XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to monitor WAF status via SNMP

    In troubleshooting our WAF performance, we found that the default values were throttling Web connections:

    default config:

    cc get reverseproxy maxprocess = 16
    cc get reverseproxy maxthreadsperprocess = 50

    Updated:

    cc set reverseproxy maxprocesses = 32
    cc set reverseproxy maxthreadsperprocess 75

    With these settings enabled, there is no way to monitor that you are reaching the max number of threads/processes. Need and SNMP check to be able to alert on this metric.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  2. Firewall rule traffic graph display

    want to see the traffic of every firewall rule ID on graphical form
    Not just see the traffic on the interface
    PS. It is visible on the past Juniper SSG.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  3. Use DNS or AD computer names in reports

    Hello Support,

    We have a lot of Sophos clients in our network. we have configured the reporting feature to analyses the network threats and the user monitoring etc. Currently we are getting reports which contains the IP of client computers. Is it possible to tie the IP to DNS or AD so internal computer names show up and not just the IP?

    Thanks in advance.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  4. Report on all blocked activity

    Need report that can be by IP, Username, country, up/down from/too. Show all activity and then sort by blocked, or passed, or firewall rule. No different then the logging but in a report form that i can run from a specific date and time. Months, weeks, days, hours, minutes, or seconds. Should not be hard since you have the logging already now very simple to put into reporting.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  5. Log viewer: Apply filter manually only after setting criteria first

    Log viewer automatically processes and filters data every time there is a change in the criteria. frustrating having to wait for the filter to show results, before being able to select all the criteria first. e.g. if I want to filter by IP and port, first I need to select IP, and then wait for filter to be applied, before I can select the port criteria.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  6. Log/Report when user runs out of data quota

    We need a feature in reporting that when a user get his data exhausted firewall create log for that user with date and time..

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  7. Custom subject line for Backup emails

    XG Firewall should have option to setup custom subject line while getting backup email notifications

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  8. Scheduled web usage by bytes

    Setting to choose whether the scheduled reports will be categorized by hits or bytes. Currently scheduled reports are sent only by hits but on the XG you can sort by bytes/hits. We would prefer bytes since this would show the most download usage on a site.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  9. Reporting on Group usage

    How to view user group based reports
    Like total data used by the user groups
    Category/Applications details accessed by the user groups
    Bandwidth used by the groups

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  10. Change warning in messages if firewall no longer registered with OR managed from Sophos Central

    The warning message that's shown if the XG is registered with but not managed from Sophos is unnecessary and cannot be cleared. Very few of our customers have allowed firewall management from Central as its generally a different team or personnel who manage the XG and Central and there isn't sufficient granularity in user / admin roles for management to be allowed. The warning in messages only needs to be shown if the XG WERE previously managed and are no longer being managed. This warning could then be acknowledged and cleared if necessary.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  11. Custom SAR Report

    The SAR report generated by the device when in TAP mode is nice but it would be great if we could add/remove items and/or change the wording of some of the report to fit our industry. The custom logo is a step in the right direction, now give us a little more control of the report's content.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  12. need uptime reporting on wan interface

    Need to see uptime on an interface, or at least the WAN interface, so that when troubleshooting things like the VPN dropping we can see if there is an physical issue with WAN

    And / or an email alert when the WAN drops

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  13. reporting

    Single sheet reporting where you can drill down from IP to hostname to username, port, interface, URL, search by specific time and date and generate reports based on search criteria. Add columns remove columns based on what you are looking for. Almost like logger but for reporting. Basically take all the separate useless reports you have not and put them into one. Stop making it look pretty and just do a simple report with features. In my opinion the reporting on Sonicwall was great "Analyzer" If you guys could look at that tool and implement those features you would get…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  14. Web Browsing Reports and Audits for HR Purposes

    We have had numerous customers that have now requested these types of reports.

    These are essentially for HR Purposes so that in the unfortunate event that a users activity needs to be reviewed or audited these are readily available.

    Full Audit of Users browsing activity including date / time and category (This one is already possible but could be improved)


    • Display a list of page durations for when users were on certain websites.

    • A breakdown of categories visited. (in audit and overview reports)

    • Supply a chart of time spent per url, domain or category

    • Line/Bar graph of time spent per…
    35 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  15. Report on internet consumption details per user or IP

    Dear Team,
    We have required client wise or IP address wise internet consumption details.
    Because currently we are not enable to trace internet consumption client wise or IP address wise.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web reports issue

    Currently i'm using the firmware version 17.5.0. It is not possible for mac binded user to be shown under the web reports until and unless they are using some authentication via firewall with match known users ticked under the firewall rule and it will not show you any detailed history of any of the user, you can find that on the user machine's browser. In these report we are able to see only the parent URL and we are not able to see the child URL. The parent URL will be google.com by default itself as most of the users…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  17. Scheduled Reports - CSV or HTML Attachment Format

    "Report Scheduling" (on SFOS 17.1.3 MR-3) seems to only be able to be sent as a PDF.
    This is quite limiting and not ideal.

    We would like a way to be able to be able to change it to be HTML, PDF or CSV (like we can when we download it manually).

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. Log Viewer: Improve search for deanonymized entities

    When using the anonymization feature, creating filters in the log viewer is currently (17.5) only possible by selecting the "copy to clipboard"-button in one particular log viewer entry. This makes it very difficult to manually search for permanently deanonymized entities, when there are not current log viewer entries for this entitity.

    Please allow manual entry of filter text for Src IP, Dst IP or User name in LogViewer, even with Anonymization enabled.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support more data rows in PDF reporting

    Email reports currently only have max 50 field support, making logs sent via pdf useless.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. Compliance Reporting and Log signing

    Compliance reporting becomes not as complicated and time consuming as it used to be. Sophos, PCI DSS, FISMA, SOX, ISO 27001, 5651, NERC, GLBA and all relevant government and industry regulations such as HIPAA must meet all compliance requirements

    Predefined compliance reports and ability to automate them, accelerates compliance reporting.

    Digital certificate integration.
    Time stamp authority integration (Turktrust, Digistamp etc.).
    Data policy manager.
    Digital hashing.
    Long term data archiving.
    Data retention policy.
    Data restriction.

    Log signing,
    - Fulfilling all legal compliance,
    - to provide evidence in forensic case studies and
    - Log signatures on each line.
    Log Signing
    Integration with…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.