Each access point should be able to be restarted. This helps in two ways:

1. Perform a OS restart of the Access Point if 'turning on and off' the wireless network does not work


2. Allows you to see a port blip on the POE switch to confirm what port the AP is connected to in remote areas

The Sophos XG firewalls should be able to detect rogue access points with APs connected the same way the models with built in wireless do.

Band steering allows dual band devices to be forced onto the faster 5Ghz spectrum when supported to free up bandwidth for those devices which only support the 2.4Ghz spectrum.
I believe Sophos Cloud wifi already supports this.
We need this on both XG and UTM

hotspot

HotSpot feature lacks logging capabilities.

For example it would be great to autmatically map and log voucher code with IP address of user that was using it and create reports based on this.
Without this it's impossible to audit what traffic was generated by that user.

Same issue is with UTM:
http://ideas.sophos.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/10924653-logging-for-hotspot-vouchers

Thanks,
Lukasz Naumowicz

Is it possible to use Wireless authentication by Facebook and others social on Guest Wifi network via sophos AP ?

Apple Devices & WiFi:
So everybody knows that Apple has its own opinion for WiFi Roaming and switching to the next AP with the best wifi signal. I think it's a good idea to implement the 802.11k standard to Sophos AccessPoints, according to the knowledge page from Apple at: https://support.apple.com/en-us/HT202628 where they talking about the 802.11k Standard. Maybe this is a solution for Apple devices that have connection issues and do not want to switch the access point.

it could be nice to receive notification about the status of AP connected to XG (Wireless Protection), actually the state is displayed on the dashboard (numer of total AP / number of AP connected) but it is not a warning, there is no log in the Wireless Security section related to an AP that goes offline. Also in SFM there is no specific Alert/Notification about AP state.

Make it possible to reboot an AP from the XG's Web UI.

Implementar a possibilidade de reiniciar AP via Interface Gráfica (WEB)

I realize that it's a new standard, and the WFA is only just now beginning to certify devices, but are there plans to attain WPA3 certification for Sophos AP and managing firewalls?

https://www.theverge.com/2018/1/9/16867940/wi-fi-alliance-new-wpa3-security-protections-wpa2-announced

I think you can do it on Sophos Cloud, but the ability to upload and mark on on a floor plan where all the access points are, and do site surveys.

it would be great to schedule applying updates to wireless AP units.

It would also be good to be able to update multiple APs at different times in order to avoid a total wireless outage

XG wireless lack a way to identify devices connected to the APs as well as not able to see any kind of live usage data. In SG it's possible to see how a wide variety of wireless information and live data. This really is something required in Sophos XG

There is currently no way to see a wireless session and disconnect that person or device from their wireless session. Good security feature for blocking a device or the devices MAC address of that device.

On the UTM there is the option to add custom names to a wireless client.
Wireless protection - Wireless clients - Wireless Client list
Would be great to have this option on XG also.

It would be really nice to be able to see a list of current Hostname/Mac addresses of those using the hotspot (and boot them if necessary).

It would be even better if I could get a daily report that shows me hostnames/mac addresses of those people using the hotspot.

I have created Hotspot and the vouchers for guest users. However, on this hotspot, I would like to have some users be authenticated with their MAC addresses such that they are not prompted with a captive portal to enter voucher. This feature is helpful - to authenticate/allow users based on MAC addresses on guest or other hotspot.

Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!

I want to be able to add all my wireless networks to all my access points.
Currently I cannot mix "Bridge to AP LAN" and "Bridge to VLAN" on the same access point which I could easily do on other wireless systems.