CLI - More basic commands to manage XG
Give us the chance to manage XG basic features from CLI, such as:
creating/editing/deleting network objects
creating/editing/deleting ips/application control/web policies
creating/editing/deleting and managing VPN
Ali Akbar commented
Most of the Ideas are not respected at sophos, that is why they are behind in the game. This thread is from 2015, is there any comment from sophos as of yet ?
Initially they have removed good features from cyberoam when rebranded as sophos XG and they are bringing back the removed feature as new updates...wow... what a strategy.
If someone not agree, please check the SSL-VPN port change, logging etc.
foad elmi commented
I do agree with this Idea.i need to create or modify objects/users/groups and etc with cli.
XG Fan commented
properly implemented cli will always enable admins to get things done faster than is possible from point & click gui.
creating/editing/deleting FW rules
Nidal Malla commented
I agree , I have some experince with Juniper (Netscree, SRX) , FortiGate and PaloAlto , All of those products have a strong CLI , allow you to have full control on your Firewall using the serial port . Im very disappointed because of the Limited Sophos CLI capability . In addition editing and comparing the configuration Files is not available in Sophos XG which is very important during the trubleshooting or migrating some of the configuration or using them as Templates for other Boxes .
Please add the feature to change user password from CLI.
Adding a feature to download/upgrade the firmware via CLI
It will be really convenient to have cli functionality similar to other firewall vendors.
In addition I think the following feature would be required for automated deployments:
1) Either having api enabled by default in the image or allowing API enabling from cli. I do not see any reason why API is disabled by default. Also, it is not possible to automate deployment without having the ability to enable API at least from cli.
Please make the CLI like Citrix Netscaler and add all commands available on the WebAdmin. Unify the syntax of the commands.
"show system ipsec_route" and not "system ipsec_route show"
Also make sure you remove the Advanced shell access once all the commands have been implemented. A poweful and locked shell is mandatory for "Leader Product". Other vendors do not allow access to linux based OS in any way, any!
Everyone should learn from "Cisco" school.
Really need this feature!!!
And then creating/editing/deleting firewall rule must be basic in this feature.
Rogerio Lucio Cardoso Pinho commented
Other manufacturers, such as Fortinet, have this feature which is very useful for analysts who manage the firewall
Ludwing Villalobos commented
I am supporting this idea, especially to have greater control using CLI to manage RED Device (creating / editing / deleting).
I take this to share my experience regarding the administration, so far not supported but I think a great alternative to the administration.
We can access this option through GUI (Setting> Administration> Import Export) to export settings and edit the XML file with parameters and then importing it again, I have not used yet because I have an environment where production and do not want to affect the state this, however, some bugs have limited the administration interfaces.
I hope some feedback about it. thanks.