XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. GuestAP Network Interface Hide

    If the device you have does not support wireless, you should hide the GuestAP Network Interface,

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable/Disable Firewall rule

    It would good if you could enable/disable the firewall rule from the main list display, rather than having to click the "..." menu and then select disable/enable. Cyberoam could be enablde/disabled on the firewall rules list.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. WEB & application filter for user and user group on XG firewall

    Please add the feature of web & application filter on user and user group.
    It is useful for XG

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. block psiphone WITHOUT the need to scan HTTPS protocol

    We strongly request this features ! As, it is totally not practical to install https cert on all computer. Especially guest Network in order to stop Psiphone. From the report we are losing 223.92 GB or 11.21 % daily on bandwidth to psiphone. Hope this issue will get someone in XG team alert and a solution is indeed !!

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →

    Psiphon is extremely evasive and only needs to find one successful way through the firewall to connect. HTTPS decryption is essential as Psiphon is enable to disguise the non-encrypted parts of its HTTPS traffic sufficiently that detection without false positives is impossible.

    We continually monitor Psiphon and similar tools and try to respond to new connection methods, and try to find new more effective ways to detect and block.

  5. need require interface internet date, timing with speed wise report monthly

    need require interface internet date, timing with speed wise report

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Please add the IPS Signature for CVE-2018-5924、CVE-2018-5925.

    This is a vulnerability in the HP printer. There are no Signature in XG Firewall, please add.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Provide redirect option for either HTTP or HTTPS in Guest user settings portal, as it blocks the access on Google Chrome

    Provide redirect option for either HTTP or HTTPS in Guest user settings portal, as it blocks the access on Google Chrome

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Web user report

    Hello Team,
    I have logged an case regarding Report Sechedul as per my requirment that report coustmize as top 25 user who consumed most data per day , like mukesh 1.3 GB then dinesh 1.0 GB then hiten 900 MB like that it should be 25 user.
    But my report short by Hits consume by user like mukesh 2125 hits 305 MB,then dinesh 2012 hits 900 MB, then Hiten 1950 hits 2.0 GB
    I just want list as per user data consume not as per hits
    My suggestion is please desig a reoptr module as per my requirment
    Many company…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow IP Ranges larger than 255, Network larger than /24

    Allow IP Ranges larger than 255 and Network larger than /24 for Protected Servers in Business Application rules.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Webfilter & Application on User based like Cyberoam

    Webfilter & Application on User based control

    A great feature in cyberoam was the ability to change webfilter/App filter for a user or group in the identity section.

    With XG that good option was left off, allowing only firewall rule based webfilter/App filter application as competitors do.If this feature is came back its very helpful to small organisation like below 25-50 users

    Requesting Sophos to bring back that feature which made Cyberoam so popular.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →

    We prefer to move away from assigning policies to objects, and towards having policies that reference objects. This allows us to put all policies in one table rather than having them distributed around the UI. Web Policy is an example – since Cyberoam, we have added the ability to select user identities in Web Policy so that it’s not necessary to create many different firewall rules to grant different policies to users. We will extend this to App Control as well in the future.

  11. Create a

    Create the ability to monitor individual VPN IPsec tunnel status and SNMP traffic.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. Privoxy functionality

    Privoxy is able to supress redirects that google is placing on their search results. OR redirects to analytcs sites.
    Blocking categories makes the search sites not usable.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Web Filtering Category with coinminer type website

    In asia so many bitcoin miner case.
    Taiwan was test target with many countrys.
    so many business customer want to detect inside or outside problem with miner attcked.
    but some miner website is normal and legal.
    Just hacking category can't include all miner webside, just only inlegal webside is not enough.
    Endpoint protection this product has application contral with miner type category.
    so why in XG can't do this?

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Declined  ·  0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Public Access Need To Be Secure

    Hello Team,
    I have install XG 135 firewall to secure my network but my firewall is not secure yet, after enabling wan access my firewall then any budy can hack my firewall so take it seriously heir should be any advance login procedure like throw OTP or any other way.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Declined  ·  1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Reporting on total number of wireless clients. Please!!

    It would be very helpful to be able to generate reports on the total number of wireless clients in a given time period, rather than the average and the min/max number of clients. Knowing how many clients used our WiFi per month is much more useful than the average number of clients.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. WAN Optimization

    We are waiting for a feature called "WAN Optimization" or "WAAS".

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. iView support for Notification using SMTP servers with authentication over TLS encrypted connection

    iView notification should support SMTP servers which implements AUTH LOGIN after a TLS encrypted connection established following a STARTTLS verb from the server side.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. SSO

    I would suggest SSO client compatible with Samba4 as domain controller

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Make Suricata a second option for IPS

    The addition of Suricata as an option for IPS while keeping Snort as the default option would be a great feature so people can test both and determine which option better suits their hardware and security needs.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Concurrent Session Report

    How to get concurrent session report for a particular day, week, month or year?

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.