Access. ALL Sonicwall Boxes have/can this!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. firewall rule with last access date and time

    It would be great for audit unused firewall rules, if all rules had information with the last access date and time.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. A group setting for multiple MAC host.

    In SYSTEM > Hosts and services , there are group setting for IP host and FQDN host.
    Please also add the group setting for MAC host.

    Customer is using the Sophos wireless; when they configure "MAC filtering", they hope can select a MAC group rather than MAC list.

    One specific name mapping to a MAC address , then grouping multiple MAC addresses to a group, for easy to maintain the MAC filter table.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Planed Firmware Update Sopohs XG

    In Sophos XG in there is no option to plan a Firmware Update. You just can update it manualy. I woul'd like to have the option to plan a installation of the Firmware Update.
    It would be very helpful.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 25 26
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.