XG Firewall
Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.
-
PPPoE: Ability to set VLAN and adjust MTU (for VDSL)
Please add the option for VLAN Tag 7 in PPPoE interfaces and auto adjust the mtu size to 1492. This prevent problems by configure VDSL interfaces. This feature is
already available in Sophos UTM.7 votes -
Sophos - Safety Instructions and regulatory information
Not a big deal, but please make the document named "Safety instructions and regulatory information (2016)" which is sent with the product Sophos Firewall XG 85 also digital available for customers. It's not available as PDF yet. I already had a chat with one of your staff members about it. He/she told me to make a case of it. Geert Jans
1 vote -
Larger dialog boxes
In areas where you edit policy or add objects to a policy I notice that a lot of the boxes are only a few lines long. Could we expand those a bit more as they seem really crunched so you have to scroll a bunch.
2 votes -
Show IPsec Connection Detail for ReadOnly-user
With a RO-user this user can only see if the tunnel is up or down, not the "Connection Detail" with all connected networks. The Connection Detail page loads, but the user is not able to see any network.
4 votes -
NetBIOS relay
I suggest the implementation If NetBIOS Relay.
Another players have this solution.
When you have 2 subnets on utm, and need make a network map with NetBIOS.
Sample:
//Server/share3 votes -
Make "spinner" processing icon more visible
processing icon (a greyed circle) is barely seen while the firewall is processing/applying changes.
increased size, as well as colour, would help more to identify that firewall is processing our activity.
2 votes -
Show PPPoE password
Can we please have an option to show the current PPPoE password in the Network configuration section?
1 vote -
Enabled Clientless User Upon Creation When Adding Range
We have a small college campus and several /24 networks full of IoT devices that aren't managed by our organization.
Currently if you use the "Add Range" feature you have to go back through and "Activate" all created users which becomes tedious very quickly. It would be nice to add an option to enabled all users upon creation when using the "Add Range" feature.
1 vote -
GRE tunnel support for Policy base routing feature.
The Sophos XG firewall GRE/IPsec VPN could not supported Policy Base Routing. It will get some GRE tunnel lost traffic for the specific routing on the links from the Peer GRE tunnel of the Firewall.
12 votes -
User password reset with registered email address
We are using Sophos in University having more than 5000 users out of which 4000 are students. There should be solution to reset the password by student if he knows his user id and reset code can be sent to his official mail address which is provided by the institute.
5 votes -
Provide filtering in System services > Traffic shaping UI page
a filter in traffic shaping to filter required rule
1 vote -
Built-in WiFi should support Bridge to VLAN
The XG105w (wireless enabled) only supports Bridge to AP or Separate Zone, and not bridge to VLAN. This is fine for when you a have a really small deployment, which is not integrated with additional Sophos AP's within the environment. For a growing and secure wireless SMB environment the best practice would be to utilise VLAN's and segment the different wireless traffic through the network.
Ideally this config should flow and replicated through AP groups including the XG on-board wireless.1 vote -
host to host Ipsec tunnel, routing option does not show ipsec tunnel to use as gateway
After creating point to point ipsec tunnel we require to add route but in routing it does not show ipsec tunnel in SFOS v 17.0
1 vote -
FQDN Host page should have column for group membership
Add to the UI display of 'Hosts and Services'>'FQDN Host' a column to include the 'FQDN Host Group' name of which the host is a member.
So instead of having only
Name / FQDN / Manage columns, to have
Name / FQDN / Host Group / Manage columns.2 votes -
PFS
In order to avoid warnings due to deficient email encryption, should be installed as soon as possible a PFS encryption in the XG.
8 votes -
Filtering log viewer by network or range of IP addresses.
Our organization has multiple internal networks with varying subnets. Currently I can only search for the beginning string of an IP if I want to view a range and then dig through pages of records for the IP's I'm looking for. If I could generate reports on a range of IP's and/or subnet that would be great! Also, if I could download all the records at once instead of the 1 page display.
4 votes -
Override hostname in Cisco IPsec Client
Override Hostname in Cisco IPSec VPN Client Section in case where firewall is NATETD...
5 votes -
Auto-disable DFS when transmit power <=50%
Automatically disable DFS when the transmit power is set to 50% or lower on the AP’s as is allowed by the Australian Communications and Media Authority
Switch CH bandwidth between 20, 40 and 80HMz
2 votes -
Outgoing email quotas
The MTA should offer an option or a specific FW rule to set some email outgoing limit up (e.g. max 200 outgoing emails per hour, max 10 emails per hours if user is XYZ, ecc.).
14 votes -
Multiple SAA certificate
User can have more than one certificate attached, where admins can upload certificates and attach to users.
https://community.sophos.com/products/xg-firewall/f/authentication/94053/authentication-client
4 votes
- Don't see your idea?