XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 45 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. captcha optionable

    Can you please make captcha an option to be enabled or disabled, not to be forced?
    We have Local ACL rules on each firewall so it can only be access from our office, we remotely take control of different firewalls about 10 times a day...

    35 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. DHCP: Allow static lease of addresses within the dynamic pool

    Currently it is not possible in the Sophos XG to store static DHCP leases in the internal DHCP server where the IP addresses are located within the configured DHCP pool. This is with other manufacturers such. B. AVM (Fritz! Box) without problems possible. Thus here is the DHCP for large customers currently partly to use. When will this be a solution.

    Aktuell ist es in der Sophos XG nicht möglich Statische DHCP Leases im internen DHCP Server zu hinterlegen, bei denen die IP Adressen sich innerhalb des konfigurierten DHCP Pool befinden. Dies ist bei anderen Herstellern wie z. B. AVM…

    148 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Hotspot "terms of service" customization

    I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.

    My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.

    When the user accepts, they are granted Internet Access. 
The user…

    96 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    15 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Let's Encrypt integration like the SG already has.

    Please integrate Let's Encrypt. I remember an anouncement at one of the first XG Roadshows that new features will be provided for xg and later maybe for sg. But SG gets Let's Encrypt first and un XG we waiting for it since years....

    37 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Sophos Connect with OTP – eliminate 4 hours reauthentication

    Today when using Sophos Connect with OTP, the firewall asks for a new OTP token every 4 hours. According Sophos support, this value is hardcoded. If employees working the whole day remotely, an interruption very 4 hours is a pain.
    Please make these 4 hours configurable. Or at least extend it to 10 hours, so a full working day can be achieved without any interruption.

    19 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. Full width dashboard, not limited to max-width

    Hi,

    I've using firmware 18
    Up until now, there are no benefit using resolution higher than 1366x768 px
    Lets say you have FHD resolution, the dashboard capped at 1280px

    The CSS says

    wrapper.cp-wrapper {

    max-width: 1280px;
    

    }

    If I rule out that CSS, most of UI will have benefit with higher resolution

    Also with menu

    element.style {

    display: table;
    
    box-sizing: border-box;
    padding: 0px 10px;
    width: 1100px;
    height: 62px;

    }

    Change the width to

    element.style {

    display: table;
    
    box-sizing: border-box;
    padding: 0px 10px;
    width: calc(100% - 180px);
    height: 62px;

    }

    And you have full width header.

    I know you guys can…

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Customizable Quarantine Email

    How do you change the default content within the Quarantine Digest.

    We want to add a company logo and change the default text within this email to something more user friendly.

    We also want to add instructions to this email for our users.

    How can this be completed.

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. DNAT XG18 missing basic features

    With a new server access assistant (DNAT) in SFOS 18.0.0 GA-Build339:
    1) You cannot select different original and translated port in a wizard
    2) You cannot create service inside the wizard
    3) You cannot create external source inside the wizard}
    4) The firewall rule shows allowed access to WAN interface instead of a local IP, which is misleading
    5) Wizard is automatically created reflexive rule effective destroying original, desired SNAT for the server.

    Instead of the 1 original rule in 17.5 you have 3-4 different rules on 2 screens (1 fw and 2-3 NAT rules)... not cool at all!

    Obviously…

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Sophos connect client allowed users

    The Sophos connect client permit list should be able to add users by active directory security group. We are a firm spread across 9 offices and the STAS works great on 17.5 MR9 to load the users to all firewalls but the process of adding all users into the connect client is really laborious especially when there is high turnover.

    42 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. multiple WAN interface option in Ipsec client vpn settings

    Need the Option to add multiple WAN interfaces in Sophos Connect client settings.
    if there is 2 WAN connection and 1 connection is down then the remote client don't have any option to connect to VPN through 2nd available ISP. if this option is available then the user will have 2 profiles in their Sophos connect client.

    29 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. Static Routes Should Be Top Precedence By Default

    Static route should always be the top precedence by default. I have several tunnels that have stopped working after updating to v18 and having newly migrated policy routes take precedence.

    Additionally, it would be nice to have a GUI-based option to change the precedence order, rather than needing to go and and make a CLI change for each device we upgrade.

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Remote reboot of a RED device

    Provide an option to reboot a RED device from the XG web GUI. Currently, the only way to reboot the device is to go to the site and power cycle the unit.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. office 365

    Integrate Microsoft AzureAD for user identification for user based XG firewall web policies and reporting. I saw the request for Azure Directory Services which is not free. AzureAD is free with every Office365 tenant. Sophos Central has AzureAD sync, expand this to XG Firewalls as another Server or Directory as a Service model. Seams like this bridge is already half built.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  15. Redirect User Portal from HTTP to HTTPS

    At the moment there is no way to redirect HTTP to HTTPS automatically for User Portal. Since the configuration is inside a APACHE httpd.conf file, it should not be difficult to implement it. Thanks

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Make a way to add to Sophos Connect "Allowed user" list without booting all currently connected Sophos Connect users.

    The title pretty much spells it out here. It's very disappointing that you can't add a VPN user without disrupting all your current VPN users...

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Major XG Log Improvements

    The log would benefit from the following changes.


    1. When scrolling thru the log the column headers are not sticky.

    2. The ability to sort each column with ascending or descending.

    3. The ability to filter events using a time range and place under the "Timer Filter".

    4. Change the word "Timer Filter" to "Time Filter".

    5. Add the ability to filter on a date range. Add this button next to the "Time Filter" and call it "Date Range".

    6. Ensure export to xls downloads all entries. Seems to stop at 100 records or less.


    7. Add the ability to break the logs up on pages if…

    32 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. Sophos XG 330 - MIBs needs OIDS

    Hi, Can SNMP OIDS be added for below please?


    • Internet connection status - status of gateways

    • Status of ports

    • Status of ipsec tunnels

    thanks

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable Release Link in Quarantine digest email

    Enable Release Link in Quarantine digest email for XG 18, like UTM, instead to message: "You can release quarantined emails only from user portal. To release them, sign in to user portal."
    Or remove the link.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Downloading the Sophos Connect Client from User Portal

    There should be the posibility to download the Connect Client from the User Portal and not only from Webadmin

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 81 82
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.