Sophos Ideas / XG Firewall

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

← XG Firewall

Know where an object is in use

Know where an object is in use. By selecting the object you have the option to report on which rules, policies, etc. are added.
This will allow cleaning of objects, making it easier to manage and maintain them.

This should also include the ability to locate unused objects across the UI and delete them if they are no longer needed.

198 votes
Sign in Sign in with: Log in with your Sophos ID
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Jorge shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

14 comments

Sign in Sign in with: Log in with your Sophos ID
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Andreas Rieger commented  ·   ·  Flag as inappropriate

    Easy to Implement for Sophos i'll think. Here is the SQL command to search Hosts inn Firewall rules:
    Source Hosts:
    psql -U nobody -d corporate -c "SELECT h.hostid,s.fwruleid FROM tblhost h join tblfwsource s on h.hostid = s.hostid WHERE h.hostname='Hostname-placed-here' ;"

    Destinationn Hosts:
    psql -U nobody -d corporate -c "SELECT h.hostid,d.fwruleid FROM tblhost h join tblfwdest d on h.hostid = d.hostid WHERE h.hostname='Hostname-placed-here' ;"

  • Antonio commented  ·   ·  Flag as inappropriate

    Fortigate, Cisco ASA, etc ... all of them have this feature. When I need to delete an object is very hard search where the object is used.

  • Kyan commented  ·   ·  Flag as inappropriate

    Report showing what firewall rule Host and Services are used in. This would be helpful to keep Host and services up to date. It is a pain to see an IP host but not be sure if it is used in any rule. If it is it would be nice to be able to see what rules it is used in. Same with services.

  • Christian commented  ·   ·  Flag as inappropriate

    is it possible to display e.g. Hoste IP/Host FQDN items or groups, how and where the object is being used/linked in the XG?

  • Rodrigo Finger commented  ·   ·  Flag as inappropriate

    Deploy in the Sophos firewall to show in which rules an object is linked (host and services). This is very useful when I want to delete the object.

  • Marcus commented  ·   ·  Flag as inappropriate

    Show usage of certificates.
    We had to renew our wildcard certificate due to normal expiration. We have bound the new cert. to all rules we could find using the old one. After all, we haven't been able to delete the expired cert, cause the UI told us it is still in use within an http-policy. In fact, it was in use in a deactivated business-policy and within the "admin-settings".
    It would be nice to have...
    a) a better error message with concrete details where the cert. is used, or
    b) The possibility to list all occurances directly from a certificate

    best regards,
    Uli

  • PJR commented  ·   ·  Flag as inappropriate

    Or at least add a button "Where Used" to list all rules this object or rule is used. Like CheckPoint firewall.

  • A.Rieger commented  ·   ·  Flag as inappropriate

    UTM like search in firewall policys:

    Searching for used objects in the policys is an nightmare on the XG firewall. Please bring an UTM like serch, where you can type in, what you want to search and then all the policys with the serched object will be displayed.

    At the moment it is an nightmare, when you have several hundreds of rules and you want to find all rules for an specific object. And yes, in bigger companys you will have several hundred of policys.

  • Son L. commented  ·   ·  Flag as inappropriate

    I also would like this feature. I would recommend color coding objects in use red or orange if a sort/filter cannot be done.

XG Firewall: Base System + General UI

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.