XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Adding a domain to an exception

    It would be helpful if when adding a domain to the exception list you could also instruct the system to consider all of the subdomains that are associated with it as well. This may be done with a check box and the system could then add the subdomains to the filter list as they come in. The user could then go in and turn off the checkbox and exclude certain sub-domains.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Point and click to add an Exception to Email

    It would be wonderful if you could just click on an entry in the Mail Logs and have it added to the Exception list. You could then go to the exception list and make any modifications needed but capturing the domain information is the most critical.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add Additional Sophos XG V18 SNMP CPU Reporting Options

    Hi Team,

    The new Sophos XG V18 SNMP MIB's do not have an option to query Overall/Total CPU Usage as a singular value.

    While I appreciate Sophos in V18 offer querying using the HOST-RESOURCES-MIB library, from what I can tell this only provides per-core utilization.

    I would like to suggest adding a Sophos OID (Similar to V17) that provides overall CPU Usage reported as a singular value so that we can configure SNMP alert monitoring based on both Per-Core and Overall CPU Usage.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  4. Reduce resolution for XG firewall login page picture

    Hi Team, XG firewall login homepage is having very high resolution image which takes lot of time to load / refresh while we admins work remotely on these firewalls. As an admin, I can disable this image load in chrome but that disables all images for that particular firewall' all admin sections which is not desirable.
    Can you please decrease resolution of login page picture, not useful at all.

    Thanks,
    Nilesh Kahar.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Create the possibility to filter in the Sophos XG Firewall Log for several entries of the same type (e.g. port 80 AND 443)

    Create the possibility to filter in the Sophos XG Firewall Log for several entries of the same type (e.g. port 80 AND 443)

    It is currently only possible to search for an entry e.g. a port, if you add another port via the filter, the first entered port is deleted and only the last entered one is there.
    Ideally, this should be done with e.g. Boolean arguments can be linked in order to be able to build extended log filters. This affects all parameters of the search. If you e.g. want to hide a port like 80 and 443, this…

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Mail Log status changes - greylisted emails

    Id like to suggest changing the status of grey listed emails from rejected to greylisted. This would make searching for emails that have actually been rejected much easier. alternatively add an additional reason filter for greylisted items.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability to Ping actual RED IP

    It would be good to have an IP address on the actual RED itself that can be ping'd from a management system to get some idea of online status. I've just discovered that the interface IP for a RED appears on the XG and not on the RED. I.e. if you turn off the red, you can still ping the interface IP for that particular RED.

    Apart from email notifications or checking the XG GUI, there appears to be no way from a central point (e.g. SNMP monitor) that a RED is online/offline etc.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. Request to have much more user friendly two factor authentication for Sophos Connect 2.0

    Hello Team,

    We have a customer here requesting to have much more user friendly two factor authentication for Sophos Connect 2.0. The current 2FA on XG like appending a 6-digit code to a password to gain access is not user friendly. Requesting if possible for sophos XG to support a third party 2FA that is much more easy to use and no need to enter the token or one time password.

    For your assistance please.

    Thank You

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to see status of cellular interface

    The ability to see the status of the cellular interface to ensure that it is registered/connected to the cellular network as well as signal strength to aid in general troubleshooting (e.g. -65dBm, Idle or similar) (not just when the RED is running on cellular failover) as well as initial device placement etc.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. Option to monitor health of RED via SNMP

    The option to monitor the health of RED via SNMP. Specifically individual port traffic on the RED itself (not just the single RED interface on the XG) as well as WAN and failover status so that a site does not inadvertently get 'stuck' in failover mode and consume excessive cellular data.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. Use LTE connectivity instead of only 3G/GSM/UMTS on RED

    I noticed that when configuring a 3G/UMTS failover for a RED appliance even with using a Sophos 3G/4G expansion module module, that there is no option to actually use LTE connectivity, only GSM exists at this time it would seem.

    Support has confirmed in fact that the failover is in fact only GSM = 3G UMTS

    It would be good for RED to use or have the option to use LTE connectivity given that GSM/3G/UMTS is yesterday technology and 3G in my country has its days numbered (3G network closure announced for 2024).

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. master key is forcefully feature. keep it an optional

    i am strongly recommended that keep this master key feature optional. as i am facing lots of problem regarding Master key. i am administrator & managing 5 Sophos device of each different location. we are already using encryption password method for backup.
    so why this feature needed and mandatory ?

    this is forceful feature not usable for my current scenario & have double headache to remember key and store it on safe place.

    also i read in your website , if we lost this key all backup will loss. if you have don't have recovery option this feature is useless…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. User internet usage report fine tuning

    Need user web browsing report and internet usage report finetune. Not able trace user which site accessed and how much internet used individual users.
    Not able to trace user internet usage activity clearly.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please enable the option for importing the new user credentials through .csv file, which was there but now you have removed

    Please enable the option for importing the new user credentials through .csv file, which was there but now you have removed after firmware upgradation.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. time of click protection

    Due to the risk of users visiting unsecure sites that is being listed as HTTP:// bowsers are updating these security protecting by forcing the sites to go to HTTPS://. This being said the Sophos Email Appliance that is still being used by some companies out there is currently protecting the users with time of click protection but the link that the user gets is http://email appliance name : port. Will it be possible to get the link that the email appliance changed to be sent as HTTPS://email appliance name:.

    If possible or not please may I have feedback on this…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add tiktok to application policy list.

    Add tiktok application to application policy list to manage traffic easily. It's a high data consuming app and please always ensure a way to control application traffic by sending updates for latest application or suggest a way we can add application manually as sophos let us control web traffic.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Require local user password criteria to be defined

    Administrators should be able to require users passwords to meet certain password criteria/complexity, Character length, Case, numeric, special characters.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  18. Require local XG user password change by administrator.

    Admins should be able require users to change password at next login.... We are setting up our users on a new XG Firewall, we should be able to require them to change password at next login so they are not using the common password for setup... So passwords are unique.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Create a schedule to turn SSL Site to Site VPN on and Off

    Some of the competitors allow for Site to Site VPN connections to be turned on and off by schedule. For example, nights and weekends when people arent using the connections. That would be good for small offices.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make Secure Storage Master Key OPTIONAL

    I don't want to use a secure storage master key. This is something we don't need and will just make life more difficult for our staff who manage more than 150 different Sophos XG devices having to store keys all over the place. I'm sick and tired of the screen popping up every time I log in and the fact I can't take a manual backup.

    Will Sophos please stop forcing this and make it optional. I'm the Administrator, not Sophos.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 89 90
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.