XG Firewall
Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.
-
QOS reduces bandwidth on Surfing Quota expiry
After using Surfing Quota for Users. Speed should be decrees rather than stooped internet.
35 votes -
Application-Traffic Shaping based on percentage of WAN bandwidth available
Allowing to set application bandwidth based on the percentage of the WAN bandwidth available will make enable copying configs from firewalls with different total WAN bandwidth. Moreover will make it a less hassle to upgrade or downgrade WAN bandwidth in the future. This feature would greatly enhance the settings for MSPs or vendors who send out pre-configured firewalls.
33 votes -
Custom Application Category
We could like to be able to create a custom Application Category for applications discovered as part of the Synchronised Application Control process.
We would like to be able to block newly discovered/uncategorised applications (SyncAppCtl), until they have been verified by an admin. Once verified we would like to add them to a custom category which we can allow/deny access to the Internet as part of an application filter policy.
26 votes -
Exempt Specific Applications from Traffic Quota
Allow us to 'exclude' certain applications which may not be able to be configured on an IP/port basis, from the Quota functionality.
E.g Skype, Viber, Skype4Business, Office365Also, Windows Update and other software update that may consume quota quickly.
21 votes -
19 votes
-
User level application policy in Sophos XG like internet scheme on XG
I would request to Sophos team to have feature to control/apply user level policy for application filter as well , when we migrate from cyberoam to Sophos there was feature called internet scheme where we can select the users separate policy even they have another group. Please bring this option or advice us is there any other option made in Sophos
14 votes -
Browser based proxy authentication
Implement browser based authentication like what the UTM and all other solutions offer. This would be brilliant for the authentication to be browser based on devices with multiple users using it with the same IP
11 votesPlanned ·AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) responded
We are planning this feature for an upcoming release – hopefully it will get into version 18.5.
-
Remote VPN login session details
Remote VPN login session details
10 votes -
Identify internet services/apps by IP/port for use in firewall rules
Add Internet services (applications) to firewall policies. Maybe very useful to switch to a real application firewall. Now also fortinet introduced the "internet service database" to reach this goal
10 votes -
Manual classification of unclassified traffic
I see 90% of my traffic as unclassified, it falls into 2 buckets: veeam and zerto. Any way to get these properly classified by TCP port number?
9 votes -
Add tiktok to application policy list.
Add tiktok application to application policy list to manage traffic easily. It's a high data consuming app and please always ensure a way to control application traffic by sending updates for latest application or suggest a way we can add application manually as sophos let us control web traffic.
8 votes -
SCADA/ICS Application Awareness
Please bring the ICS/SCADA protocol awareness that the Cyberoam devices have over to the XG.
8 votes -
Application
Allow (within the organization) the ability to add their own applications. Currently there appears to be no way to add a custom application without getting approval through the Sophos board.
7 votes -
Application filter category : Ads & Tracker
In the application filter there is an category called "e-commerce". When you look inside the application list, you can see a lot of banking apps listed but also Ad-Server apps and tracker. It would be nice when there is seperate new category like "Ads & Tracker". This would make it more easier for the administrator to filter and block unproductive web apps.
6 votes -
application control
Show blocking page when an application is blocked by application control.
Currently we only see a browser error when an application is blocked and we often need to check the logs to find out which application caused the block.6 votes -
WhatsApp Control
need control on whats App Contents where need user can't view and download videos and audios files
6 votes -
OpenAppID integration
OpenAppID is an open, application-focused detection language and processing module for Snort that enables users to create, share and implement application detection. OpenAppID puts control in the hands of users, allowing them to control application usage in their network environements and eliminating the risk that comes with waiting for vendors (Sophos, for example) to issue updates.
OpenAppID harnesses the power of open source and the larger security community to provide application visibility and address the application attack vector by accelerating development of application detectors and controls. Application-layer context augments security events that tie to attack protection and allows for granular…
6 votes -
Clone application filter policies
Allow cloning of policy in Application Filter. It would be great if i can clone a policy and tweak it for other staff to use, saves a lot of time.
6 votes -
Allow modification of app filter default action
It does not seem possible to change the default action for an application filter once it has been created. While there may be little need for this in most use-cases, it would be tremendously helpful for one-off testing.
6 votes -
Block Internet Explorer 10 & 11
Currently Internet Explorer 6 – 9 are listed in the Applications list on our Sophos XG310s. We would like to be able to prevent our end-users from using Internet Explorer 10 and 11.
5 votes
- Don't see your idea?