XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. User-List

    It will better, if Web-UI is included withe options like, list of total number of users, Number of users in each group, list of users who never logged in since a given time (which will help in deactivating the un-used users ids.)
    -Using XG 750 firewall (with HA)

    82 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      21 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    • Improvement on Authentication-agent/Captive-portal/VPN-Agent window

      > Authentication-agent/Captive-portal/VPN-Agent window must inform user through Authentication-agent/Captive-portal/VPN-Agent about uploaded/downloaded data during authenticated session.

      > Authentication-agent/Captive-portal/VPN-Agent window must show info like Username, IP, MAC-ID, Email ID(optional), Uploaded data, Downloaded data, route table of local machine, Status of DNS server IP addresses used, local machine OS info, local machine hostname info, ping tool, trace route tool. This will simply troubleshooting for support agents and also reduce load on Firewall as remote agent is gathering info. If these info is forwarded to FW through secure channel then it would be great help for any network engineer.

      24 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        8 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
      • XG devices absolutely need auto power ON

        The XG devices lack auto power on in the event of a power outage. This is a must have for remote sites. Especially for a device that controls internet access

        36 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
        • Report of traffic for each WAN interface.

          Create a report containing sites and applications accessed by a specific interface (Port) and not just for WAN zone. Summary e Detail.

          will greatly facilitate troubleshooting.

          Thank You!

          76 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
          • IPSec over LAN zone interface

            With SG you can configure IPSec site to site using LAN interfaces but with XG you only can configure IPSec site to site over a WAN zone interface. Please allow to do it also over LAN zone interfaces. Thanks

            14 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
            • Notified abount Access Point UP / Down

              it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.

              15 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Configless SSL Client

                I would like to see a SSl VPN client that does not require reinstalling the application after every config change. The SSL VPN client config should be updating when it connects after a modification is made.

                22 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
                • 92 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    14 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • IPS Real time alerts

                    The firewalls must: Notify the administrator in real time of any items requiring immediate attention. -[Requirement of PCI CP)

                    15 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                    • Customisable iView Report PDF

                      The iView is a very good analyzing tool but it's missing a key feature: Customisable Report Sheets. The Reports are wa too big, there is too much blank space and it would be nice to change the logo. Just give us a way to edit the html/xml/php code.

                      15 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                      • SD-WAN

                        SD-WAN

                        143 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                        • AD integration - Substantial Improvements desired/required

                          XG Integration with Windows AD is extremely weak.
                          1. XG needs to support users being a member of multiple Groups

                          2. XG needs to add users to multiple Groups during AD Sync/import. Currently it (a bit weirdly) choose the alphabetically first Group in those being imported to add the user to.

                          3. XG needs to have an ability to refresh the group membership, where appropriate taking
                          users OUT of groups if they are no longer present.

                          4, XG needs a means of automatically (scheduled?) re-syncing the AD Users/Security Groups/Group membership; I think the Sophos Central integration is pretty much what…

                          86 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                          • DNat Rules By Schedule

                            You should enable the option to add a schedule to a rule DNAT

                            21 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                            • Scheduling Reboot Option

                              If Scheduling Reboot Option in UTM Firewall that will be good option I guess.

                              30 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                              • create firewall rule from logviewer

                                When traffic in Logviewer is displayed, it would be nice to open a new firewall dialog prefilled with the information from the logentry.
                                With a dropdown Box for already created objects for the selected ip or the possibility to create a new ip object.

                                11 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                • SSL VPN user configurations

                                  Add ability for an Administrator to view and download SSL VPN configurations of users. Additionally make windows configurations available as .ovpn files as well as the 'executable'

                                  23 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    5 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Zero Firewall Rule Traffic Counter

                                    Very simple, have an option to zero the traffic counter on a firewall rule.

                                    37 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      3 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                    • VPN SSL Duration

                                      It would be interesting to have a report that shows the duration of each session and also the total.

                                      This report is available on the UTM.

                                      Kindly Regards

                                      9 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Force Sync AD Server

                                        https://community.sophos.com/products/xg-firewall/f/sophos-xg-firewall-general-discussion/97083/how-to-force-an-ad-sync

                                        I have an AD connector located under Configure - Authentication - Servers and that is reading in a few groups from AD and a bunch of users.

                                        If I remove a user from one of the groups in AD and add them to another group in AD, the change doesn't seem to reflect reliably in the Sophos.

                                        8 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Implement Soft Greylisting

                                          The bigger mail providers are sending the mails from its customers with different mail servers which are having different IP addresses to balance the load. But this is very difficult for a greylisting mechanism which is programed very strict. As a result some mails are coming through late or senders which are on the whitelist are blocked.

                                          There is a mechanism around which is called "Soft Greylisting". For example: The last byte inside of an IPv4 address is not getting analyzed in the assumption that the mail server are normally together in a subnet.

                                          I would like to get "Soft…

                                          21 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 82 83
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.