XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Per-policy control for SafeSearch

    Please provide the option to enable/disable Safe search and youtube restricted mode per policy.

    In schools we need the ability to enable/disable the safesearch and youtube restricted mode based on the policy for individual user groups rather than globally while at the same time as having web category filtering.

    For example we would like to turn safesearch mode and youtube restricted mode off for certain staff groups but while maintaining the category filtering, where as students we want safesearch and the youtube restricted mode on at all time.

    88 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Separating “YouTube Restricted Mode” from "Enable SafeSearch" feature

    Separating YouTube "Restricted Mode" from "Enforce Safe Search" option in XG Firewall would allow much more flexibility for customers.
    YouTube "Restricted Mode" is currently just too “restricted” (not usable) and customers should have possibility to turn it on or off without impact on SafeSearch.
    On the other side, SafeSearch is very useful feature that customers would probably have always on.

    95 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Upgrade Cyberoam to Sophos and lost features

    In Cyberoam, we could go to firewall rules and in one view could see all the rules, what the source and destination restrictions were.

    With Sophos O/S we now have to go in and edit each rule, one-by-one, just to see what the settings are.

    In addition, on a 24" monitor, we can only see 9 rules per screen on Sophos, as opposed to Cyberoam where you can see 32 rules per screen. On a device that has 30-40 firewall rules, navigation on Sophos O/S is an absolute disaster.

    Please bring back the old GUI, or AT LEAST allow it…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →

    We are making some layout improvements to better support larger rulesets. We won’t copy the CR ui in XG, but we will make a number of improvements in v17, to make working with large rulesets better. Some of that will be improving the layout and use of vertical space.

    Our priorities in v15 and v16, were to reduce the need to scroll horizontally in as many cases as possible, and then to make the rules themselves more powerful, allowing for excessive numbers of similar rules to be consolidated into many fewer rules. This is largely successful, and we are now focusing on improving the display efficiency, to allow more rules visible on the screen at once, ability to group and hide related rules, making the display shown per rule more efficient, and other improvements to make working with larger rulesets easier.

  4. Remove support for TLS v1.0 and Insecure Cyphers or Allow them to be disabled

    The XG still supports protocols that are insecure and fail PCI compliance scans. These protocols such as TLS v1.0, 64-bit block ciphers, etc should be able to be disabled through at a minimum the CLI and preferably the UI.

    67 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. SMTP Smarthost

    Get back the possibility to relay outgoing email from the Sophos XG to a SMTP smarthost like we had in UTM 9

    69 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. packet tracer

    A feature like Cisco's ASA Packet Trace utility will be very nice. I like the XG firewalls but I really miss the Packet Tracer. Here's a little bit about it:

    https://supportforums.cisco.com/document/29601/troubleshooting-access-problems-using-packet-tracer

    I like it because you don't need to setup test hosts - the test packet virtually injected from the appliance itself.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Initial Install

    During the initial install, Sophos XG chooses the interfaces on its own. User should be able to decide which interface to use.

    Also basic setup is the only option someone can do to configure WAN port in order to register device. This would also be nice to choose the interface to use.

    Add Registration log to console menu to permit user to see the logs regarding registration errors. At the moment I am unable to register the device, it was difficult to track down log messages.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →

    The initial product setup process is being updated in an upcoming release, before v17. This will improve the registration process, and interface configuration options available during the registration process.It will also update the setup wizard offered on first login, providing an improved initial install experience, end-to-end.

  8. Bring RED Tunnels to UTM's and also to Sophos XG

    I would love to be able to create RED tunnels to other Sophos Firewall XG devices aswell as Sophos UTM's.

    This was a big disappointment to myself who used RED tunnels between UTM's

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. 56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.