XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. high contrastdisplay scheme

    The color combinations on the XG website as well as the Sophos cloud site are week and promote eye-strain. My technicians now must turn on windows high-contrast to work on the the interfaces for any length of time. The colors are washed out and weak to say the least. A security company should denote strength rather than weak and washed out. What ever happened to any contrast ration with black easy to read fonts on a white or light crey background?

    Also we attempt to hire veterans and have some vision impaired veterans that cannot provide support for Sophos because…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Smart Card/Certificate Login for XG Management.

    We primarily work with Smart Cards for administration accounts as it is more secure than password authentication, we would like to add the option to be able to login with a smart card when managing the Sophos XG Firewall. Either that or adding a link on the login page to redirect to an ADFS SSO Server.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. SSO Client for Mac

    Could you please add an SSO Agent / Client for Mac OS devices?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. certificate

    Show usage of certificates.
    We had to renew our wildcard certificate due to normal expiration. We have bound the new cert. to all rules we could find using the old one. After all, we haven't been able to delete the expired cert, cause the UI told us it is still in use within an http-policy. In fact, it was in use in a deactivated business-policy and within the "admin-settings".
    It would be nice to have...
    a) a better error message with concrete details where the cert. is used, or
    b) The possibility to list all occurances directly from a certificate

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. DHCP Scope without gateway option

    Allow set DHCP gateway option to none. in some environments, it is necessary to provide IPs without having a gateway option

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Set names to each devices from cluster

    The active device of the HA Cluster in Control Center is indicating by his serial number.
    Is needing to be able to set a simple name for each device and monitoring Active device on the dashboard by his name.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. SFM: Add CCL Notifications

    In SFM, a notification for when a CCL entry is created would be ideal for Change Management. Upon receiving this notification from SFM, other administrators can look back over the CCL entry and bring up potential problems for reversion as necessary when they get an alert from SFM that a firewall's configuration was changed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow resizing UI

    Currently, no matter how big the browser window is, certain screens such as the "Firewall" screen which have tables with a lot of information on them don't resize themselves to fit the browser window beyond a certain size. This leads to information in many of the columns being cut off and a bunch of unused screen space. If screens such as "Firewall" did resize their table to take up as much of the empty screen space as possible in the browser window, it would make this information MUCH easier to look at.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. STAS is broken by Windows remote desktop

    We stumbled across a bug in Sophos Transparent Authentication Suite (STAS) running on a Windows domain controller which is used to resolve user identification and permissions. When you open a remote desktop session to another Windows computer on the lan, your machines ip address becomes associated with the login credentials you used for the remote session instead of your own credentials. From that point on the firewall believes all traffic from your pc is coming from that user instead of you. Closing the remote session will not fix it. Only relogging in to your machine will get your ip back…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Wants to add 2 email id at System - Administration - Notification - Send Notifications to Email Address

    Wants to add 2 email id at System - Administration - Notification - Send Notifications to Email Address

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Be able to open multiple tabs/windows

    Currently I can only have one browser/tab open to the admin portal which makes it difficult to move around different pages especially when trying to compare settings from one rule to another or an IPS that is applied to the firewall rule. It would be helpful to be able to right click and open in a new tab/window all links on the admin portal.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Alphabetize IPS/Application/Traffic shapping rules in the firewall rules

    When looking for a IPS/Application/Traffic in the firewall rules and other pages they are not alphabetized. If I want a rule to be showing at the top of the list I should be able to put a special character like a # and it will always be at the top.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Improve high availability logging

    At the moment it is not possible to see if the the initial syncing proces is finished and the auxiliary device is ready the become the master. Please give us a log where this is visible.

    Most needed when testing the HA function on-site. We restart node 1 und see if node 2 takes over. After that, node 1 comes back on and we need to see when we can restart node 2.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Reorder rules in SCFM Template

    In a template in Sophos Central Firewall Manager, it's currently impossible to reorder rules (neither create a new rule between two existing rules).
    It's supposed that this is a basic functionality of a firewall managing system.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Override administrator login timeout on a per user basis

    We want to create an account just for monitoring the status of the XG and have the control centre on display in the office. As this user is an administrator it's session times out after 10 minutes because that is the global setting we have for our other admin accounts. We don't want to change the global setting so it would be really useful if we could override it on a per user basis, similar to the concurrent login setting.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Unique identifier in browser title bar

    Identifying which browser tab corresponds to which XG when tabs all say "Sophos" isn't possible without memorizing or clicking through each one. Prefixing the page title that populates in the browser tab with either ip address, hostname, or some other custom variable would be helpful when working with many XG's. The icon alone tells us it's a Sophos product, the "Sophos" text adds nothing useful.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. polices for individual user

    Every individual user must have the possibles to change the web and application filter policy as like in cyberoam,

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. MAC Binding

    User Mac is not Binded automatically as like in cyberoam,
    Policy could not be applied for individual users pls try to sort these two as like in cyberoam

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to Identify Connected Computers

    On the main firewall console, there is a section at the top labeled "User & device insights", then Security Heartbeat. It shows the number of Connected devices with Heartbeat. I regularly check to ensure the correct number of devices are displayed, but I can't ever tell which devices are connected because you can't drill down into that information. It would be enormously helpful to display additional information if I click on the number of Connected devices.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.