We have Migrated our Firewall from 18.0.3 MR3 to 18.0.4 MR4 from then Detailed report of Date wise VPN Usage is not coming from Fireawall
We need date wise report with data like
- Who accessed VPN (User name)
- From Which Public IP and with VPN IP (Source)
- Which Server it accessed (Destination)
- Which Service Used (Protocol)
- If data transferred , how much data transferred (data size & File Transfer details)
- When Session Authenticated & when Started (Start time)
- When Session Terminated (End time)
- Success and failure incidents count its details (Audit Logs)
Please help as early as possible14 votes
IPS Alerts in the email just have Hostname, Interface, Timestamp, Alert ID alone
Each time we need to open firewall to check the alert to check more info - so please add,
Source IP : ip and hostname
Destination : ip and hostname
From zone to To zone :
Firewall Rule ID :
so Cybersecurity made simple. :)1 vote
In the sophos XG310 we have configured port 11(LAN Zone) & port 12 (WAN Zone) as a member bridge interface.
We run iftop in advance shell to monitor sample traffic from the src VLAN with subnet x.x.x.x/x that we can see bandwidth usage in interval 2s, 4s & 10s as reference from
Can we sent the result of "iftop" traffic monitor to NMS like as prtg, zabbix, OpManagers or etc via snmp ?
Would like an option to export all data in a report for a large date range to PDF, instead of only exporting the records seen on screen.3 votes
I would like to see the XG VPN report yield a detailed view of each successful connection and the duration of said connection (similar to the UTM's remote access logs). We currently get a detailed view of failed attempts, but an aggregate of the successes per user.
This is required for compliance purposes.10 votes
please I was using in my network Fortigate firewall and there is a feature called device inventory to discover all computers. and now we change the firewall to sophos and i configured all but i want to add all computers and deploy policies on them but it's too much, so I need to know how to discover all computer on the networks from Sophos xg1 vote
We would you to improve sophos xg for support usage monitoring every traffic shaping rules and provide the reporting tools also.
Because now sophos xg can limit bandwidth for users but for monitoring just provide from linux base its not informationable for common user, we need to monitoring in detail usage per vlan based/subnets, from system graph just inform for all traffic accumulation.
we hope sophos can improve that i trust its can be usefull tools.
Email notification for any failed HA synchronization2 votes
Please differentiate the site to site tunnel alerts from Sophos Connect tunnel alerts. The way it works now is that the same alerts (17801 Established and 17802 Terminated) are generated for site to site IPsec tunnels and Sophos Connect tunnels. I don't need to be notified when a Sophos Connect tunnel goes up/down, but I do need an alert for site to site up/down. The frequency of the Sophos Connect alerts makes it impossible to notice when a more important site to site tunnel goes up or down.20 votes
I would like to have a feature in XG when there is a successful admin login and if any changes done in XG on admin login.3 votes
When Data Anonymization is enabled, one would think that it was possible to see when and who has initiated an de-anonymization of anonymized data, however this seems to be missing. We need this for compliance, it is simply not enough to anonymize the data.
The only logs related to this is authorization events in the form of logins, but these events does not reflect an de-anonymization event.4 votes
Want to get the following details for VPN users.
- User create date
- User last modified date
- User last connection date
- User last date of password change
This information via API would assist with internal compliance audit and auto disable of accounts not in use as well as automated emails to change passwords.5 votes
Currently is not possible cCreation of log / Record specific for a singol user and save the it like a template. Is it possible implement this feature?
The new Sophos XG V18 SNMP MIB's do not have an option to query Overall/Total CPU Usage as a singular value.
While I appreciate Sophos in V18 offer querying using the HOST-RESOURCES-MIB library, from what I can tell this only provides per-core utilization.
I would like to suggest adding a Sophos OID (Similar to V17) that provides overall CPU Usage reported as a singular value so that we can configure SNMP alert monitoring based on both Per-Core and Overall CPU Usage.7 votes
In our Head office we are using XG 550 Firewall and we are connected 20 location in that Firewall with VPN we are request to get the reports of all location utilization report (Example Traffic external WAN1 vote
currently not able to check user wise web and application report like who is using tor proxy or any other web or application.
example i have downloaded movie from any web but there is no option to find which user have access which application.2 votes
I am in the process of trying to convince the manager that the Sophos XG is not causing any delay in Video Voice communication. To do this I would need to bit of information. The size of the QoS queue so I can show the voice queue remains low. The time it takes to process traffic through the Sophos XG, or time to process traffic through each QoS Queue.
So it would be great to have a feature that monitor, reports on processing time of packets through the Sophos XG and Size of QoS queues.
Ability to view the Last recorded location of the device2 votes
When the option "Use web authentication for unknown users" is selected in the Firewall Rules, the Policy Tester shows the result as "Allowed" even for unauthenticated users. I suggest it should display as Blocked for unauthenticated users.3 votes
it is amazing, if any Firewall Rule deleted then sophos do not make logs. it is a basic report which every admin wants.7 votes
- Don't see your idea?