XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Hotspot "terms of service" customization

    I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.

    My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.

    When the user accepts, they are granted Internet Access. 
The user…

    87 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Option to restart AP under XG Web Admin

    We have request here from customer, asking to have option to restart AP under XG Web Admin interface. For your assistance please. Thank You.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Rolling firmware updates for WAPs

    Would be extremely beneficial to be able to roll out firmware updates for wireless APs in a staged manner - i.e. update one at a time instead of all together, so that there's no (or minimal) interruption to service.

    At the moment, I can't update access points during the day, because it will disconnect WiFi for all users. If we could do them one at a time, it would become possible.

    UniFi has this feature (they call it a "rolling update") and it's really nice. Updates each AP in turn, and doesn't start the next one until the last is…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Improved AP management

    I'd like to see a few improvements to management and monitoring of APs being controlled by an XG appliance:


    • Display other competing networks and channels strength for channel selection

    • Show access point utilization and establish thresholds for utilization trends

    • Integrate floor plans to position APs visually.

    • Couple the former with perhaps a mobile app to identify potential deadzones/heat mapping

    Use case currently is that I've been getting reports from one of my sites that wifi has been having intermittent issues, and the data needed to remedy it effectively is much more difficult to obtain than it needs to be

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. password of the day

    Possibility to use encrypted(WPA2 Personal) Hotspot with Password of the day, with only enter the Password in WLAN Connection. Actually you have to enter the Password to connect to the WLAN, and then you have to enter it again at the Login homepage.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. WLAN Automatic Blacklisting after x attempts

    Aruba’s Wireless APs have the possibility to block macs after a x attempts with wrong creds (psk or enterprise un/pw)

    This is a good security feature and better than simple whitelisting.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. anon@ctc-g.co.th

    WeChat social login for Chinese tourists; Line app social login for Thai guest.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. More options in "Terms of use acceptance" session expires

    I want us to be allowed to get more options in session expires or a full customizable options like voucher definition, in which you can insert a custom value for validity period among other options.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Hotspot password of the day censoring

    We just had a hotspot password of the day of "rapexace02" be generated for a customer that works with people experiencing domestic violence. It didn't go down well. Could these passwords be automatically generated if they contain any sensitive keywords?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. "Blacklist" of MAC addresses of wireless devices that are not allowed by an AP for a connection

    For each connected AP you should be able to specify a "blacklist" of MAC addresses in the XG that are not allowed by the AP for a connection. This is to ensure that stationary devices such as printers, WiFi cameras, streaming devices can only connect to the AP that is intended for them and that is located nearby.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. please support the Radius SSO feature for AP55C.

    According to the Sophos KB 134148, the Radius SSO feature is supported by APX models.
    But customer bought a lot of AP55C, please also support the Radius SSO feature for AP55C.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Hotspot Portal listen on RED Interface.

    Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
    So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Notified abount Access Point UP / Down

    it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Hot spot

    Hot Spot to be able to Authenticate from Routed IP subnet. Subnet that differs from hostspot interface IP Subnet.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sophos XG Wireless AP load balancing

    Hello Team,

    Customer is requesting to have a feature on XG for AP load balancing. For your assistance please. Thank You.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. configure password of day to be sent out at a certain minute

    It would be nice to be able to configure passowrd of day (for hotspot) to be sent out a certain minute.
    At the moment, it can only be configure on a interval of hour, not convenient.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Remove limit of 50 hostspot vouchers

    Hotspot Voucher creation should'nt be limited to 50.
    On SG , we were able to create 500 to 1000 Voucher easily.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Radius SSO support in wireless enterprise authentication - forward accounting request to RADIUS Server

    Radius SSO via wireless enterprise authentication does not currently show the authenticated user in the live activities on the XG interface since Accounting requests are not forwarded from the Sophos Access Points. Can an update provide this functionality so users who connect via RADIUS authentication can be authenticated to the XG and therefore have web policies applied to their accounts.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Organize/filter Wireless hosts by label or group

    Unable to filter or reorganize by Label or Group in the XG Wireless portal
    Feature possible on SG

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Configurable number of devices for hotspot vouchers

    Hotspot vouchers should be supported on limited devices only, for example for guest-1 voucher will be limited to be used on only one device and for guest-2 voucher will be limited to be used on 3 devices.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.