XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add support to ciper suit in Cyberoam OS

    Add a support to ciper suit TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 -

    {0xC0,0x2F} in Cyberoam OS

    87 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    22 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    ALLOW A USER TO BELONG TO MORE THAN ONE AD GROUP

    It would be very convenient to assign permissions to Active Directory (AD) groups so that a user can simultaneously belong to several groups (eg, Shopping, Social_Sales, Travel, etc.). Currently only one AD group can belong.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Block/allow YouTube categories

    YouTube uses categories for the videos and it would be quite valuable to block/allow based on those.

    Sample categories for the US:

    1 - Film & Animation
    2 - Autos & Vehicles
    10 - Music
    15 - Pets & Animals
    17 - Sports
    19 - Travel & Events
    20 - Gaming
    21 - Videoblogging
    22 - People & Blogs
    25 - News & Politics
    26 - Howto & Style
    27 - Education
    28 - Science & Technology
    29 - Nonprofits & Activism
    30 - Movies
    33 - Classics
    34 - Comedy
    35 - Documentary
    36 - Drama
    39 - Horror …

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable Google Safe Search without the need of installing a certificate on each client device

    Enable safe search for HTTPS connection without installing a certificate on a client device. It is impossible for a school using Bring Your Own Device to force a certificate installation to enable Safe Search. Such settings have to be performed on Cyberoam only. If a student or staff member decides to bring another device without warning, Safe Search would not be enabled unless the certificate is installed manually. Such an option is not feasible.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Office 365 corporate domain

    Dear Team,

    As you updated in 17.5 MR3 for Google app restriction in which customer can allow thier custom domain, can we expect the same platform for Office365 apps. As of now there is no workaround to restrict personal domain login on office 365 except corporate domain.

    We hoping the same in you future firmware release.

    Regards,
    Aasif

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Bypass Blocked Executable Download with Credentials

    I love that the system can block users from downloading executable files. But this same feature hampers the IT department in their work, actually creates more work because for every software title/vendor that we must download, we have to create an exception for their sites, and that can add up over time.

    I would love to see something on the block page provide the opportunity for an IT/firewall admin to enter credentials in order to continue through the block screen in order to download that executable. I may not always want a global exception, just the ability to the IT…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. 4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow only specific file types.

    There is no easy way to block all File Types and allow only specific.

    The only way to achieve requirement is to create Block list Manually using Default Templates and removing those File Types/MIME which needs to be allowed. Instead of Blocking Default File Type category, needs to select the custom categories to Block File types.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Pharming Protection

    Pharming Protection.
    That this option can be configured by user profiles. and activate it for a user or group of users and deactivate it for another group

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. You tube Safe search exclusion

    Create an exclusion list for the safe search you tube videos so that it does not have to be an all or nothing approach.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow Sandstorm to show every request to help debugging

    Sometimes I find Web sites that appear to be unresponsive unless I add an exception to the XG to skip Sandstorm scanning for them (or create a clone rule that has "Scan for zero-day threats with Sandstorm" disabled.) I spent over three hours with Sophos tech support trying to figure out why this was happening because nothing was showing in the sandboxd log, and it couldn't be set to debug log level to confirm if this is a bug or if Sandstorm is working as designed.

    So please add a debug log level option to sandboxd and allow it to…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Internet Surfing Quota Notification for Users

    If a user finished his internet surfing quota Warn / notify the user with a redirected message that your daily internet surfing quota has been finished.In old web filtering technology have the same function and sophos should include this also to reduce the risk of administrator.Requesting to sophos to fix this issue in next patch update and it is not available in the version XG210 (SFOS 17.5.4 MR-4-1).

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Adding AI to Sophos Firewall

    The Feature of machine learning/Artificial Intelligence ==> Detecting any blacklisted IP and automatically making a firewall rule for the IP with the action drop/reject

    this will take off the engineer load and protect the enviroment.

    It will an advantage for your appliacne and will become more recommeded.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. whitelist exception for office 365 by default

    We've found that XG v17 and even some v16.5+ firmware breaks office365 activations, updates and downloads by Sophos' IPS/content filtering. The only way to get it to work is to go through the VERY long list to whitelist all the URL's to make it work. Office365 is a fairly widely used product for installations. Wouldn't it make sense to put in the exception's list (even if not enabled by default) in order to not have to do this for every firewall out there? Either that or fix the IPS/content filtering so that it stops tripping up on O365 updates and…

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enhancements to Web Policy Overrides

    The "Web Policy override" is a welcome addition to Sophos XG, however I believe that there needs to be more options to enable admins to effectively control when these overrides are active and how they are implemented.

    I think Admins should be able to remove the "Allowed website categories" option so staff can only enable specific domains.

    Instead of the "Restricted to time periods" option i would prefer it if we could allow staff to select a start date and time, and pick from an admin controlled list of durations for the override (e.g. staff could set an override to…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Request to synchronize Endpoint web control web category to XG web filtering category

    Hello Team,

    We have a customer here requesting to synchronize or a make it similar the Endpoint web control web category to XG web filtering category for them to easily manage the web filtering policy on these two Sophos products.

    For your assistance please. Thank You.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. In log viewer of web Protection we can easily allow site by clicking right allow this site it will automatically go into FQDN site

    Hello Support Team,

    In log viewer of web Protection we can easily allow site by clicking right allow this site it will automatically go into FQDN site.

    It will easy to handle the site allow issue.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. want to apply different web & app policy for each user will have to play with firewall rules only as direct policy on user is not possible

    want to apply different web & app policy for each user
    will have to play with firewall rules only as direct policy on a user is not possible unfortunately on XG

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. restrict file upload by extension type

    XG Firewall should have an option for restricting file upload by extension type.
    this would really help in protecting the confidential data

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. AD SSO Auth By Join Appliance to AD

    It will Be Helpful to back to old method Auth. between AD and SFOS like UTM that will be decrees the most of the STAS problems.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.