The firewalls must: Notify the administrator in real time of any items requiring immediate attention. -[Requirement of PCI CP)

Can we please get some QOS functionality on a per interface or per Gateway option,

We have a lot of customers that have multiple links with different speeds, it is currently difficult to manage this with the current QOS functionality.

I see a lot of other feature requests for QOS but none that cover this topic.

Thank you

i need to enable load balancing between 2 isp where having 3 isp

Right now it would appear that data used by voucher users even for local traffic, affects their qouta balance, so if a voucher is for 1 Gig, if the voucher user consumes only local traffic, not WAN data, it still affects the user's data usage. Personally don't think it should be that way, or at least have the option to not have it affect the voucher balance.

Gostaria de sugerir a implementação do agente do zabbix nos equipamentos Sophos XG, a sugestão é devido a necessidade que temos atualmente de monitorar alguns XG, que estão trabalhando como brigde e não possuem acesso quando a origem é a internet, com a possibilidade do agente zabbix poderíamos configurar para que o mesmo enviasse as informações para nosso servidor no SOC, independente do IP de saída.

Resumidamente ter a opção de trabalho ativo e passivo.

https://www.zabbix.com/documentation/3.0/pt/manual/distributed_monitoring/proxies

Would be awesome to be able to see the progress of a scan from the users perspective instead of a dead screen and then have to guess when the scan is done.

SSL vpn connection is all about remote connection to the local Lan and also it should be for VPN connection also. when we connect through SSL vpn we can access only local machines but not the remote VPN machine , thus admin has to provide another local machine for remote SSL_VPN user. Your thoughts on this......

STAS application should allow changing WMI credential (case number 8430014). The installed STAS agent per domain controller should have an option to update the credentials used for collecting info. The only option to enter the credentials is during the install. So if the admin username / password changes, the only option is to uninstall / reinstall the agent.

Need a way to check how many firewall rules an IP host is associated with.

It is good to provide more details to an IPS signatures directly from the IPS policies/signature. This was found in Cyberoam last time but not available in Sophos.

This is useful for the security admin to find a resolution to the "attack" rather than only bypassing it, without knowing what is going on.

Today, it is quite possible to brute-force attack L2TP and PPTP as there is no way to drop incoming requests based on IP, geo or any other variable.

I would like the ability to assign a network rule (or equivalent) that drops requests for such features before entering the firewall, before reaching authentication. Much like ACL exceptions for device access does.

This is not possible today, and we have to contend with miles of logs with login requests and tries from far away, just probing for passwords.

quota limit per IP (feature available through user only)

Data Control is rule based but has a hardcoded rule (per sophos support) that cannot be disabled: it blocks all communication to external devices that isn't initiated through Windows Explorer. But this is how backup software operates (Veeam in our case). We cannot enable Data Control and perform data backups. My request is to make this functionality of Data Control be rule based so end users can choose to enable or disable it to fit their environment.

Give us a way to bypass the IPS based on source and/or destination. We have clients who pay for vulnerability scanning, pen-testing, web app auditing, etc. and currently there is no way to bypass the IPS if the rules are numerous without duplicating each rule where the first rule has the IPS turned off.

It would good if you could enable/disable the firewall rule from the main list display, rather than having to click the "..." menu and then select disable/enable. Cyberoam could be enablde/disabled on the firewall rules list.

Static ARP Bulk upload feature is highly recommended

Nat on a different TAB, like SG version,
It will be great to use and categorize rules by selecting NAT SNAT,DNAT,1:1 NAT.