XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. password of the day

    Possibility to use encrypted(WPA2 Personal) Hotspot with Password of the day, with only enter the Password in WLAN Connection. Actually you have to enter the Password to connect to the WLAN, and then you have to enter it again at the Login homepage.

    6 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Hot spot

    Hot Spot to be able to Authenticate from Routed IP subnet. Subnet that differs from hostspot interface IP Subnet.

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. configure password of day to be sent out at a certain minute

    It would be nice to be able to configure passowrd of day (for hotspot) to be sent out a certain minute.
    At the moment, it can only be configure on a interval of hour, not convenient.

    3 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sophos XG Wireless AP load balancing

    Hello Team,

    Customer is requesting to have a feature on XG for AP load balancing. For your assistance please. Thank You.

    5 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Organize/filter Wireless hosts by label or group

    Unable to filter or reorganize by Label or Group in the XG Wireless portal
    Feature possible on SG

    4 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Remove limit of 50 hostspot vouchers

    Hotspot Voucher creation should'nt be limited to 50.
    On SG , we were able to create 500 to 1000 Voucher easily.

    5 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Configurable number of devices for hotspot vouchers

    Hotspot vouchers should be supported on limited devices only, for example for guest-1 voucher will be limited to be used on only one device and for guest-2 voucher will be limited to be used on 3 devices.

    3 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Hotspot Portal listen on RED Interface.

    Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
    So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!

    13 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. fast transition option for WPA2/WPA Enterprise security mode

    If we can have fast transition option for security mode WPA2/WPA Enterprise. It will be helpful when users move from one access point to other access point.

    5 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Radius SSO support in wireless enterprise authentication - forward accounting request to RADIUS Server

    Radius SSO via wireless enterprise authentication does not currently show the authenticated user in the live activities on the XG interface since Accounting requests are not forwarded from the Sophos Access Points. Can an update provide this functionality so users who connect via RADIUS authentication can be authenticated to the XG and therefore have web policies applied to their accounts.

    7 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Edit voucher description after generation

    It would be useful to allow the admin user to place a comment/description against each individual voucher for audit purposes.

    On the UTM after vouchers were generated the admin user was able to edit the Comment/Description field. They use this to record the user that receives the voucher.

    Currently on the XG, this field is not editable after the vouchers are generated.

    2 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. add timestamps in hostapd.log

    /log/hostapd.log should include date/timestamps for troubleshooting purposes.

    3 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Simplify & improve wireless client list presentation

    offer a streamlined wireless client list in the gui as a single matrix of rows & columns with all info rather than requiring clicking through the 'by ssid' & 'by ap' nested menus waiting for each one to load to get basic client info. cli implementation of the same concept would also be useful.

    9 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Notified abount Access Point UP / Down

    it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.

    34 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Optional Antennas for Wireless-APs

    Hi,
    we need the option to use external antennas with the Sophos APs.
    Cisco offers a large range of antennas to cover mostly situations.

    So you can use directed antennas. sector antennas or use outdoor antennas and the AP is mounted indoor.

    6 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Customize Hotspot mail for "password of the day"

    The customization of the daily mail for the hotspot-password "password of the day" should be possible, so it could fit the CI of the customer like other customization options in the xg, that are already available

    7 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. WI-FI connectivity status and usage

    XG wireless lack a way to identify devices connected to the APs as well as not able to see any kind of live usage data. In SG it's possible to see how a wide variety of wireless information and live data. This really is something required in Sophos XG

    19 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. RADIUS IOS & Android authentication

    we would wish. that it is possible in the Sophos XG Registrations which of a IOS / Android over RADIUS run in the live users to be indicated.

    Thus it is also possible to create smartphones groups / custom firewall rules.

    The Sophos Network Agent for IOS / Android is very impractical and thus falls away for us.

    We have seen that in SFOS 17.1, some preliminary work has already been done on this feature.

    Sehr geehrte Damen und Herren,

    wir würden uns wünschen. dass es in der Sophos XG möglich ist Anmeldungen welche von einem IOS/Android über RADIUS laufen…

    3 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add API for HotSpotsVoucher generation

    Provide an API to generate Hot spot voucher, it would be simpler to generate guest wifi vouchers form Local Area application.

    tag: Base System + General UI + API

    9 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Wireless Accespoint IDS/IPS or UTM application <3

    Wireless Accespoint IDS/IPS or UTM application.
    Why? Because WAN is not the only "outside" of a network. As a Blueteam Sys/Netadmin aspirering to be an ethical hacker I consider all "acces ports/acces points/network entrys" as "Outside". Scanning for malware and payloads on Wireless Acces Point level would be an absolute godsend. (btw there is still no silver bullet for EvilTwins.. just saying xx.

    5 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.