I don't know what is logic of behind that they have removed the Bulk Users upload Feature.
really Bizarre, in this new MR -4 firmware they not provided this feature as well.
Sophos is not fulfill the customer satisfaction, also not provide alternative solution.
They force customers to use whichever they provided.

could you add 100 users every week manually ?

Even if LDAP server authentication is configured, Sophos Connect users have to login to User Portal one time before connect thru VPN.
Connect's Users must be can connect without doing login to user portal before.

Regards

Our client is asking to block NordVPN, unfortunately there's no NordVPN to application control.

I suggest a responsive HTML5 Web Admin UI and User Portal UI. This allows having a more lightweight UI in general and reduces effort for the XG dev team in scripting. For the users / customers a HTML5 UI would result in a more flexible and faster user experience, especially when they use different sizes of screens the Web Admin UI can adapt through a responsive design to the different resolutions.

Gateway failover notification required by mentioning ISP name in subject line as in ver18 getting in mail body only

Gateway failover notification required by mentioning ISP name in subject line as in ver18 getting in mail body only

bg.as51430.net change category to proxy or none, as in customer enviournment due to this site psiphon is establishing, its current cat. is Personal sites

When editing (add or review) IP-Host Groups it would be really helpfull if you could see at least the IP address of the IP Host in a tooltip when hovering over it with the mouse.

We are seeing issues with NTLM/Kerberos authentication where the device name is authenticating with Sophos XG vs the user. It seems to be that some Microsoft services are causing this and it is causing blocked web access.

Ideally, it would be nice to see an option made available where you can filter out or prevent Sophos from Authenticating computer objects/devices in AD, and only to authenticate user objects.

allow making editable the services rule in hosts & services option while the rule is live.

As if the site is live and we want to allow a new port on the server then we have to take it down first from the firewall rule then need to go to the services option and then it will allow us to change after that we are able to add the new port in rule

It's not proper way if we want to take down our live site for a few min it will bad impression on business

Allow Public Key authenication method for XG SSL VPN clients. It would also be a bonus if keypairs could be generated within the GUI rahter than CLI.

Netflow data can travel on Ipsec vpn.

I would like to see the XG VPN report yield a detailed view of each successful connection and the duration of said connection (similar to the UTM's remote access logs). We currently get a detailed view of failed attempts, but an aggregate of the successes per user.

This is required for compliance purposes.

Hi,

I am in the process of trying to convince the manager that the Sophos XG is not causing any delay in Video Voice communication. To do this I would need to bit of information. The size of the QoS queue so I can show the voice queue remains low. The time it takes to process traffic through the Sophos XG, or time to process traffic through each QoS Queue.

So it would be great to have a feature that monitor, reports on processing time of packets through the Sophos XG and Size of QoS queues.

Thanks

Is it possible to publish the RED devices as a software image (for example for vmWare and HyperV)?
We have use cases in PaaS- / IaaS areas in which such a scenario would be very practical.

Hello!

Sophos SFOS v18+ brought with it the ability to set the MTU size of the Sophos RED, internal interface.
This now allows you to fix the inability to load websites through a separate zone wireless over a RED tunnel. However, there are is still some addition performance I can get out of it when override other values using the "Advanced Shell".

I'd like to see the ability of overriding the MTU size of all interfaces - inclusive of Separate Zone WLAN interfaces, which you could override on Sophos SG.