Implement browser based authentication like what the UTM and all other solutions offer. This would be brilliant for the authentication to be browser based on devices with multiple users using it with the same IP11 votesPlanned · AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) responded
We are planning this feature for an upcoming release – hopefully it will get into version 18.5.
Better integration between XG and Endpoint beyond just heartbeat. e.g, logged on user can be passed to firewall for use in user-based rules.14 votes
Allow firewall rules to "match" by application, and thus permit custom routing/qos. E.g (Streaming out lower cost WAN1, VoIP out faster/more expensive WAN2)
This would be (layer7) application based (Not Subnet/Port based)15 votesPlanned · AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) responded
We are making improvements in this area with version 18.
Earlier on SG, we used to have options to check if gateway is available on any interface but on XG it is compulsory to keep gateway on WAN which is quite annoying while having L2 links connecting its numbers of offices where I need IPsec VPN.33 votes
I may have misunderstood the intent here, but I believe it is to allow use of a gateway, even when that link is not an internet facing gateway – perhaps an MPLS circuit connected to the LAN, or DMZ, for instance. This is currently planned for the next version of XG.
Give us objects like in the UTM, Why do i have to set a static ip in the dhcp, add a dns record in the dns server and create a ip host object for firewall rules, when i could do it all with one object in the UTM.. This was for me a really really perfect feature and it makes it all a lot easier to administrate since you don't have to do the same over and over again for different parts of the configuration.116 votes
This is currently being planned for inclusion in an upcoming version
As Enterprise product, XG should be able to manage multiple ehlo to protect multiple email domain behind it. On UTM9 we have profile mode but multiple ehlo was missing too. Add some sort of profile (including ehlo) for multiple domai for one/multiple public IP, such as WAF does with virtual domain.26 votes
Add support SNMP via VPN without add static routes. This could be as SSH via VPN, only choose a checkbox allowing or deny the service.
Today it is needed add static route pointing to tunnel name.
This should be addressed, as part of our improvements to VPN tunnel capabilities in v17.
- Don't see your idea?