SFOS 18 - WAF erorr log - WEB viewer VS /log/reverseproxy.log - Improvement debugging - faster debugging
I'm a Sophos Architect.
Using WAF functions in deep, I'm amazed about the necessity to tail the reverseproxy.log to obtain the ID field of the error [id "<rule number>"].
In the WEB log viewer, under Web Server Protection, I don´t have this information!!!
Is it complicated to get this [id "<rule number>"] in the WEB log viewer?
Thank you for implementing this function in the next release.
Alexandre Rastello | Consultor Sénior - Tecnologias Informação | Sophos Architect1 vote
More and more companies implement DR and multi site. L2VPN allows simple networking for cloud and server.2 votes
Maybe have your developers put together a chromebook client package for the SSL vpn. There's one for Windows, OSX and I haven't tried but suspect openvpn on Linux would be fairly easy to get working. Or maybe make a small change in the firewall which would allow the addition of at least a second protocol and port for the SSL vpn (UDP, 1194 specifically).1 vote
Possibility of programming (day / time) the firmware update on XG8 votes
Ability to preview email that is in quarantine prior to releasing it from the user portal, similar to the O365 email quarantine ability to preview an email that is in quarantine prior to releasing7 votes
There is no possibilty to report traffic caught by default drop rule.
Workaround with "ANY ANY DROP" rule does not work because 80/443 traffic is sent to proxy which reply "blocked" web site (incorrect). Other protocols are dropped correct w/o any reply.
Default drop rule does not replay anything (correct, but does not log them)4 votes
We were hoping to use the API to create a simple administrative interface that allows a helpdesk to toggle local XG accounts for remote access.
The current API documentation indicates that the <User> branch allows the <Password> to be updated via the API, but the <Status> is a read-only attribute.
This seems a bit daft really, if anything I would argue it should be the other way around.
It seems more secure to allow the API to toggle an account status but not actually change its password, thus requiring access webadmin to change a password.2 votes
I have seen two request for the ability to monitor temperature. One from 2016 and the other form 2018 both with a combined vote total over 200. What gives?9 votes
Receive email notification to administrator's email ID for quarantined emails when it reaches to the set threshold number.2 votes
We need the ability to connect the Sophos XG to a third party private VPN service (NordVPN, PIA, Proton VPN). The XG would function as a client connecting to the service.3 votes
today, companies have no way of knowing how long a user was connected to the VPN and today due to use in the home office, the company has no control over usage and how long the user was connected4 votes
Restrict VPN access only to devices that are in a specific domain, or that have Sophos Antivirus installed
Today, if the user downloads the VPN application, he can install it on a personal computer, which should not have this access and in this way, it would be another point of security for companies that only the company's computers have. access, or just the equipment that has Sophos antivirus, which could be validated through heartbit security8 votes
Today too many companies need to define at what time the user can connect via SSL VPN, for example, users can only connect during business hours from Monday to Friday6 votes
Allow setting a category for multiple applications at once.
Synchronizes Application Control identifies a number of applications but puts them under "SyncAppCtl Discovered" Category. Some apps get detected multiple times because of different paths or other reasons.
It would be great to be able to select multiple applications from the list and set a category for them in one go.2 votes
We have customer requesting here to implement Multi factor authentication to be integrated on active directory as they will be needing different level of security between their SSL VPN users. For your assistance please.
Thank You6 votes
Need to have Ip2country for IPv6 based hosts and IPv6 addresses per country. Also be able to list of networks in IP object like IPlist.13 votes
Required Live Bandwidth Speed Detail In XG Firewall if available in XG106 (SFOS 18.0.1 MR-1-Build396) so please support11 votes
Hi, can we request to add this app to be allowed?
This is installed on IOS/android mobiles used to post updates to Instagram.
This app is currently not working after going through our XG firewall.
Please advise. Thanks.2 votes
Would like to take a minute to address my request to the development team to have the feature in upgrading from firmware 17.5.14 to firmware 18.0.XX since we might lose some data if we did downgrade the firmware to an older module. Even though we have the backup for the old version but we might lose some data and sites which are currently connected to our XG firewall.4 votes
There is only two options we have to set "Maximum login limit" i.e. globally and individually. What if we have to set this for only particular group in which there is so many users. IT's hard to set "Maximum login limit" for too many users. So please provide the same option for group.
Thank you.2 votes
- Don't see your idea?