XG Firewall
Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.
-
: www.cert-in.org.in. The alerts on latest malware are published under VIRUS ALERTS section.
JCry ransomware is designed to encrypt data and append filenames with a ".jcry" extension. Once data is encrypted, JCry opens a pop-up window and generates the HTML file, "JCRY_Note.html", then drops a copy in every existing folder. The HTML file delivers a message informing victims about the encryption and ransom demand. This activity was observed in the Information Technology Sector.
*******************************IOC*****************************
Analysis:Host
IPv4: 172.81.182[.]63
Sighted: 2019-03-08 [only single sightings used]
Kill chain Phase: Command and Control
Characterization: IP WatchlistHost
URL: http://185.163.47[.]134/flashplayer_install.exe
Sighted: 2019-03-08 [only single sightings used]
Kill chain Phase: Delivery
Characterization: URL Watchlist
[MD5:C86C75804435EFC380D7FC436E344898].2 votes -
Integrate a Yara Engine rules on IPS
Integrate a Yara Engine rules on IPS
4 votes -
Create and maintain a host group for all O365 services this can be updated with firmware updates?
Create and maintain a host group for all O365 service IP's this can be updated with firmware updates?
10 votes -
Require firewall rule details under Intrusion Attacks report
Information about the firewall rule should be displayed under Intrusion Attacks report.
It will help to filter out allowed attacks in case if the IPS logs are not available.
3 votes -
Add DynDns to support "dyndns.org". Currently it only support "dyndns.com" for XG.
current XG only support dyndns.com but not dyndns.org
1 vote -
Allow port forward of TCP and UDP in same rule
So there's a limitation currently where if you're making a DNAT rule, and you want to change the destination port number, you can't forward ports from both TCP and UDP to the same server using the same rule.
For example, I have an environment where RDP traffic from specific external public IP addresses is forwarded from one of my public IPs to an internal server (via DNAT). RDP uses both TCP 3389 and UDP 3389, but my users connect on a different port number (52389), which I need to forward an internal server on 3389.
I can create services to…
12 votes -
Ability to apply UTM filters on traffic from Discover Interface so to create a report for POC
Discovered traffic from Discover interface could be made more meaningful by applying web and application filters so to get some meaningful UTM reports not just application visibility for the new customer who wants to check the UTM capability of device before buying OR before device goes to inline production environment.
Fortigate has some nice way with one-arm sniffer interface and sniffer firewall policy.
It would definitely help sophos gaining more customers while doing POC1 vote -
Zone Groups
It would be good to be able to build zone groups in a similar fashion to IP host groups, FQDN groups, service groups, etc. This would allow rules to include multiple zone sets quickly.
1 vote -
reset firewall hit counter
reset the firewall hit counter, not only after reboot
5 votes -
alphabetical
It would be great if in the XG550 interface the services and host listings in the Firewall Rules were listed in alphabetical order. That way you would have to search through dozens of objects in a 6 line window.
1 vote -
XG 125 to support half duplex
Hello Team,
We have request here from customer to support half duplex for Sophos XG 125.
For your assistance please. Thank You.1 vote -
Two factor authentication for Active Directory synched under XG
Hello Team,
We have customer here requesting to have Two factor authentication for Active Directory synched under XG. For your assistance please. Thank You.
3 votes -
Proxy tools
For the people who using proxy tool to bypass the firewall , i hope that there an option to quarantine the ip who is using the proxy tool automaticlly .
Like psiphone .3 votes -
ALLOW REMOVAL AND ADDITION OF PORTS TO THE HA WHEN THE CLUSTER IS MADE
Please team of sophos, make that when you want to add or remove a port of the has not have to disarm the cluster.
regards
1 vote -
Sophos Home Guard Hardware for (Home Users)
i have idea for new hardware Called Sophos Home Guard It can connected to router to protect all connected devices (IOT) for (Home Users) it contain Firewall,web protection traffic watcher and more
4 votes -
ppoe
on the wan port PPOE connection not working properly. every 15 day it will be down automatically ,during that Modem is working fine but in network setting PPOE port shown down.
please update any new MR for this problem1 vote -
Overide Hostname - Multiple Hostnames/IP's
To have the possibility of put multiple IP's on the "Override Hostname" configuration.
3 votes -
Organization - Group of groups
To have the possibility of create a group of groups. If I want to separate Business Rules in groups ordered by services, it would be helpful to put the groups of Business Rules in a group, in order to do not confuse Business Rules with Network/User Rules.
3 votes -
Create template for Business Application Rules
When some Business Rules are being configured, it would be helpful to have the possibility of create a template for a rule. In order to optimize the troubleshooting.
3 votes -
Inside activation Firewall Rule
If a Firewall Rule (User/Network Based) is disabled, it would be nice to have the option to activate it inside of rule configuration aswell.
1 vote
- Don't see your idea?
