XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. MAC Address Groups for WiFi with being able to add a Name to the MAC address for SG & XG

    This will be a well sought after feature as people often leave the company or upgrade their devices and searching for the old MAC address becomes a daunting task when we need to update it or remove it.

    Can you add the feature where it allows us to create a MAC group and in it able to create individual users with multiple MAC addresses. That we can assign to a Wifi network.

    As the current setup in the SG & XG, in MAC hosts we have to enter each mac address to a list, times how many users in that…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. add timestamps in hostapd.log

    /log/hostapd.log should include date/timestamps for troubleshooting purposes.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Customize Hotspot mail for "password of the day"

    The customization of the daily mail for the hotspot-password "password of the day" should be possible, so it could fit the CI of the customer like other customization options in the xg, that are already available

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Wireless Accespoint IDS/IPS or UTM application <3

    Wireless Accespoint IDS/IPS or UTM application.
    Why? Because WAN is not the only "outside" of a network. As a Blueteam Sys/Netadmin aspirering to be an ethical hacker I consider all "acces ports/acces points/network entrys" as "Outside". Scanning for malware and payloads on Wireless Acces Point level would be an absolute godsend. (btw there is still no silver bullet for EvilTwins.. just saying xx.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to select data rates

    It would be great to have the ability to select available data rates so lower rates can be disabled in order to optimize wireless performance.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Wifi

    Automatically disable DFS when the transmit power is set to 50% or lower on the AP’s as is allowed by the Australian Communications and Media Authority

    Switch CH bandwidth between 20, 40 and 80HMz

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Periodically update Wireless Passphrase with Registered Devices/MACs

    Have Sophos UTM/XG update the Passphrase for the WiFi periodically where it updates any registered devices/MACs automatically.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. G

    Include external authentication for guest users. Here we achived force authetication only in our hotspot. But some sms gateway device need external authentication. Pls add this features

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Wireless or network bandwidth limitation

    It would be great to limit a users wireless or wired connection base on bandwidth and bandwidth usage. It would be great for limiting Guest wireless access or for staff that brings in their personal devices.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. XG Wireless Logging is unavailable since first release

    SFVH (SFOS 17.5.8 MR-8) ; Home license

    For whatever reason, XG disallows logging for wireless functionality.

    I can select the box under Configuration -> System Services -> Logging > Wireless, hit "Apply" and the selection is cleared.
    I can confirm afterwards that system logs contain no WiFi activity entries.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Editar a mensagem de senha do dia dos Sophos APs

    Deixar editar a mensagem de senha do dia, para identificar de qual equipamento é a senha enviada para os administradores que recebam

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. vouchers support on device

    Hotspot vouchers should be supported on limited devices only, for example for guest-1 voucher will be limited to be used on only one device and for guest-2 voucher will be limited to be used on 3 devices.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. voucher

    It would be useful to allow the admin user to place a comment/description against each individual voucher for audit purposes.

    On the UTM after vouchers were generated the admin user was able to edit the Comment/Description field. They use this to record the user that receives the voucher.

    Currently on the XG, this field is not editable after the vouchers are generated.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. simplified wireless client list presentation

    offer a streamlined wireless client list in the gui as a single matrix of rows & columns with all info rather than requiring clicking through the 'by ssid' & 'by ap' nested menus waiting for each one to load to get basic client info. cli implementation of the same concept would also be useful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Optional Antennas for Wireless-APs

    Hi,
    we need the option to use external antennas with the Sophos APs.
    Cisco offers a large range of antennas to cover mostly situations.

    So you can use directed antennas. sector antennas or use outdoor antennas and the AP is mounted indoor.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Simultaneous Logins* restriction o

    Simultaneous Logins* restriction settings for each interface.

    It would be good if cyberaom gives an option to restrict Simultaneous Logins* to particular interface.
    Currently if set Simultaneous Logins* restrction for users, it applies globally to all interface

    ( if interface based restriction is there , we can assign one user to login through 2 devices on LAN and 1 through WIFI interface.

    Currently if we set 3 , they are bale to login all 3 either through LAN or WIFI.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. rogue

    Add a classification of "External" to the Rogue AP Actions. The reason is that we want to designate third party access points which are not approved for use, but which are not rogue (i.e. connected to our network without authorization) as External.

    Sophos should then develop a set of features we can implement by policy to take action. An example would be a policy that prevents authorized devices from connecting to Rogue or External access points.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. remove ERROR notification in access_server.log for radius

    As per case 8135146 this is a feature request.

    Using RADIUS SSO for the wireless. On the access_server log in XG we see the following" errors"
    MESSAGE May 25 08:51:02 [4143859520]: handle_radius_account_req: request received from radius client 172.16.1.68
    ERROR May 25 08:51:02 [4143859520]: handle_radius_account_req: received radius accounting with status 3
    MESSAGE May 25 08:51:02 [4143859520]: handle_radius_account_req: request received from radius client 172.16.1.68
    ERROR May 25 08:51:02 [4143859520]: handle_radius_account_req: received radius accounting with status 3
    MESSAGE May 25 08:51:02 [4143859520]: handle_radius_account_req: request received from radius client 172.16.1.68
    ERROR May 25 08:51:02 [4143859520]: handle_radius_account_req: received radius accounting with status 3
    MESSAGE May…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. HOTSPOT's Terms of use acceptance page clear out session

    Force a client to see the HOTSPOT's Terms of use acceptance page every time during testing? Or give us a way to clear out a session for testing he custom template.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. XG105w supporting wireless Bridge to VLAN

    The XG105w (wireless enabled) only supports Bridge to AP or Separate Zone, and not bridge to VLAN. This is fine for when you a have a really small deployment, which is not integrated with additional Sophos AP's within the environment. For a growing and secure wireless SMB environment the best practice would be to utilise VLAN's and segment the different wireless traffic through the network.
    Ideally this config should flow and replicated through AP groups including the XG on-board wireless.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.