XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Show blocked web page for Application Filter and Malware block to user

    Show blocked web page for Application Filter and Malware block when in the web browser

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. Application-Traffic Shaping based on percentage of WAN bandwidth available

    Allowing to set application bandwidth based on the percentage of the WAN bandwidth available will make enable copying configs from firewalls with different total WAN bandwidth. Moreover will make it a less hassle to upgrade or downgrade WAN bandwidth in the future. This feature would greatly enhance the settings for MSPs or vendors who send out pre-configured firewalls.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. Custom Application Category

    We could like to be able to create a custom Application Category for applications discovered as part of the Synchronised Application Control process.

    We would like to be able to block newly discovered/uncategorised applications (SyncAppCtl), until they have been verified by an admin. Once verified we would like to add them to a custom category which we can allow/deny access to the Internet as part of an application filter policy.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. 14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. need whitelist for application filter

    At the moment, application filter works on blacklist, and we cannot create whitelist application filter to allow a specific application, and block all other applicaitons including unknown/unclassified applications.

    Other vendors can achive it, Palo Alto Application Whitelist Example: https://docs.paloaltonetworks.com/best-practices/8-1/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/identify-whitelist-applications/application-whitelist-example#

    There are a number of compliance criteria (CIS for one) that require whitelisting of network applications, as per https://www.cisecurity.org/blog/understanding-cis-control-2/

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. SNMP v3 version in XG105 firewall is not available

    SNMP v3 version in XG105 firewall is not available, please check possibility to add it in the new firmware version ASAP. Because without SNMP v3 i dont like to call it as firewall itself.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. mac binding ssl vpn user

    Require mac binding of ss vpn users, if possible kindly revert

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Excempt Specific Applications from Traffic Quota

    Allow us to 'exclude' certain applications which may not be able to be configured on an IP/port basis, from the Quota functionality.
    E.g Skype, Viber, Skype4Business, Office365

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Winbox

    We are an ISP and we use Mikrotik equipment. We connect with the software Winbox. Winbox application uses TCP Port 8291. Please can you add the Winbox application so the traffic is recognised in the firewall. Right now it is unclassified.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Please list TOR Browser under P2P Application Category

    TOR Browser is not listed under P2P category and could not be blocked by XG Firewall.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add option to application rules for automatic email alerts.

    When configuring an application policy rule, I would like an option to have email alerts sent to the configured address if the programs in that rule are detected.
    Also, the option to configure the text of the alerts would be nice, with {user} for the Username of the application and {app} for the application in use.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Some websites taking too much time to load, It works fine without using cyberoam CR25ing.

    In firmware version 10.6.2 of cyberoam CR25ing many websites taking too much time to load properly, but when I create new rule without attach identity it works fine.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Disable HTTPs Interception based on client software that starts the request

    At first i think Sophos does a great job, but i have one realy missing feature.
    Actual the most traffic in the Internet is HTTPS based, because of that scanning is mandatory.
    But the XG Certificate that we import on the Client is oonly valid for request that are opend from a browser like Firefox; IE or Chrome.
    On the client itself i see more and more Software that does her own requests and do not use the browser engine. This software does her on Checks if the Certificate from the HTTPs site is what they expact, and they have…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. flip default application filter action

    It does not seem possible to change the default action for an application filter once it has been created. While there may be little need for this in most use-cases, it would be tremendously helpful for one-off testing.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow remote session and denied file transfer over Team-viewer application

    Requirement is Allow remote session and denied file transfer over Team-viewer application.

    Refer the case id : 7486601

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. AD authenticated user stays logged in forever

    I have configured user authentication from AD to access the internet. In present firewall is automatically logged out the user if the user is inactive for some time (same told by Cyberoam technician). So remove this feature or make an option for this for users to logged in continuously.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. web interface user portal

    Add option in User Portal to be able to use the XG web interface. Also be able to access other XG web interfaces from the User Portal bookmarks.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. User level application policy in Sophos XG like internet scheme on XG

    I would request to Sophos team to have feature to control/apply user level policy for application filter as well , when we migrate from cyberoam to Sophos there was feature called internet scheme where we can select the users separate policy even they have another group. Please bring this option or advice us is there any other option made in Sophos

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. Diagnostics

    In policy test we should have an option to test policy for Application as well. Is it blocked or not.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Youtube access from particular website

    This is Indian government website https://swayam.gov.in/,In this website the course material like videos and youtube links are available ,We are required to enable the youtube videos from the above mentioned website only, We want to create a new policy for enabling the youtube from the website only.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.