XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Use UPN instead of samaccountname for Active Directory authentication

    Synchronized User ID should use or allow for the use of User Principal Name (UPN) instead of sAMAccountName. sAMAccountName is a legacy attribute that hasn't been used since Windows NT. With the implementation of Office 365 our organization was forced to add a UPN suffix in order to federate our identities and most applications now support that and use UPN for login ID. STAS is not a viable alternative as the limitations are well known (logging in with cached credentials, changing network connection type, etc).

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  2. alert bandwidth

    Alert or notification should be sent to administrator when bandwidth usage reaches 80 %

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Heatbeat for MacOS

    Hi, synchronised groups from AD will not show uses with MacOS in logs, only Windows users both with Endpoint protection installed. Can we have the same functionality for Macos.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Improve Granularity of Central Firewall Interaction

    At the moment when when registering an XG firewall to Sophos central the only option is to enable central management or not.

    If central management is not enabled then we get a limited selection of alerts in central for the firewall, i.e. lost comms between XG and central.

    Typically in our deployments we do not want the firewall to be manageable via cloud service through central, particularly in higher security networks we permit local management only over our internal WAN or VPN links.

    Some level of granularity in between nothing or everything would be fantastic.

    For example a completely read-only…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  5. I would like Sophos Home Premium to support "Synchronized Security".

    I would like Sophos Home Premium to support "SOPHOS XG Synchronized Security".

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Heartbeat Client Monitoring Regardless of Location

    Regardless of clients PC network, there still need to be a mechanism that allows heartbeat monitoring. Only having a feature that is network dependent defeats a centralized management system. With multiple remote clients and offices not having the ability to monitor these stations because they are not on the same network as the firewall is very limiting and not practical.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Heartbeat support for Mac/Linux over SSLVPN

    Mac and Linux client are currently not able to send there heartbeat over the SSL client VPN.
    How can we ever build a secure network for everyone?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Manage XG firewall under Central Enterprise Dashboard

    Currently, Firewall management is not supported when central account belongs to enterprise dashboard admin due to different domain state. Looking forward to this feature will be supported at road map.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  9. not to detect Synchronized Application Control based on path

    Currently, Synchronzed Security detects application based on installation path of an application. It could easily cause problem, as the same abc.exe in C:\ and D:\ on different computer is detected as two different application, which results in huge workload of firewall administrator.
    Please change the mechanism how Synchronzed Security detects an application, for example hash value of abc.exe.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow SFM or CFM to have a central repository of Applications for synchronized application control

    Synchronized application control is an amazing feature; needing to manually categorize applications separately on every firewall isn't. Being able to have a central location for all of them would be great, as you'd be able to have your known bad/good applications available right out of the gate.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Heartbeat Endpoint Listing Dashboard when all endpoints are Green

    When viewing the Heartbeat dashboard, if all endpoints are green status, you can't view them. If some are yellow or red, they show up by default and you can add the green ones by clicking on the correct checkbox. But if all are green, there is no such checkbox, and no endpoint list presented. Would like to see that enabled.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Email Alert for Heartbeat status + Customize the heartbeat block page

    It would be good to have an email alert when any endpoint goes to critical "red" mode so that we know the reason for internet not working.

    Also if we can customize the heartbeat block page it would be good.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow heartbeats from more than one Central account

    Synchronized Security is a really cool idea, but the current implementation really limits what can be done; and in many cases prevents deployment of Synchronized Security.
    A couple of changes could greatly expand usage:

    1. Support/recognize heartbeats from more than one Sophos Central account.
    As a Sophos partner, I run Sophos Endpoint on my laptop that I use at Sophos client sites.
    If I deploy FW rules that use heartbeats, I effectively lock myself out.
    Just because you have a heartbeat does not mean you have a heartbeat that the XG FW will acknowledge/accept.
    Sophos XG clients would greatly benefit…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Use synchronized security to deploy firewall cert to endpoint for SSL scanning

    having the endpoint be able to deploy the firewalls CA/Cert to perform the SSL scanning would be a huge asset to assist deployment and improved security in non AD environment especially

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Make this work for on premise!

    Make Hearbeat work for on premise installations with a local SFM and Endpoint. The traditional customers wont't update to cloud if Sophos FORCE them.

    The customer must have a choice - do I want it in the cloud or in my own datacenter.
    We're loosing them.....

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable features for home version

    Hi,

    I would like to ask for the HA function in sophos xg home lots of people run it in homelab and like to experiment with it.
    Also 1 or 2 endpoint licenses to use heartbeat function
    Last a sandstorm option maybe limited in a way.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Syncronized Security without Sophos Cloud on own hardware

    Possibiltiy to make a own environment for the Syncronized Security on our own hardware, to use it without Sophos Cloud like a management-server for communicating XG with Endpoint.
    Thanks.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Policy Routing based on Web Categories and/or Applications

    it could be very nice to have the ability to make the routing decision based on the Web Category (Applications too) within the web policy (or apps filter) for exemple, so we can use the main Wan or Gw for business related and productive categories and Apps and all the rest goes through the secondary Wan connexion usually used for backup for exemple. and it can be blocked if primary wan or gw is down so the backup wan or gw gets used for the business traffic.

    69 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Can XG firewall user authentication be added to Sophos enpoint client?

    Sophos endpoint client already has users information. Why not have that info shared directly so authentication does not need multiple configuration points.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Using Sophos Home for Home licence

    The Security Hartbeat uses the commercial version of Sophos cloud services.
    For home licence users it would be nice to have the Sophos home cloud instead of to exchange the Sophos endpoint protection of UTM).

    74 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.