XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add support to ciper suit in Cyberoam OS

    Add a support to ciper suit TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 -

    {0xC0,0x2F} in Cyberoam OS

    87 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    22 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improve high availability logging

    At the moment it is not possible to see if the the initial syncing proces is finished and the auxiliary device is ready the become the master. Please give us a log where this is visible.

    Most needed when testing the HA function on-site. We restart node 1 und see if node 2 takes over. After that, node 1 comes back on and we need to see when we can restart node 2.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. SFM - Overwrite whole configuration with template

    I'd like to have the possibility to overwrite the whole configuration of a firewall with the content of an SFM template. Currently when applying a template from SFM the firewall rules merge with the ones configured locally.
    I´d like to have the possibility of replacing, instead of merging and have full control of the firewall from SFM, like others vendors have from their management server.
    This is to avoid human errors by a local administrators. For example someone can log locally on the firewall and configure an any any permit, then you apply your template and that any any remains. …

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sophos Connect - Add groups to "allowed users"

    In the current implementation we are unable to select groups in the "Allowed users" field. Selecting groups would vastly improve time spent rolling Sophos Connect out for our pilot users.

    I bet a lot of other customers also use LDAP against their domain to fetch users from there. Having to maintain pilot users two places makes this a headache.

    Thanks

    35 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. SSL VPN report

    I would like to have a report for the use of ssl vpn with duration and time.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. speedtest

    Other manufacturers like meraki offer a speed test on the WAN bandwidth and available throughput.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Consistent and "advanced" table rendering throughout the product/UI

    This is for ALL Tables in the XG Gui and Portal.

    The Idea is having a consistent and advanced table rendering framework throughout the product/UI

    This is really annoying ... and almost any other web GUI based system has this "function" or framework.

    But the Voucher Table being the worst!

    So let's take the Voucher Table: (but applies/must apply to ALL UI places where tables are shown)

    - You can only sort by "Code" ?? ... no other Fields (>>ALL<< Fields should be sortable, searchable and filterable)! Always and in every table.
    - have an option to export to CSV …

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. WAN Failover Options and Ranges

    WAN Failover needs at least to have ranges
    Example: Ping between 0 and 100 consider WAN up

    Packet Loss would even be better
    Example: Packet loss higher than 10% consider WAN down

    The other vendors have these options, WAN Failover is pretty useless when a line can have a 2000 ping and 75% packet loss and still be considered up... These are the most common problems with the biggest carriers in the US such as comcast...

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Deploy in the Sophos firewall to show in which rules an object is linked

    Deploy in the Sophos firewall to show in which rules an object is linked (host and services). This is very useful when I want to delete the object.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. User-List

    It will better, if Web-UI is included withe options like, list of total number of users, Number of users in each group, list of users who never logged in since a given time (which will help in deactivating the un-used users ids.)
    -Using XG 750 firewall (with HA)

    92 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. SNMP for XG Firewall Upgrade

    Hi ,

    I request you that SNMP OID should be added for the the SOPHOS XG Firewall - MIB for Monitoring purpose as present MIB does not able to capture below points.

    1.Interface Utilization
    2.Bandwidth Monitoring
    3.Interface IP details
    4.WAN Link monitoring etc...

    Please have these all OID added in the Sophos XG MIB

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. alert bandwidth

    Alert or notification should be sent to administrator when bandwidth usage reaches 80 %

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Browsing Reports and Audits for HR Purposes

    We have had numerous customers that have now requested these types of reports.

    These are essentially for HR Purposes so that in the unfortunate event that a users activity needs to be reviewed or audited these are readily available.

    Full Audit of Users browsing activity including date / time and category (This one is already possible but could be improved)

    * Display a list of page durations for when users were on certain websites.
    * A breakdown of categories visited. (in audit and overview reports)
    * Supply a chart of time spent per url, domain or category
    * Line/Bar graph…

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  14. Hotspot Portal listen on RED Interface.

    Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
    So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    It would be very convenient to assign permissions to Active Directory (AD) groups so that a user can simultaneously belong to several groups (eg, Shopping, Social_Sales, Travel, etc.). Currently only one AD group can belong.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. need whitelist for application filter

    At the moment, application filter works on blacklist, and we cannot create whitelist application filter to allow a specific application, and block all other applicaitons including unknown/unclassified applications.

    Other vendors can achive it, Palo Alto Application Whitelist Example: https://docs.paloaltonetworks.com/best-practices/8-1/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/identify-whitelist-applications/application-whitelist-example#

    There are a number of compliance criteria (CIS for one) that require whitelisting of network applications, as per https://www.cisecurity.org/blog/understanding-cis-control-2/

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Sophos Connect Client - AD password reset

    It would save a lot of client frustration if there was a mechanism built into the Sophos Connect client that allowed users to securely reset their AD account password in the event that it has expired.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. Block/allow YouTube categories

    YouTube uses categories for the videos and it would be quite valuable to block/allow based on those.

    Sample categories for the US:

    1 - Film & Animation
    2 - Autos & Vehicles
    10 - Music
    15 - Pets & Animals
    17 - Sports
    19 - Travel & Events
    20 - Gaming
    21 - Videoblogging
    22 - People & Blogs
    25 - News & Politics
    26 - Howto & Style
    27 - Education
    28 - Science & Technology
    29 - Nonprofits & Activism
    30 - Movies
    33 - Classics
    34 - Comedy
    35 - Documentary
    36 - Drama
    39 - Horror …

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Monitoring of Sophos XG210

    Dear Team,

    We want to monitor the all the parameters of Sophos XG 210 firewall.

    Parameter mainly include the Interface, Power supply, temperature etc.

    Could you please create the MIB / OID values for it then will help to monitor the system

    You can refer the case ID. #8792069

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Some websites taking too much time to load, It works fine without using cyberoam CR25ing.

    In firmware version 10.6.2 of cyberoam CR25ing many websites taking too much time to load properly, but when I create new rule without attach identity it works fine.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 97 98
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.