XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. fast transition option for WPA2/WPA Enterprise security mode

    If we can have fast transition option for security mode WPA2/WPA Enterprise. It will be helpful when users move from one access point to other access point.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Optional Antennas for Wireless-APs

    Hi,
    we need the option to use external antennas with the Sophos APs.
    Cisco offers a large range of antennas to cover mostly situations.

    So you can use directed antennas. sector antennas or use outdoor antennas and the AP is mounted indoor.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow option to ignore RADIUS Logoff

    The ability to ignore Logoff requests issued by RADIUS accounting - similar to the feature found in STAS. This is because many wifi providers issue STOP frames as devices roam to RADIUS Accounting, which can cause temporary internet disconnections when roaming.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. configure password of day to be sent out at a certain minute

    It would be nice to be able to configure passowrd of day (for hotspot) to be sent out a certain minute.
    At the moment, it can only be configure on a interval of hour, not convenient.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sophos XG Wireless AP load balancing

    Hello Team,

    Customer is requesting to have a feature on XG for AP load balancing. For your assistance please. Thank You.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Organize/filter Wireless hosts by label or group

    Unable to filter or reorganize by Label or Group in the XG Wireless portal
    Feature possible on SG

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Configurable number of devices for hotspot vouchers

    Hotspot vouchers should be supported on limited devices only, for example for guest-1 voucher will be limited to be used on only one device and for guest-2 voucher will be limited to be used on 3 devices.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. add timestamps in hostapd.log

    /log/hostapd.log should include date/timestamps for troubleshooting purposes.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. RADIUS IOS & Android authentication

    we would wish. that it is possible in the Sophos XG Registrations which of a IOS / Android over RADIUS run in the live users to be indicated.

    Thus it is also possible to create smartphones groups / custom firewall rules.

    The Sophos Network Agent for IOS / Android is very impractical and thus falls away for us.

    We have seen that in SFOS 17.1, some preliminary work has already been done on this feature.

    Sehr geehrte Damen und Herren,

    wir würden uns wünschen. dass es in der Sophos XG möglich ist Anmeldungen welche von einem IOS/Android über RADIUS laufen…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Wireless Accespoint IDS/IPS or UTM application <3

    Wireless Accespoint IDS/IPS or UTM application.
    Why? Because WAN is not the only "outside" of a network. As a Blueteam Sys/Netadmin aspirering to be an ethical hacker I consider all "acces ports/acces points/network entrys" as "Outside". Scanning for malware and payloads on Wireless Acces Point level would be an absolute godsend. (btw there is still no silver bullet for EvilTwins.. just saying xx.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatically Authenticate Users when disconnecting from NIC to Wifi

    To have the ability for a user to automatically authenticate when disconnecting from their NIC and connecting via wifi. At present, user needs to log out and back in to their laptop whilst on the wifi for STAS to register the user as being logged on to the wifi.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. please support the Radius SSO feature for AP55C.

    According to the Sophos KB 134148, the Radius SSO feature is supported by APX models.
    But customer bought a lot of AP55C, please also support the Radius SSO feature for AP55C.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Edit voucher description after generation

    It would be useful to allow the admin user to place a comment/description against each individual voucher for audit purposes.

    On the UTM after vouchers were generated the admin user was able to edit the Comment/Description field. They use this to record the user that receives the voucher.

    Currently on the XG, this field is not editable after the vouchers are generated.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Rogue access points

    Add a classification of "External" to the Rogue AP Actions. The reason is that we want to designate third party access points which are not approved for use, but which are not rogue (i.e. connected to our network without authorization) as External.

    Sophos should then develop a set of features we can implement by policy to take action. An example would be a policy that prevents authorized devices from connecting to Rogue or External access points.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Auto-disable DFS when transmit power <=50%

    Automatically disable DFS when the transmit power is set to 50% or lower on the AP’s as is allowed by the Australian Communications and Media Authority

    Switch CH bandwidth between 20, 40 and 80HMz

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Periodically update Wireless Passphrase with Registered Devices/MACs

    Have Sophos UTM/XG update the Passphrase for the WiFi periodically where it updates any registered devices/MACs automatically.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Captive portal should support external authentication providers

    Include external authentication for guest users. Here we achived force authetication only in our hotspot. But some sms gateway device need external authentication. Pls add this features

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. "Blacklist" of MAC addresses of wireless devices that are not allowed by an AP for a connection

    For each connected AP you should be able to specify a "blacklist" of MAC addresses in the XG that are not allowed by the AP for a connection. This is to ensure that stationary devices such as printers, WiFi cameras, streaming devices can only connect to the AP that is intended for them and that is located nearby.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Hot spot

    Hot Spot to be able to Authenticate from Routed IP subnet. Subnet that differs from hostspot interface IP Subnet.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. remove ERROR notification in access_server.log for radius

    As per case 8135146 this is a feature request.

    Using RADIUS SSO for the wireless. On the accessserver log in XG we see the following" errors"
    MESSAGE May 25 08:51:02 [4143859520]: handle
    radiusaccountreq: request received from radius client 172.16.1.68
    ERROR May 25 08:51:02 [4143859520]: handleradiusaccountreq: received radius accounting with status 3
    MESSAGE May 25 08:51:02 [4143859520]: handle
    radiusaccountreq: request received from radius client 172.16.1.68
    ERROR May 25 08:51:02 [4143859520]: handleradiusaccountreq: received radius accounting with status 3
    MESSAGE May 25 08:51:02 [4143859520]: handle
    radiusaccountreq: request received from radius…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.