XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Device Specific Authentication

    UTM allows us to configure different web profiles where different device-specific authentication can be set.

    This is very useful in environment where BYOD is required and more than one profile is needed.
    So inherit from UTM.

    72 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Pharming protection - Exception possibility

    it's not possible to create an exception on Pharming protection (Web --> Protection --> Advanced Settings).
    The default enabled function let you "Protect users against pharming and other domain name poisoning attacks by repeating DNS lookups before connecting."

    We were unable to get a vpn tool called "SSL network extender" working (to support a customer). The solution was to disable the Pharming protection completely.

    57 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. WebSocket

    Websocket.

    IETF standard. Used by real-time comms on webpages.

    DESPERATELY needed. HTTPS Decrypt and Scan basically kills it. Please fix!

    44 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow regular expression matches on URLs in Web Policy

    The ability to be able to use regular expressions to match URLs in the Web Policy, not just in Web Exceptions.

    This was possible with SG UTM.

    43 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add "Top bandwidth users" and "Top bandwidth destinations"

    Can you add Top Bandwidth Users and Top Bandwidth Destinations to the dashboard or someplace easy to access?

    39 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Multiple upstream web proxies

    Define multiple upstream HTTP proxies.

    Define URL-based policies to determine which proxy should be used, or whether traffic should go direct.

    Each proxy may require authentication.

    39 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Make Web Proxy User Notifications fully customizable

    Being able to fully customize the user notifications (displayed to the user when browsing blocked or warned pages, for example (PROTECT --> Web --> User Notifications --> Message for Warn Action )) is desirable, e.g for purposes of translating the pages. The possibility to use templates with variables would be greatly appreciated.

    35 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Inspection of QUIC traffic

    It appears that currently QUIC traffic (UDP port 80/443) are not categorized by the web filter. Users seem to be able to access YouTube and other Google sites without any of their traffic being inspected.

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. 28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Download and scanning progress in batch mode

    In Batch scanning mode under Web>protection you don't see any Progress like with UTM.
    Please add this feature!

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. PAC/WPAD file hosting on XG

    Couldn't find it previously suggested, so want to throw this in the mix. It would be awesome if we could host WPAD/PAC file locally on the XG unit. If I missed it in the documentation I'd appreciate if someone corrected me.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. URL feedback enhancement

    On your support site please give us the abitlity to see how websites are categorised:
    https://secure2.sophos.com/de-de/support/contact-support.aspx

    Now it is only possible to send a url sample for a certain url. It would be better if you can make an url lookup to see how specific sites are caterorised.

    It should be possible similar to the mcafee trusted source site when you search for a specific url:
    https://www.trustedsource.org/

    This would make the admins life way easier to commit url samples.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block Files Upload in Webmail

    The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
    Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
    but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Block/allow YouTube categories

    YouTube uses categories for the videos and it would be quite valuable to block/allow based on those.

    Sample categories for the US:

    1 - Film & Animation
    2 - Autos & Vehicles
    10 - Music
    15 - Pets & Animals
    17 - Sports
    19 - Travel & Events
    20 - Gaming
    21 - Videoblogging
    22 - People & Blogs
    25 - News & Politics
    26 - Howto & Style
    27 - Education
    28 - Science & Technology
    29 - Nonprofits & Activism
    30 - Movies
    33 - Classics
    34 - Comedy
    35 - Documentary
    36 - Drama
    39 - Horror …

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. DNS Web filter

    DNS Web filter would be a good add to Sophos XG.

    Reference:
    https://cookbook.fortinet.com/dns-web-filtering/

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web or App categories for Office 365 and Suite

    Create New web category and application category for only Microsoft office 365 and Google business to make it easier to allow it directly without the need to create it manually

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Web: Blocking based on keywords in URLs

    Can you please add the ability to block based on keywords. This feature is extremely useful when attempting to sell to a school or charity, or any organization.

    This feature is available in SG UTM.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Automatic FQDN and Web exceptions for Office365 based on Microsoft published lists

    We've found that XG v17 and even some v16.5+ firmware breaks office365 activations, updates and downloads by Sophos' IPS/content filtering. The only way to get it to work is to go through the VERY long list to whitelist all the URL's to make it work. Office365 is a fairly widely used product for installations. Wouldn't it make sense to put in the exception's list (even if not enabled by default) in order to not have to do this for every firewall out there? Either that or fix the IPS/content filtering so that it stops tripping up on O365 updates and…

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. XG Firewall allow only specific youtube channel

    As what I observe during our POC on client. They want to allow the specific channel of their own youtube account and block other sites. Other competitors of Sophos don't have any features also on to this.

    Purpose: users can access only their channel videos on youtube

    Thank you in advance Sophos Team!

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Captive Portal Session Timeout

    Bring back the captive portal session timeout like UTM 9, in XG if closing the window after login is the same as logout.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.