XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. PPPoE: Ability to set VLAN and adjust MTU (for VDSL)

    Please add the option for VLAN Tag 7 in PPPoE interfaces and auto adjust the mtu size to 1492. This prevent problems by configure VDSL interfaces. This feature is
    already available in Sophos UTM.

    7 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Sophos - Safety Instructions and regulatory information

    Not a big deal, but please make the document named "Safety instructions and regulatory information (2016)" which is sent with the product Sophos Firewall XG 85 also digital available for customers. It's not available as PDF yet. I already had a chat with one of your staff members about it. He/she told me to make a case of it. Geert Jans

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Larger dialog boxes

    In areas where you edit policy or add objects to a policy I notice that a lot of the boxes are only a few lines long. Could we expand those a bit more as they seem really crunched so you have to scroll a bunch.

    2 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Show IPsec Connection Detail for ReadOnly-user

    With a RO-user this user can only see if the tunnel is up or down, not the "Connection Detail" with all connected networks. The Connection Detail page loads, but the user is not able to see any network.

    4 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. NetBIOS relay

    I suggest the implementation If NetBIOS Relay.
    Another players have this solution.
    When you have 2 subnets on utm, and need make a network map with NetBIOS.
    Sample:
    //Server/share

    3 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Make "spinner" processing icon more visible

    processing icon (a greyed circle) is barely seen while the firewall is processing/applying changes.

    increased size, as well as colour, would help more to identify that firewall is processing our activity.

    2 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Show PPPoE password

    Can we please have an option to show the current PPPoE password in the Network configuration section?

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enabled Clientless User Upon Creation When Adding Range

    We have a small college campus and several /24 networks full of IoT devices that aren't managed by our organization.

    Currently if you use the "Add Range" feature you have to go back through and "Activate" all created users which becomes tedious very quickly. It would be nice to add an option to enabled all users upon creation when using the "Add Range" feature.

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. GRE tunnel support for Policy base routing feature.

    The Sophos XG firewall GRE/IPsec VPN could not supported Policy Base Routing. It will get some GRE tunnel lost traffic for the specific routing on the links from the Peer GRE tunnel of the Firewall.

    12 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. User password reset with registered email address

    We are using Sophos in University having more than 5000 users out of which 4000 are students. There should be solution to reset the password by student if he knows his user id and reset code can be sent to his official mail address which is provided by the institute.

    5 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Provide filtering in System services > Traffic shaping UI page

    a filter in traffic shaping to filter required rule

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Built-in WiFi should support Bridge to VLAN

    The XG105w (wireless enabled) only supports Bridge to AP or Separate Zone, and not bridge to VLAN. This is fine for when you a have a really small deployment, which is not integrated with additional Sophos AP's within the environment. For a growing and secure wireless SMB environment the best practice would be to utilise VLAN's and segment the different wireless traffic through the network.
    Ideally this config should flow and replicated through AP groups including the XG on-board wireless.

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. host to host Ipsec tunnel, routing option does not show ipsec tunnel to use as gateway

    After creating point to point ipsec tunnel we require to add route but in routing it does not show ipsec tunnel in SFOS v 17.0

    1 vote
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. FQDN Host page should have column for group membership

    Add to the UI display of 'Hosts and Services'>'FQDN Host' a column to include the 'FQDN Host Group' name of which the host is a member.
    So instead of having only
    Name / FQDN / Manage columns, to have
    Name / FQDN / Host Group / Manage columns.

    2 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. PFS

    In order to avoid warnings due to deficient email encryption, should be installed as soon as possible a PFS encryption in the XG.

    8 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Filtering log viewer by network or range of IP addresses.

    Our organization has multiple internal networks with varying subnets. Currently I can only search for the beginning string of an IP if I want to view a range and then dig through pages of records for the IP's I'm looking for. If I could generate reports on a range of IP's and/or subnet that would be great! Also, if I could download all the records at once instead of the 1 page display.

    4 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  17. Override hostname in Cisco IPsec Client

    Override Hostname in Cisco IPSec VPN Client Section in case where firewall is NATETD...

    5 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Auto-disable DFS when transmit power <=50%

    Automatically disable DFS when the transmit power is set to 50% or lower on the AP’s as is allowed by the Australian Communications and Media Authority

    Switch CH bandwidth between 20, 40 and 80HMz

    2 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Outgoing email quotas

    The MTA should offer an option or a specific FW rule to set some email outgoing limit up (e.g. max 200 outgoing emails per hour, max 10 emails per hours if user is XYZ, ecc.).

    14 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Multiple SAA certificate

    User can have more than one certificate attached, where admins can upload certificates and attach to users.

    https://community.sophos.com/products/xg-firewall/f/authentication/94053/authentication-client

    4 votes
    Sign in Sign in with: Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.