XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SFOS 18 - WAF erorr log - WEB viewer VS /log/reverseproxy.log - Improvement debugging - faster debugging

    Hi Sophos,
    I'm a Sophos Architect.
    Using WAF functions in deep, I'm amazed about the necessity to tail the reverseproxy.log to obtain the ID field of the error [id "<rule number>"].
    In the WEB log viewer, under Web Server Protection, I don´t have this information!!!
    Why?
    Is it complicated to get this [id "<rule number>"] in the WEB log viewer?
    Thank you for implementing this function in the next release.
    Regards
    Alexandre Rastello | Consultor Sénior - Tecnologias Informação | Sophos Architect

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. L2VPN

    More and more companies implement DR and multi site. L2VPN allows simple networking for cloud and server.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. chromebook ssl vpn - openvpn implementation

    Maybe have your developers put together a chromebook client package for the SSL vpn. There's one for Windows, OSX and I haven't tried but suspect openvpn on Linux would be fairly easy to get working. Or maybe make a small change in the firewall which would allow the addition of at least a second protocol and port for the SSL vpn (UDP, 1194 specifically).

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. programming of sophos firmware updates

    Possibility of programming (day / time) the firmware update on XG

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to Preview Email in quarantine from the user portal prior to releasing

    Ability to preview email that is in quarantine prior to releasing it from the user portal, similar to the O365 email quarantine ability to preview an email that is in quarantine prior to releasing

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Report Dropped Traffic by Internal Default Drop rule

    There is no possibilty to report traffic caught by default drop rule.
    Workaround with "ANY ANY DROP" rule does not work because 80/443 traffic is sent to proxy which reply "blocked" web site (incorrect). Other protocols are dropped correct w/o any reply.
    Default drop rule does not replay anything (correct, but does not log them)

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  7. API control over XG local users status

    We were hoping to use the API to create a simple administrative interface that allows a helpdesk to toggle local XG accounts for remote access.

    The current API documentation indicates that the <User> branch allows the <Password> to be updated via the API, but the <Status> is a read-only attribute.

    This seems a bit daft really, if anything I would argue it should be the other way around.
    It seems more secure to allow the API to toggle an account status but not actually change its password, thus requiring access webadmin to change a password.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Temperature Monitoring

    I have seen two request for the ability to monitor temperature. One from 2016 and the other form 2018 both with a combined vote total over 200. What gives?

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Email notification to admin ID for crossing set threshold of quarantined emails

    Receive email notification to administrator's email ID for quarantined emails when it reaches to the set threshold number.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. XG Client to Third-Party Private VPN Service

    We need the ability to connect the Sophos XG to a third party private VPN service (NordVPN, PIA, Proton VPN). The XG would function as a client connecting to the service.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. Generate report about how long time a user stay connected at VPN

    today, companies have no way of knowing how long a user was connected to the VPN and today due to use in the home office, the company has no control over usage and how long the user was connected

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  12. Restrict VPN access only to devices that are in a specific domain, or that have Sophos Antivirus installed

    Today, if the user downloads the VPN application, he can install it on a personal computer, which should not have this access and in this way, it would be another point of security for companies that only the company's computers have. access, or just the equipment that has Sophos antivirus, which could be validated through heartbit security

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow to define at what time the user can connect via SSL VPN

    Today too many companies need to define at what time the user can connect via SSL VPN, for example, users can only connect during business hours from Monday to Friday

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. Synchronized Application Control - Set Category for multiple Apps at a time

    Allow setting a category for multiple applications at once.

    Synchronizes Application Control identifies a number of applications but puts them under "SyncAppCtl Discovered" Category. Some apps get detected multiple times because of different paths or other reasons.

    It would be great to be able to select multiple applications from the list and set a category for them in one go.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Multi factor authentication to be integrated on active directory

    Hello Team,

    We have customer requesting here to implement Multi factor authentication to be integrated on active directory as they will be needing different level of security between their SSL VPN users. For your assistance please.

    Thank You

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  16. country ipv6 lists

    Need to have Ip2country for IPv6 based hosts and IPv6 addresses per country. Also be able to list of networks in IP object like IPlist.

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Required Live Bandwidth Speed Detail In XG Firewall

    Required Live Bandwidth Speed Detail In XG Firewall if available in XG106 (SFOS 18.0.1 MR-1-Build396) so please support

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add Smarterqueue app

    Hi, can we request to add this app to be allowed?
    This is installed on IOS/android mobiles used to post updates to Instagram.

    This app is currently not working after going through our XG firewall.

    https://smarterqueue.com/

    Please advise. Thanks.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. It will be great if we are able to Upgrade the XG firmware from 17.5.14 to 18.0.2

    Would like to take a minute to address my request to the development team to have the feature in upgrading from firmware 17.5.14 to firmware 18.0.XX since we might lose some data if we did downgrade the firmware to an older module. Even though we have the backup for the old version but we might lose some data and sites which are currently connected to our XG firewall.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable "Maximum login limit" Group wise

    There is only two options we have to set "Maximum login limit" i.e. globally and individually. What if we have to set this for only particular group in which there is so many users. IT's hard to set "Maximum login limit" for too many users. So please provide the same option for group.
    Thank you.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.