XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. S/MIME and OpenPGP Encryption

    I am not sure if something is already known about it but when can we expect that feature? Some of our customers are convinced of the XG but want to have mail-encryption with S/MIME and OpenPGP.....

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Delete Emails in SMTP Quarantine after xx days

    At the moment Emails in SMTP Quarantine will only be deleted, if the Quarantine Area is full. Other Sophos products auto-delete these Emails after 30 days. It would be great, if the XG does that too.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Block mails with to many addresses in To: or CC:, so use of BCC can be enforced.

    To avoid fines it helps to be able to block outgoing mails with too many email addresses in To: or CC: field, with exceptions of course. And/or have a function to move all To: and CC: entries to BCC:.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Attachements in SPX

    Attachements of encrypted mails will be attached in the PDF file.
    It would be more user friendly, if all attachements could be seperatly attached to the eMail. Not all receipients have acrobat reader installed, but use for default Edge or similar to view PDF files.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Integration of https://haveibeenpwned.com/ into XG Firewall

    The "Have i been pwned" Service is a great thing to check for breaches in online Accounts.
    One customer had a breach because of credential stuffing. He used the same password for some online Accounts as well as his Active Directory Account.

    We checked a lot of other Mailadresses with this service.
    And found some more breaches.
    The Sophos XG, because of its insight in company Mailadresses, could potentially use this service to warn admins, that an email / password combination has been found on haveibeenpwned and immediate action is necessary.
    As a field on the Dashboard with some informations…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. custom SPX template HTML

    Pls add a possibility to upload custom SPX templates as html files (like in UTM)

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. spx

    For automated email systems it would be very helpfull, if you can create an email protection rule that will encrypt all outgoing mails with SPX that are sent from an specified host from internal LAN

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Reject invalid HELO or missing RDNS exceptions

    For internal use it would be usefull to allow exceptions for this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. SPX reply to include attachments

    When a recipient of an encrypted mail replies there is no option to include an attachment as part of the secure reply. This was a feature on the SG, needs to be added to the XG.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. mail

    In UTM it is possible to decide in which cases users get the right to release their quarantined e-mails or only an utm-administrator. We believe a lot of users do not have the competence to decide wether an e-mail is worth to be released from quarantine or not.
    Please make this feature possible in XG, because many costumers don't want to switch to XG because of this feature. We also ask for the possibility to choose several data types for attachment based policies, not only one type. It is not really practicable to choose all data types and then to…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. SMTPS port 465

    SMTPS also works on port 465 - please add support for it.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. spam source ip column

    Currently it's not possible to view the source ip of SPAM mails being dropped by the Sophos XG. The column "source ip" is not available (while it's there in mail usage). Which makes troubleshooting impossible.

    Also for rule name "global" the subject is always "not available"

    According to the support session, both are feature requests.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. greylisting

    Greylisting is a great addition, but emails can be long when it comes to reception because of how the email server at the other end is setup. In one case I had a 100 ips cycled through before the email was accepted in the grey list. The IPs where all in the same subnet.

    It would be nice to add a feature where the administrator can automatically whitelist the greylist or say that a particular subnet is permitted to be whitelisted.

    This would save a lot of time on emails coming in for the first time from a particular source.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Mail Policy based on Sender email address/domain

    We have a customer who regularly receives encrypted emails due to the content of the email.

    We've recently discovered that if an encrypted email comes in and 'Quarantine unscannable content' is selected, the email is quarantined and the user doesn't receive their Quarantine Digest email (which is by design).

    My ideal solution would be to create a separate incoming Mail Policy which allows me to specify the sender's domain (or group of domains) where I can deselect 'Quarantine unscannable content,' so that encrypted emails from those senders aren't quarantined. I would then be able to re-order the Mail Policy to…

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Quarentine Mails

    It is possible to emplementing a hostname for release the email.

    Now it is impossible to release the email for example one user received the mail quarentine but only the release email it is possible when in the LAN network if the user are outside of office doesn´t is possible.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow modification of Data Protection notification emails

    Submitting on behalf of client.

    When using data protection and data control lists for email protection outbound to automatically SPX encrypt with "Notify Sender" checked; if someone tries to send an email hitting the rule, currently the subject line is something along the lines of "Your Email violates Organization Confidentiality Policy". Customer would like to have the ability to modify/customize this subject line.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. smtp rule re ordering with multiple pages.

    When Number of SMTP scanning policy on Legacy mode reaches certain amount, new page of rules is created. The SMTP rules cannot be re-ordered between pages.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. SMTP Policy - File Protection - Better way to whitelist files (by type/extension)

    A better interface for selecting which file types/extensions you wish to allow/block.

    The SEA is better featured in this respect allowing you to select by extension rather than "mime type" (which is very hard to do effectively as some extensions share mime headers).

    If not then more mime types should be included by default!

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Blocked not only the attachment but also the email

    Currently when email file type attachment was blocked, the recipient still received the email with filtered added in the subject.
    Why can’t the XG just blocked the email and notify with a failure notice saying banned file type detected. Serve no purpose that the recipient received the email without the attachment and receiver still need to notify the sender.....

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. prefetch

    Prefetch for IMAP, so the Spam can eliminated on the Server before mobile receive.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.