XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SFM - Overwrite whole configuration with template

    I'd like to have the possibility to overwrite the whole configuration of a firewall with the content of an SFM template. Currently when applying a template from SFM the firewall rules merge with the ones configured locally.
    I´d like to have the possibility of replacing, instead of merging and have full control of the firewall from SFM, like others vendors have from their management server.
    This is to avoid human errors by a local administrators. For example someone can log locally on the firewall and configure an any any permit, then you apply your template and that any any remains. …

    18 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. User-List

    It will better, if Web-UI is included withe options like, list of total number of users, Number of users in each group, list of users who never logged in since a given time (which will help in deactivating the un-used users ids.)
    -Using XG 750 firewall (with HA)

    85 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. SSL VPN report

    I would like to have a report for the use of ssl vpn with duration and time.

    14 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. WAN Failover Options and Ranges

    WAN Failover needs at least to have ranges
    Example: Ping between 0 and 100 consider WAN up

    Packet Loss would even be better
    Example: Packet loss higher than 10% consider WAN down

    The other vendors have these options, WAN Failover is pretty useless when a line can have a 2000 ping and 75% packet loss and still be considered up... These are the most common problems with the biggest carriers in the US such as comcast...

    14 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sophos Connect - Add groups to "allowed users"

    In the current implementation we are unable to select groups in the "Allowed users" field. Selecting groups would vastly improve time spent rolling Sophos Connect out for our pilot users.

    I bet a lot of other customers also use LDAP against their domain to fetch users from there. Having to maintain pilot users two places makes this a headache.

    Thanks

    21 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. Web Browsing Reports and Audits for HR Purposes

    We have had numerous customers that have now requested these types of reports.

    These are essentially for HR Purposes so that in the unfortunate event that a users activity needs to be reviewed or audited these are readily available.

    Full Audit of Users browsing activity including date / time and category (This one is already possible but could be improved)

    * Display a list of page durations for when users were on certain websites.
    * A breakdown of categories visited. (in audit and overview reports)
    * Supply a chart of time spent per url, domain or category
    * Line/Bar graph…

    15 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  7. alert bandwidth

    Alert or notification should be sent to administrator when bandwidth usage reaches 80 %

    12 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos Connect Client - AD password reset

    It would save a lot of client frustration if there was a mechanism built into the Sophos Connect client that allowed users to securely reset their AD account password in the event that it has expired.

    10 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. speedtest

    Other manufacturers like meraki offer a speed test on the WAN bandwidth and available throughput.

    10 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Improvement on Authentication-agent/Captive-portal/VPN-Agent window

    > Authentication-agent/Captive-portal/VPN-Agent window must inform user through Authentication-agent/Captive-portal/VPN-Agent about uploaded/downloaded data during authenticated session.

    > Authentication-agent/Captive-portal/VPN-Agent window must show info like Username, IP, MAC-ID, Email ID(optional), Uploaded data, Downloaded data, route table of local machine, Status of DNS server IP addresses used, local machine OS info, local machine hostname info, ping tool, trace route tool. This will simply troubleshooting for support agents and also reduce load on Firewall as remote agent is gathering info. If these info is forwarded to FW through secure channel then it would be great help for any network engineer.

    26 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. IPS Real time alerts

    The firewalls must: Notify the administrator in real time of any items requiring immediate attention. -[Requirement of PCI CP)

    22 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. XG devices absolutely need auto power ON

    The XG devices lack auto power on in the event of a power outage. This is a must have for remote sites. Especially for a device that controls internet access

    42 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Notified abount Access Point UP / Down

    it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.

    20 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add notifications

    Hello,
    Please add more notifications to sophos xg firewall like RED fails, system restart, and other options that was available in SG
    Thank You

    12 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. More 2FA Choices

    Come on Sophos, it is 2019, give us more choices for 2FA already. You have your own 2FA service, why has that not been integrated into the XG?

    9 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Importing groups: disable MAC binding option

    Get the option to disable MAC binding while importing groups from an authentication server (Example: Active Directory), this because it can be easily forgotten afterwords and this can break SSL VPN for users in the new groups because MAC binding is not supported on SSL VPN.

    8 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. create firewall rule from logviewer

    When traffic in Logviewer is displayed, it would be nice to open a new firewall dialog prefilled with the information from the logentry.
    With a dropdown Box for already created objects for the selected ip or the possibility to create a new ip object.

    18 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Configless SSL Client

    I would like to see a SSl VPN client that does not require reinstalling the application after every config change. The SSL VPN client config should be updating when it connects after a modification is made.

    27 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  19. 111 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Report of traffic for each WAN interface.

    Create a report containing sites and applications accessed by a specific interface (Port) and not just for WAN zone. Summary e Detail.

    will greatly facilitate troubleshooting.

    Thank You!

    80 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 89 90
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.