XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add support to ciper suit in Cyberoam OS

    Add a support to ciper suit TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 -

    {0xC0,0x2F} in Cyberoam OS

    89 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    It would be very convenient to assign permissions to Active Directory (AD) groups so that a user can simultaneously belong to several groups (eg, Shopping, Social_Sales, Travel, etc.). Currently only one AD group can belong.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Block/allow YouTube categories

    YouTube uses categories for the videos and it would be quite valuable to block/allow based on those.

    Sample categories for the US:

    1 - Film & Animation
    2 - Autos & Vehicles
    10 - Music
    15 - Pets & Animals
    17 - Sports
    19 - Travel & Events
    20 - Gaming
    21 - Videoblogging
    22 - People & Blogs
    25 - News & Politics
    26 - Howto & Style
    27 - Education
    28 - Science & Technology
    29 - Nonprofits & Activism
    30 - Movies
    33 - Classics
    34 - Comedy
    35 - Documentary
    36 - Drama
    39 - Horror …

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. happy eyeballs for Web protection

    As of right now, the Sophos XGs web Protection feature does not implement happy eyeballs which renders it unusable for IPv6 Endpoints - the only way to "fix" this is to simply force all http(s) traffic to use ipv4 instead.

    It would be nice to see real dual stack support by implementing Happy Eyeballs.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. WEB CONTENT Filter ALERTS IN REAL TIME

    It would be great if we can get real time alerts (Emails and reports) on the users that have triggered a Web content filter rule within XG when browsing web sites.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add Https decrypt and scan cert onto mobile devices along with either Sophos Control or another app.

    I again noticed last night, the issue of getting Cert's onto Client devices in order for HTTPs decrypt and scan to work. Its fine for us IT people or Techies but for end users its always a headache (well in my case it has) So I wondered if it would be possible for Cert installation to be added as a feature of either Sophos Mobile control or another App that can be downloaded via the XG user portal or even just a link on the user portal (we already have the Client Auth cert on the user portal for IOS/Android…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Enable Google Safe Search without the need of installing a certificate on each client device

    Enable safe search for HTTPS connection without installing a certificate on a client device. It is impossible for a school using Bring Your Own Device to force a certificate installation to enable Safe Search. Such settings have to be performed on Cyberoam only. If a student or staff member decides to bring another device without warning, Safe Search would not be enabled unless the certificate is installed manually. Such an option is not feasible.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Office 365 corporate domain

    Dear Team,

    As you updated in 17.5 MR3 for Google app restriction in which customer can allow thier custom domain, can we expect the same platform for Office365 apps. As of now there is no workaround to restrict personal domain login on office 365 except corporate domain.

    We hoping the same in you future firmware release.

    Regards,
    Aasif

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. 6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. executable files

    we need Sophos to add more executable files extensions MIME headers in the predefined file type that comes with Sophos.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Web warn page timeout

    I would like to be able to define the amount of time the device is given after proceeding through a web policy warn page. The hard coded value is 30 minutes but that is not long enough for some tasks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Pharming Protection

    Pharming Protection.
    That this option can be configured by user profiles. and activate it for a user or group of users and deactivate it for another group

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. when my friend migrate from cyber roam to sophos have feature in web tab "internet Schema"

    when my friend migrate from cyperroam to sophos having feature internet schema in web tab thats link firewall rule to its web and application filter to every group

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. TLD allow

    Can we allow or make the rule in the firewall ware we can allow all the government site like .org or .NIC for our entire network.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Bypass Blocked Executable Download with Credentials

    I love that the system can block users from downloading executable files. But this same feature hampers the IT department in their work, actually creates more work because for every software title/vendor that we must download, we have to create an exception for their sites, and that can add up over time.

    I would love to see something on the block page provide the opportunity for an IT/firewall admin to enter credentials in order to continue through the block screen in order to download that executable. I may not always want a global exception, just the ability to the IT…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web Category upload /download controls

    I have a "Blocked URLs" Category on 5 firewalls, and I need to update all 5 firewalls whenever I need to block a new **** / torrent / gambling URL.
    Please provide a central method to update a user created Category. The update method should also allow deletion of URLs.

    The current "upload from text file" method is pretty smart, it appends only the URLs that are different than what is already in the Category so as to avoid duplications. But the upload method does NOT allow deletions.

    Consider allowing deletions by removing URLs that are in the Category but…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Adding web category on XG to integrate external URL database in set up of an on-prem web server t

    Hello Team,

    We have customer here requesting to have option when adding web category on XG to integrate external URL database in set up of an on-prem web server that will purely be used to input the list of web servers. For your assistance please. Thank You.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow only specific file types.

    There is no easy way to block all File Types and allow only specific.

    The only way to achieve requirement is to create Block list Manually using Default Templates and removing those File Types/MIME which needs to be allowed. Instead of Blocking Default File Type category, needs to select the custom categories to Block File types.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. In log viewer of web Protection we can easily allow site by clicking right allow this site it will automatically go into FQDN site

    Hello Support Team,

    In log viewer of web Protection we can easily allow site by clicking right allow this site it will automatically go into FQDN site.

    It will easy to handle the site allow issue.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. You tube Safe search exclusion

    Create an exclusion list for the safe search you tube videos so that it does not have to be an all or nothing approach.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.