XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Restart Wireless Access Point Function

    Each access point should be able to be restarted. This helps in two ways:


    1. Perform a OS restart of the Access Point if 'turning on and off' the wireless network does not work

    2. Allows you to see a port blip on the POE switch to confirm what port the AP is connected to in remote areas

    97 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Hotspot "terms of service" customization

    I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.

    My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.

    When the user accepts, they are granted Internet Access. 
The user…

    87 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Rogue access point detection

    The Sophos XG firewalls should be able to detect rogue access points with APs connected the same way the models with built in wireless do.

    58 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. wireless band steering

    Band steering allows dual band devices to be forced onto the faster 5Ghz spectrum when supported to free up bandwidth for those devices which only support the 2.4Ghz spectrum.
    I believe Sophos Cloud wifi already supports this.
    We need this on both XG and UTM

    56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    senthilraj.s responded

    Thank you for Reaching out .

    Wireless Bandsteering on XG & UTM is present in our Roadmap . We will keep you posted once a Release Vehicle is Identified .

  5. HotSpot logging

    hotspot

    HotSpot feature lacks logging capabilities.

    For example it would be great to autmatically map and log voucher code with IP address of user that was using it and create reports based on this.
    Without this it's impossible to audit what traffic was generated by that user.

    Same issue is with UTM:
    http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/10924653-logging-for-hotspot-vouchers

    Thanks,
    Lukasz Naumowicz

    55 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Facebook

    Is it possible to use Wireless authentication by Facebook and others social on Guest Wifi network via sophos AP ?

    39 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Improve WiFi roaming for Apple devices with 802.11 k

    Apple Devices & WiFi:
    So everybody knows that Apple has its own opinion for WiFi Roaming and switching to the next AP with the best wifi signal. I think it's a good idea to implement the 802.11k standard to Sophos AccessPoints, according to the knowledge page from Apple at: https://support.apple.com/en-us/HT202628 where they talking about the 802.11k Standard. Maybe this is a solution for Apple devices that have connection issues and do not want to switch the access point.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Notified abount Access Point UP / Down

    it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Reboot AP via Web Admin UI

    Make it possible to reboot an AP from the XG's Web UI.

    Implementar a possibilidade de reiniciar AP via Interface Gráfica (WEB)

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support for WPA3

    I realize that it's a new standard, and the WFA is only just now beginning to certify devices, but are there plans to attain WPA3 certification for Sophos AP and managing firewalls?

    https://www.theverge.com/2018/1/9/16867940/wi-fi-alliance-new-wpa3-security-protections-wpa2-announced

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Sophos Access Points to remain working even if XG is unreachable

    The downside we have identified for Sophos APs is that if a remote office with Sophos APs is connected to head-office XG via VPN and everything routes through the VPN, when connectivity is lost, the APs go offline and the remote offices cannot even access their local devices (e.g. printers / local NAS) via WiFi.
    This makes a WAN issue into a much larger impact as the remote offices are unable to work effectively.

    This request is that when XG is not reachable by the AP, it will fallback into an admin defined mode. e.g. if normal mode is bridged…

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Wireless Site Survey

    I think you can do it on Sophos Cloud, but the ability to upload and mark on on a floor plan where all the access points are, and do site surveys.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Schedule AP firmware updates

    it would be great to schedule applying updates to wireless AP units.

    It would also be good to be able to update multiple APs at different times in order to avoid a total wireless outage

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. WI-FI connectivity status and usage

    XG wireless lack a way to identify devices connected to the APs as well as not able to see any kind of live usage data. In SG it's possible to see how a wide variety of wireless information and live data. This really is something required in Sophos XG

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ending a wireless session

    There is currently no way to see a wireless session and disconnect that person or device from their wireless session. Good security feature for blocking a device or the devices MAC address of that device.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. wireless client list

    On the UTM there is the option to add custom names to a wireless client.
    Wireless protection - Wireless clients - Wireless Client list
    Would be great to have this option on XG also.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow Visibility and control of Live Guest Hotspot Users

    It would be really nice to be able to see a list of current Hostname/Mac addresses of those using the hotspot (and boot them if necessary).

    It would be even better if I could get a daily report that shows me hostnames/mac addresses of those people using the hotspot.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Pre-authenticate Hotspot users by MAC

    I have created Hotspot and the vouchers for guest users. However, on this hotspot, I would like to have some users be authenticated with their MAC addresses such that they are not prompted with a captive portal to enter voucher. This feature is helpful - to authenticate/allow users based on MAC addresses on guest or other hotspot.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Hotspot Portal listen on RED Interface.

    Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
    So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Mixing Wireless Client Traffic Types

    I want to be able to add all my wireless networks to all my access points.
    Currently I cannot mix "Bridge to AP LAN" and "Bridge to VLAN" on the same access point which I could easily do on other wireless systems.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.