XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Change the port names

    Give us the ability to change the names of the ethernet ports, I can never remember if the WAN is port 1, port 2, or port 3. If we could name them something that indicates their purpose it would be very helpful.

    28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow VLANs to be added to a bridge

    This function was available in UTM 9, but it's missing in the new XG Firewalls. I should be able to create a new vlan and add it to a bridge so that it spans multiple physical interfaces. As it is right now, a new vlan can only be added to a single physical port.

    177 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to choose which LAN interface IP the captive portal will redirect to.

    Customer's situation is that they have two interfaces with the same LAN type. The problem was that the captive portal keeps redirecting to the wrong interface IP. I asked GES about this and was advised that currently captive portal only redirects to the IP of the first LAN interface, there is no way to manually change the IP it uses. So feature request is the way to go.

    5659720

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. SSL VPN Port modification request

    Hi Sophos XG Firewall Team,

    Need your support to allow the Firewall administrator to configure the SSL VPN port, because most of the networks are not allowing to use 8443 port especially in ISP side.

    It is crucial for all Sophos XG Firewall end customer.

    Regards
    Damodharan..

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. Possibility of modifying the logo in customer portal, as is the entrance to the company. Cheers

    Possibility of modifying the logo in customer portal, as is the entrance to the company.

    Cheers

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add Google's DynDNS Provider

    Please provide ability to use Google's Dynamic DNS service.

    42 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add inheritance to App and Web filter policies.

    It is hard to develop several filter policies with little differences for several groups of users. It would be nice to have ability to inherit, for example, web categories from other web filter policies and for application filters as well.
    Or there could be the ability to duplicate policies as it has been mentioned before.
    Thank you.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow High Availability with DHCP

    "HA cannot be configured when one or more interfaces are DHCP/PPPoE/WWAN-enabled."

    Much like with the previous UTM's, users should have the option to utilize High Availability regardless of their interface type.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. NTP - no need for rebooting the Firewall

    When making changes to the NTP Configuration, it should not be necessary to reboot the Firewall afterwards.

    104 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Change SSL VPN Port

    Right now it is not possible to change the SSL VPN Port by GUI. Port 8443 is used by default. Please add the possibility to change, because Port 8443 is not allowed in many networks.

    411 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  41 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add no-ip.com DynDNS Provider

    No-IP.com was a provider in UTM9 for DyanmicDNS, and who I had my DNS with. I just upgraded to the XG Firewall only to find it's not there, now time to roll back to UTM9. Could you please add this back in?

    44 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
  12. Policy custom View

    Would be better if an admin can view the active flags in a security policy. This will be usefull for example to know when a policy is using a NAT policy or have Web Filter policy active. The best option would be a customizable view where the admin can choose what flags want to view.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Webfilter & Application on User

    A great feature in cyberoam was the ability to change webfilter/App filter for a user or group in the identity section.

    With XG that good option was left off, allowing only firewall rule based webfilter/App filter application as competitors do.

    Please bring back that feature which made Cyberoam so popular.

    186 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →

    In v16, we added user and group constraints to web policies. This allows admins to control all web behaviors for all users, from a single screen, while adding more powerful and simple to maintain web polices than in any other firewall. This allows you to define behavirs for users or groups in a single policy, while also defining exceptions and overrides in that same policy, and not needing to create policy clutter, with multiple, similar web policies.

  14. Display addresses when hovering over a host name or host group

    when creating a new policy rule and choosing an IP host or a host group, it would be nice if you could hover of the name of the group and pop up the address(es) of that host or group.

    I can't be the only one who sometimes names things poorly and would like to verify the correct address before creating the rule

    31 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Installation: Manually set IP address for LAN

    The XG Firewall installer should allow me to configure the IP address that I want to use on my LAN, so I can easily integrate it into my existing network.

    32 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Initial Install

    During the initial install, Sophos XG chooses the interfaces on its own. User should be able to decide which interface to use.

    Also basic setup is the only option someone can do to configure WAN port in order to register device. This would also be nice to choose the interface to use.

    Add Registration log to console menu to permit user to see the logs regarding registration errors. At the moment I am unable to register the device, it was difficult to track down log messages.

    39 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Change Hostname

    It would be nice if we were able to change the hostname when configuring the Sophos XG Firewall. One of the major reasons is unless you create a certificate with a common name of "localhost", the hostname on the certificate and the appliance will never match.

    42 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Bring back Web Filter override for specific AD groups

    In Sophos UTM there was an option to allow specific user groups to override a URL block under Web Filtering. This was really useful for educational environments so our teachers could bypass unintentional blocks for kids. Please bring it back! :)

    64 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improve Port Forwarding

    Port forwarding configuration is confusing at best.

    39 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. View logs for "any"

    In the log viewer, you have to choose the log View what you want to view for System, Web Filter, .. etc.
    Because of you can add filter options like an IP address, would be better if you can see all logs related with that filter at the same time.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Completed  ·  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.