XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Hotspot "terms of service" customization

    I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.

    My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.

    When the user accepts, they are granted Internet Access. 
The user…

    87 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. DHCP: Allow static lease of addresses within the dynamic pool

    Currently it is not possible in the Sophos XG to store static DHCP leases in the internal DHCP server where the IP addresses are located within the configured DHCP pool. This is with other manufacturers such. B. AVM (Fritz! Box) without problems possible. Thus here is the DHCP for large customers currently partly to use. When will this be a solution.

    Aktuell ist es in der Sophos XG nicht möglich Statische DHCP Leases im internen DHCP Server zu hinterlegen, bei denen die IP Adressen sich innerhalb des konfigurierten DHCP Pool befinden. Dies ist bei anderen Herstellern wie z. B. AVM…

    115 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Sophos connect client allowed users

    The Sophos connect client permit list should be able to add users by active directory security group. We are a firm spread across 9 offices and the STAS works great on 17.5 MR9 to load the users to all firewalls but the process of adding all users into the connect client is really laborious especially when there is high turnover.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. Let's Encrypt integration like the SG already has.

    Please integrate Let's Encrypt. I remember an anouncement at one of the first XG Roadshows that new features will be provided for xg and later maybe for sg. But SG gets Let's Encrypt first and un XG we waiting for it since years....

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. multiple WAN interface option in Ipsec client vpn settings

    Need the Option to add multiple WAN interfaces in Sophos Connect client settings.
    if there is 2 WAN connection and 1 connection is down then the remote client don't have any option to connect to VPN through 2nd available ISP. if this option is available then the user will have 2 profiles in their Sophos connect client.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. Web Server Protection should support multiple group membership

    Recently we have create a new ticket with Sophos support (#9307623) and they confirm that 'at a time a user would be part of one group'. It leads us to the hard way when having 2 websites which are needed to be authenticated with 2 domain groups, and from them, we have multipla users who are belonged to these 2 groups as well. Therefore, we can not separate to authencate these ones properly.

    I suggest Sophos should improve this feature to make customers easy to configure many authenticated websites appropriately.

    Thanks.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Make a way to add to Sophos Connect "Allowed user" list without booting all currently connected Sophos Connect users.

    The title pretty much spells it out here. It's very disappointing that you can't add a VPN user without disrupting all your current VPN users...

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos XG 330 - MIBs needs OIDS

    Hi, Can SNMP OIDS be added for below please?


    • Internet connection status - status of gateways

    • Status of ports

    • Status of ipsec tunnels

    thanks

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  9. Major XG Log Improvements

    The log would benefit from the following changes.


    1. When scrolling thru the log the column headers are not sticky.

    2. The ability to sort each column with ascending or descending.

    3. The ability to filter events using a time range and place under the "Timer Filter".

    4. Change the word "Timer Filter" to "Time Filter".

    5. Add the ability to filter on a date range. Add this button next to the "Time Filter" and call it "Date Range".

    6. Ensure export to xls downloads all entries. Seems to stop at 100 records or less.


    7. Add the ability to break the logs up on pages if…

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add testbutton for SMTP notifications

    Please add a 'test' button on the Adminstration > Notification settings page. Also show a decent error when the test e-mail could not be sent.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  11. Include trusted Certificate on sophos

    I have a huge problem with doing HTTPS Decryption and Scaning.
    Because in my enviroment haven't AD to push self-signed certificate.
    So I want to add CA Author Signed certificate, But unfortunatley any of CA Authority not providing root certificate. Therefore I have new suggestion , Pls add sophos own CA Signed root certificate to sophos firewall. It will be helpful all of sophos users to enable HTTPS Decryption and Scaning without installing certificate manually. Because browser will trust certificate automatically. I still waiting for solution for this.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Sophos XG Home Hardware limits

    Considering the high internet connections already available to home users I think it would be important to at least increase the CPU's limit.
    Currently is 4 threads, whichs is a problem because in most home installations the firewall is virtualized and this means that you can only use 2 cores (4 threads).
    I think a limit of 8 threads would be fine. Right now the firewall with the IPS enable can hardly go above 300Mbps and I have 2 cores and 4 threads at 3.8 Mhz Zen2.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  13. DNAT XG18 missing basic features

    With a new server access assistant (DNAT) in SFOS 18.0.0 GA-Build339:
    1) You cannot select different original and translated port in a wizard
    2) You cannot create service inside the wizard
    3) You cannot create external source inside the wizard}
    4) The firewall rule shows allowed access to WAN interface instead of a local IP, which is misleading
    5) Wizard is automatically created reflexive rule effective destroying original, desired SNAT for the server.

    Instead of the 1 original rule in 17.5 you have 3-4 different rules on 2 screens (1 fw and 2-3 NAT rules)... not cool at all!

    Obviously…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Downloading the Sophos Connect Client from User Portal

    There should be the posibility to download the Connect Client from the User Portal and not only from Webadmin

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. AD Password Change using user portal

    I'm using AD as authentication service in my sophos xg.
    But users can't change password using user portal.
    So pls enable that option for the AD.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Power supply: SNMP and Web UI monitoring

    Request for the SNMP polling /trap for power supply.

    Request can using command /web ui to read power supply status

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  17. Monitor firewall rule realtime bandwidth monitoring

    HI,
    It would be great if we can have live bandwidth monitoring for firewall rules for troubleshooting and performance.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. office 365

    Integrate Microsoft AzureAD for user identification for user based XG firewall web policies and reporting. I saw the request for Azure Directory Services which is not free. AzureAD is free with every Office365 tenant. Sophos Central has AzureAD sync, expand this to XG Firewalls as another Server or Directory as a Service model. Seams like this bridge is already half built.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  19. Update SSL VPN Client for Parity with Latest OpenVPN Features

    Sophos XG pushes a number of options in SSL VPN which are undesirable in some deployments. I have already voted on an idea to expose more server side customisation.

    Likewise, the latest OpenVPN client has a number of new features and improvements not reflected in the version source version Sophos is using.

    Specifically, the pull-filter option available in OpenVPN 2.4 is a feature we really need for several customer deployments, it offers significantly more ease of use and flexibility than the route-nopull / route-noexec currently supported by Sophos SSL VPN client.

    https://community.openvpn.net/openvpn/wiki/IgnoreRedirectGateway

    Support advised to try using the OpenVPN client…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. Option to assign each user for SSL VPN remote for specific WAN interface

    Hello Team,

    We have customer here requesting to have on XG firewall an option to assign each user for SSL VPN remote for specific WAN interface if XG has multiple ISP

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 74 75
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.