XG Firewall
Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.
-
Restart Wireless Access Point Function
Each access point should be able to be restarted. This helps in two ways:
- Perform a OS restart of the Access Point if 'turning on and off' the wireless network does not work
- Allows you to see a port blip on the POE switch to confirm what port the AP is connected to in remote areas
106 votes -
Hotspot "terms of service" customization
I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.
My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.
When the user accepts, they are granted Internet Access. The user…
100 votes -
wireless band steering
Band steering allows dual band devices to be forced onto the faster 5Ghz spectrum when supported to free up bandwidth for those devices which only support the 2.4Ghz spectrum.
I believe Sophos Cloud wifi already supports this.
We need this on both XG and UTM63 votessenthilraj.s responded
Thank you for Reaching out .
Wireless Bandsteering on XG & UTM is present in our Roadmap . We will keep you posted once a Release Vehicle is Identified .
-
Rogue access point detection
The Sophos XG firewalls should be able to detect rogue access points with APs connected the same way the models with built in wireless do.
62 votes -
HotSpot logging
hotspot
HotSpot feature lacks logging capabilities.
For example it would be great to autmatically map and log voucher code with IP address of user that was using it and create reports based on this.
Without this it's impossible to audit what traffic was generated by that user.Same issue is with UTM:
http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/10924653-logging-for-hotspot-vouchersThanks,
Lukasz Naumowicz60 votes -
Facebook
Is it possible to use Wireless authentication by Facebook and others social on Guest Wifi network via sophos AP ?
39 votes -
Improve WiFi roaming for Apple devices with 802.11 k
Apple Devices & WiFi:
So everybody knows that Apple has its own opinion for WiFi Roaming and switching to the next AP with the best wifi signal. I think it's a good idea to implement the 802.11k standard to Sophos AccessPoints, according to the knowledge page from Apple at: https://support.apple.com/en-us/HT202628 where they talking about the 802.11k Standard. Maybe this is a solution for Apple devices that have connection issues and do not want to switch the access point.36 votes -
Support for WPA3
I realize that it's a new standard, and the WFA is only just now beginning to certify devices, but are there plans to attain WPA3 certification for Sophos AP and managing firewalls?
36 votes -
Notified abount Access Point UP / Down
it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.
34 votes -
Reboot AP via Web Admin UI
Make it possible to reboot an AP from the XG's Web UI.
Implementar a possibilidade de reiniciar AP via Interface Gráfica (WEB)
32 votes -
Wireless Site Survey
I think you can do it on Sophos Cloud, but the ability to upload and mark on on a floor plan where all the access points are, and do site surveys.
25 votes -
Sophos Access Points to remain working even if XG is unreachable
The downside we have identified for Sophos APs is that if a remote office with Sophos APs is connected to head-office XG via VPN and everything routes through the VPN, when connectivity is lost, the APs go offline and the remote offices cannot even access their local devices (e.g. printers / local NAS) via WiFi.
This makes a WAN issue into a much larger impact as the remote offices are unable to work effectively.This request is that when XG is not reachable by the AP, it will fallback into an admin defined mode. e.g. if normal mode is bridged…
25 votes -
Schedule AP firmware updates
it would be great to schedule applying updates to wireless AP units.
It would also be good to be able to update multiple APs at different times in order to avoid a total wireless outage
20 votes -
WI-FI connectivity status and usage
XG wireless lack a way to identify devices connected to the APs as well as not able to see any kind of live usage data. In SG it's possible to see how a wide variety of wireless information and live data. This really is something required in Sophos XG
19 votes -
Ending a wireless session
There is currently no way to see a wireless session and disconnect that person or device from their wireless session. Good security feature for blocking a device or the devices MAC address of that device.
17 votes -
wireless client list
On the UTM there is the option to add custom names to a wireless client.
Wireless protection - Wireless clients - Wireless Client list
Would be great to have this option on XG also.15 votes -
Pre-authenticate Hotspot users by MAC
I have created Hotspot and the vouchers for guest users. However, on this hotspot, I would like to have some users be authenticated with their MAC addresses such that they are not prompted with a captive portal to enter voucher. This feature is helpful - to authenticate/allow users based on MAC addresses on guest or other hotspot.
15 votes -
Mixing Wireless Client Traffic Types
I want to be able to add all my wireless networks to all my access points.
Currently I cannot mix "Bridge to AP LAN" and "Bridge to VLAN" on the same access point which I could easily do on other wireless systems.14 votes -
Hotspot Portal listen on RED Interface.
Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!13 votes -
Allow Visibility and control of Live Guest Hotspot Users
It would be really nice to be able to see a list of current Hostname/Mac addresses of those using the hotspot (and boot them if necessary).
It would be even better if I could get a daily report that shows me hostnames/mac addresses of those people using the hotspot.
13 votes
- Don't see your idea?