XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Option to disable Email notification completely

    If we enable email notification we can not turn it off we must have the option to disable email notification along with to choose which notification must be enabled like WAN link or backup.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improved process for changing the system language

    A clear (coloured) warning that the admin must click through to acknowledge that changing the system language also performs a factory reset, losing all configuration. It should also save/backup the configuration and give you the option to automatically restore it after the reset is completed.

    Deutlicherer, farbliche Unterstreichung/Hervorhebung bezüglich dem Hinweis beim wechseln der Sprache, dass hier die Konfiguration der Firewalll gelöscht wird und somit die Firewall in den Auslieferungszustand gesetzt wird . Das vor dem Neustart ein Update der aktuellen Konfiguration der Firewall gespeichert werden muss (Aufforderung kann nicht weggeklickt werden). Das Speichern der aktuellen Konfiguration wird dann im…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. restore option from local device in console menu

    restore option from backupfile on local device in Console menu

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ability to export back end diagnostic logs

    The back end diagnostic logs contain valuable information, but are difficult to utilise when having to work with several side, especially Microsoft Azure platform.
    There needs to be a way to export / access the diagnostic logs for IPSec and PPPOE without having to SSH connection to the console and just tail them.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Use FQDN hosts and host groups in all policies and services

    Make the FQDN host and host group available in any required service and menu. We live in the DNA era, not in the Stone Age.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Consistent and "advanced" table rendering throughout the product/UI

    This is for ALL Tables in the XG Gui and Portal.

    The Idea is having a consistent and advanced table rendering framework throughout the product/UI

    This is really annoying ... and almost any other web GUI based system has this "function" or framework.

    But the Voucher Table being the worst!

    So let's take the Voucher Table: (but applies/must apply to ALL UI places where tables are shown)


    • You can only sort by "Code" ?? ... no other Fields (>>ALL<< Fields should be sortable, searchable and filterable)! Always and in every table.

    • have an option to export to CSV

    • I should…
    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Increase maximum number of zones to greater than 100

    Currently the maximum number of zones is set to 100. Can this be enlarged to, f.i., 200.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. High-contrast option for Admin UI

    The color combinations on the XG website as well as the Sophos cloud site are week and promote eye-strain. My technicians now must turn on windows high-contrast to work on the the interfaces for any length of time. The colors are washed out and weak to say the least. A security company should denote strength rather than weak and washed out. What ever happened to any contrast ration with black easy to read fonts on a white or light crey background?

    Also we attempt to hire veterans and have some vision impaired veterans that cannot provide support for Sophos because…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Smart Card/Certificate Login for XG Management.

    We primarily work with Smart Cards for administration accounts as it is more secure than password authentication, we would like to add the option to be able to login with a smart card when managing the Sophos XG Firewall. Either that or adding a link on the login page to redirect to an ADFS SSO Server.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. DHCP Scope without gateway option

    Allow set DHCP gateway option to none. in some environments, it is necessary to provide IPs without having a gateway option

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Set names to each devices from cluster

    The active device of the HA Cluster in Control Center is indicating by his serial number.
    Is needing to be able to set a simple name for each device and monitoring Active device on the dashboard by his name.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. STAS should ignore logins to Remote Desktop sessions

    We stumbled across a bug in Sophos Transparent Authentication Suite (STAS) running on a Windows domain controller which is used to resolve user identification and permissions. When you open a remote desktop session to another Windows computer on the lan, your machines ip address becomes associated with the login credentials you used for the remote session instead of your own credentials. From that point on the firewall believes all traffic from your pc is coming from that user instead of you. Closing the remote session will not fix it. Only relogging in to your machine will get your ip back…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Be able to open multiple tabs/windows

    Currently I can only have one browser/tab open to the admin portal which makes it difficult to move around different pages especially when trying to compare settings from one rule to another or an IPS that is applied to the firewall rule. It would be helpful to be able to right click and open in a new tab/window all links on the admin portal.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Alphabetize IPS/Application/Traffic shapping rules in the firewall rules

    When looking for a IPS/Application/Traffic in the firewall rules and other pages they are not alphabetized. If I want a rule to be showing at the top of the list I should be able to put a special character like a # and it will always be at the top.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Improve high availability logging

    At the moment it is not possible to see if the the initial syncing proces is finished and the auxiliary device is ready the become the master. Please give us a log where this is visible.

    Most needed when testing the HA function on-site. We restart node 1 und see if node 2 takes over. After that, node 1 comes back on and we need to see when we can restart node 2.

    36 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Override administrator login timeout on a per user basis

    We want to create an account just for monitoring the status of the XG and have the control centre on display in the office. As this user is an administrator it's session times out after 10 minutes because that is the global setting we have for our other admin accounts. We don't want to change the global setting so it would be really useful if we could override it on a per user basis, similar to the concurrent login setting.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Search by host to return all relevant firewall rules

    There is no option to search the host that host is enlisted in how many rules. There is an option in Packet Capture but it shows only one rule thru which his traffic is passing thru.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Drill-down from Control Center to Identify Connected Computers

    On the main firewall console, there is a section at the top labeled "User & device insights", then Security Heartbeat. It shows the number of Connected devices with Heartbeat. I regularly check to ensure the correct number of devices are displayed, but I can't ever tell which devices are connected because you can't drill down into that information. It would be enormously helpful to display additional information if I click on the number of Connected devices.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. SNMP for XG Firewall Upgrade

    Hi ,

    I request you that SNMP OID should be added for the the SOPHOS XG Firewall - MIB for Monitoring purpose as present MIB does not able to capture below points.

    1.Interface Utilization
    2.Bandwidth Monitoring
    3.Interface IP details
    4.WAN Link monitoring etc...

    Please have these all OID added in the Sophos XG MIB

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improve SNMP monitoring

    Hi ,

    I request you that SNMP OID should be added for the the SOPHOS XG Firewall - MIB for Monitoring purpose as present MIB does not able to capture below points.

    1.Interface Utilization
    2.Bandwidth Monitoring
    3.Interface IP details
    4.WAN Link monitoring etc...

    Please have these all OID added in the Sophos XG MIB .

    53 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.