Captive Portal needs a feature to allow remembering of username/password as the users are having to re-type in their username every time they want to access internet.

The Sophos connect client permit list should be able to add users by active directory security group. We are a firm spread across 9 offices and the STAS works great on 17.5 MR9 to load the users to all firewalls but the process of adding all users into the connect client is really laborious especially when there is high turnover.

Possibility of full text search in firewall rules

Would like to take a minute to address my request to the development team to have the feature in upgrading from firmware 17.5.14 to firmware 18.0.XX since we might lose some data if we did downgrade the firmware to an older module. Even though we have the backup for the old version but we might lose some data and sites which are currently connected to our XG firewall.

I don't know what is logic of behind that they have removed the Bulk Users upload Feature.
really Bizarre, in this new MR -4 firmware they not provided this feature as well.
Sophos is not fulfill the customer satisfaction, also not provide alternative solution.
They force customers to use whichever they provided.

could you add 100 users every week manually ?

Changing the order (priority) of firewall rules is currently only possible by dragging and dropping.

Not only is it exceedingly cumbersome to move a rule this way if there are a lot of rules, is it not always clear where the rule will "land" after dragging it. This unpredictable behavior is unacceptable in many Change Management policies.

Please add an option to move the rule by entering a specific location.

Dear Team,

Recently we have changed the devices from cyberoam cr100ing to sophos xg210 and In Cyberoam we are able to add the IP list supported hosts for the SSL VPN but in Sophos XG 210 we are unable to add that. Can you please add that feature in Sophos XG210? because to add the one by one host is the time consuming process as ws have the 200+ SSL VPN uers.

Please make it possible to connect Sophos Connect client VPN befor a Windows user is logged in like NCP client Pre-Logon feature, to get all AD domain features like GPO and networkshares.

Gateway failover notification required by mentioning ISP name in subject line as in ver18 getting in mail body only

Hope that sophos improve the auto-resizing screen resolution when you connect through html5 to a vnc pc

Integrate Microsoft AzureAD for user identification for user based XG firewall web policies and reporting. I saw the request for Azure Directory Services which is not free. AzureAD is free with every Office365 tenant. Sophos Central has AzureAD sync, expand this to XG Firewalls as another Server or Directory as a Service model. Seams like this bridge is already half built.

Please add the ability to bypass ips/application regognigtion per rule, when performance is needed. even without applied ips rule, snort is analysing the traffic for application control, which result in a performance impact.

I'd like the ability to restrict access to the site/app tiktok.com in the application control list.

When we customize the Log viewer & export it, we get only the last 15 min data. Which is not sufficient. There should be a date range option there so we can download full day log records. Raw data attributes are really useful for the IT Admin point. Also in the Report section, we are not getting all the raw tab features which is in log viewer. It should be there. & there should option for download all data..currently only 5,10,25,50,100,200..but if we want to download all data at single click, we can not. Report tool must need to improve..

We are using XG115 firewall. Cybersecurity Auditor raised following queries.
1) operator can see all the firewalls rules. there is no option to assign selected firewall rules to the operators. Alot of profile limitation.
2) 4 eyes is not available whenever changes are done in the firewall.
3) Mac address fails to work because of router and switches of layer 2/3 in between the network inspite of putting static mac address on the switch it still failed to work.

I analysed MIME-Type recognition and found that MIME-Type recognition is not working proper. As example, DOCX-files are recognized as "application/msword". The right MIME-Type of DOCX-files is "application/vnd.openxmlformats-officedocument.wordprocessingml.document".

I already opened a support case with request number 03058060 and got this answer:
"Yes, the MIME recognization from XG for .docx is under applications/msword"

So please change MIME-Type recognition, that it serves the MIME-Types, which are listed here:
https://docs.microsoft.com/de-de/microsoft-365/compliance/supported-filetypes-datainvestigations?view=o365-worldwide

or here:
https://developer.mozilla.org/en-US/docs/Web/HTTP/BasicsofHTTP/MIMEtypes/Commontypes

It has come to my attention that while the XG firewall allows you to enter two RADIUS servers for wireless authentication failover. The APX series access points do not support the secondary server.

This creates a high risk for wireless service disruption in the event the primary server goes offline. The lack of support for this functionality requires an engineer to manually promote the secondary server as the primary in the event of a failure.

On the Network/Interface/configure PPPoE - VDSL setting area please change/add the text to indicate that this VLAN applies to a FTTH (fibre to the home) PPPoE configuration as well.
In NZ we have UFB (ultra fibre broadband) to most premises that requires a PPPoE with VLAN 10 configuration.

Option require on load Balance with IPsec VPN