XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add support to ciper suit in Cyberoam OS

    Add a support to ciper suit TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 -

    {0xC0,0x2F} in Cyberoam OS

    88 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. System Traffic via Upstream Proxy

    we need the feauture that we can tunnel the System-traffic like Pattern Updates , U2Date etc. through the upstream proxy.

    Unfortunately, this is currently not possible

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Monitor firewall rule realtime bandwidth monitoring

    HI,
    It would be great if we can have live bandwidth monitoring for firewall rules for troubleshooting and performance.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  4. SSL VPN report

    I would like to have a report for the use of ssl vpn with duration and time.

    44 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improve high availability logging

    At the moment it is not possible to see if the the initial syncing proces is finished and the auxiliary device is ready the become the master. Please give us a log where this is visible.

    Most needed when testing the HA function on-site. We restart node 1 und see if node 2 takes over. After that, node 1 comes back on and we need to see when we can restart node 2.

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. office 365 mail Notification

    Why does not 17.5 is not supporting the office 365 mail notification. Need to allow the feature in the XG firewall,.

    45 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    15 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Recategorize a site

    I need to recategorize a site, similar used in Sophos UTM. Today I can only create a whitelist.
    Is there any possibility of doing this in the XG Firewall?

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos Connect - Add groups to "allowed users"

    In the current implementation we are unable to select groups in the "Allowed users" field. Selecting groups would vastly improve time spent rolling Sophos Connect out for our pilot users.

    I bet a lot of other customers also use LDAP against their domain to fetch users from there. Having to maintain pilot users two places makes this a headache.

    Thanks

    48 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. VPN Logs from Log Viewer and Not CLI Only

    We should be able to get this right in the log viewer and not have to go through this. The UTM had this and we need to get the feature parity up to speed. This seems so basic to me. See below for Sophos instruction to pull logs via CLI, this isn't cool.

    https://community.sophos.com/kb/en-us/123310

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add Fortnite to Application Control

    Can you add Fortnite to Application Control (for school, office, ...)

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. speedtest

    Other manufacturers like meraki offer a speed test on the WAN bandwidth and available throughput.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    It would be very convenient to assign permissions to Active Directory (AD) groups so that a user can simultaneously belong to several groups (eg, Shopping, Social_Sales, Travel, etc.). Currently only one AD group can belong.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Use UPN instead of samaccountname for Active Directory authentication

    Synchronized User ID should use or allow for the use of User Principal Name (UPN) instead of sAMAccountName. sAMAccountName is a legacy attribute that hasn't been used since Windows NT. With the implementation of Office 365 our organization was forced to add a UPN suffix in order to federate our identities and most applications now support that and use UPN for login ID. STAS is not a viable alternative as the limitations are well known (logging in with cached credentials, changing network connection type, etc).

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Deploy in the Sophos firewall to show in which rules an object is linked

    Deploy in the Sophos firewall to show in which rules an object is linked (host and services). This is very useful when I want to delete the object.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. SFM - Overwrite whole configuration with template

    I'd like to have the possibility to overwrite the whole configuration of a firewall with the content of an SFM template. Currently when applying a template from SFM the firewall rules merge with the ones configured locally.
    I´d like to have the possibility of replacing, instead of merging and have full control of the firewall from SFM, like others vendors have from their management server.
    This is to avoid human errors by a local administrators. For example someone can log locally on the firewall and configure an any any permit, then you apply your template and that any any remains. …

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Consistent and "advanced" table rendering throughout the product/UI

    This is for ALL Tables in the XG Gui and Portal.

    The Idea is having a consistent and advanced table rendering framework throughout the product/UI

    This is really annoying ... and almost any other web GUI based system has this "function" or framework.

    But the Voucher Table being the worst!

    So let's take the Voucher Table: (but applies/must apply to ALL UI places where tables are shown)

    - You can only sort by "Code" ?? ... no other Fields (>>ALL<< Fields should be sortable, searchable and filterable)! Always and in every table.
    - have an option to export to CSV …

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. block email by keywords in subject and/or body

    Sophos XG firewall doesn't have a lot manual features to play with in the email classification department.
    One that is very important and is missing is the classification by keyword in subject and/or body of an email along with the possibility to change the the value of the classification that certain keywords have to stop an email.
    We need more flexibility in this department, we need a much more fine control of what we let in and what we don't want, and right now Sophos XG firewall won't give that fine control that i thought it would give.
    I hope…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to use FIDO 2 and U2F Tokens to log in into Sophos XG management website and user accounts

    Using FIDO 2 Tokens for logging passwordless in into the Sophos XG Firewall as an Administrator or User would make it more comfortable and secure to log in.
    Using it as a 2FA using the U2F standard would make the login much more secure.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. WAN Failover Options and Ranges

    WAN Failover needs at least to have ranges
    Example: Ping between 0 and 100 consider WAN up

    Packet Loss would even be better
    Example: Packet loss higher than 10% consider WAN down

    The other vendors have these options, WAN Failover is pretty useless when a line can have a 2000 ping and 75% packet loss and still be considered up... These are the most common problems with the biggest carriers in the US such as comcast...

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Quarantine mail contains only reason "File-Extension" but not which extension exactly

    We have configured the system to quarantine emails with certain extensions.
    However, the recipient then only sees the quarantine reason "File Extension" in the notification. It is urgently desired that he also sees directly which file extension it is. The admin only sees this in the mail manager.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 105 106
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.