XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. DMARC Support

    Please add DMARC to the E-Mail Protection. More Information under https://dmarc.org.

    This is a very important Security Feature for us.

    Thanks

    90 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add "Create new" option to Hostname field in email encryption

    Please add the function "Create new" to the Hostname field in E-Mail -> Encryption

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Email Protection: exceptions for virus,- spam and content checks

    Please make it possible to make specific exceptions for virus,- spam and content checks like it is possible in the UTM. Now you can only make general "Spam Check Exceptions" for "Domain Name"??? Which actually only creates an exception for the IP blacklisting check.

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Outgoing email quotas

    The MTA should offer an option or a specific FW rule to set some email outgoing limit up (e.g. max 200 outgoing emails per hour, max 10 emails per hours if user is XYZ, ecc.).

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Content based email filtering

    It would be very helpful if it we could set a filtering rule to bypass/mark an email if the content of the email contain certains words or phrases. I could be similar to a DLP rule but with custom parameters.

    56 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Filter encoded content on headers

    Hi,

    we received a phishing attempt in which an internal and effective email address appear as sender. After some analysis we found in the message header that sender and subject were encoded on UTF-8 (Base64).

    Here the modified header as example:


    Received: from hide (hide) by hide
    (hide) with hide (TLS) id hide via hide
    Transport; Wed, 10 May 2017 23:45:21 +0200
    Received: from hide (hide) by hide
    (hide) with hide (TLS) id hide; Wed, 10 May
    2017 23:45:21 +0200
    Received: from hide (hide) by hide
    (hide) with hider (TLS) id hide
    Transport; Wed, 10 May 2017 23:45:21 +0200
    X-Virus-Scanned:…

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Outlook add-in for Email Protection

    Please can we have an Outlook add-in which will allow users to blacklist with a single click.

    I love the daily digest which allows users to release false positives but there seems to be no function for undetected spam which makes it through.

    Thanks

    57 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sending only 1 quarantine report to user

    Currently the quarantine digest sends a report to very e-mail adres that is configured as a user.

    When user1 had 1 email address it gets 1 report
    When user2 has 3 email addresses it gets 3 quarantine reports these other two are duplicates, so only need to be send once.

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. POP3/IMAP-Increase email scan limit

    Please increase POP3/IMAP email scan size limit from 10 MB to at least 50 MB as for SMTP. It is not acceptable to have security only until 10 MB. Denying is also no option, if you want to keep your business communication going.

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. SPX Portal on port 443 in stead of 8094

    It is only possible to use ports between 1025 and 65535 for the spx portal. Receipients behind a firewall which block non standard ports will not be able to choose a password for encryption. I know port 443 is being used for the user portal so it will conflict so maybe use an alias for both. Just like the ssl vpn port not able to use port 443 is a major flaw in this product.

    39 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow outgoing emails to be signed with DKIM

    Include the possibility of signing outgoing emails using DKIM for all or only selected email domains as in UTM9

    266 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    46 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. XG MTA mode - bypass a sender/recipient address or domain from email protection

    The new MTA SMTP deployment mode in SFOS v16 lacks the ability to bypass a (or some) sender/recipient from all email protections. At the moment, we can only create a SMTP policy to bypass a destination email domain from email protections, and it is not practical in most situations.
    However, in the Legacy SMTP deployment mode, we can create a SMTP scanning policy to bypass certain sender/recipient from all email protections.
    It will be great if MTA mode can be implemented with the feature of bypass certain sender/recipient from email protections.

    134 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Support Outlook 2016 with SPX outlook add-in

    Currently XG is still using version 1.3 of the outlook plug-in which does not support Outlook 2016. Can you please update the plugin/add-in on the XG User portal.

    22 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. e-mail spoofing protection

    Dear All,

    This product already has integration with domain environments and it will be really great to have functionality to check for existing mailboxes. In case appliance receive an e-mail with randomly generated recipient (real domain with fake user part) it will discard it asap.

    I'm not familiar with how it should be properly implemented (may be exchange integration needed), but it will be really awesome functionality!

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. XG: Allow SPX Data protection rules to use keywords

    On the XG - version 16 in MTA mode you can only use predefined CCLs and are limited in what you can look for in Data protection to encrypt emails.

    Like legacy mode and version 15 - you can use a keyword to encrypt emails. For example any emails with Subject: [Encrypt] - SPX encrypt this email. This is a very crucial feature that should exist.

    Sent on behalf of client.

    33 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. pattern/expression filter for SMTP Protection

    Ability to filter email based on a word search. Would be nice to have a list of prohibited words that if the SMTP scanner sees the word, the email could be filtered or dropped, etc.

    29 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Reason for email quarantine in quarantine list

    It would be great to use the GUI to see at a glance the reason for why an email was sent to the quarantine. Currently the easiest way to do this in the GUI is to un-check all of the "filter-by" options and check them one by one until you find the reason.

    Ideally an additional column would be added to the list that states the reason (Blocked Source IP, Spam, Infected, etc.). It would also be nice if the UI of the email filter section was brought inline with other parts of the XG, such as the live users…

    88 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Notify sender when email is rejected after acceptance

    Accepted e-mails may never be lost.

    If an assumed e-mail is discarded due to an e-mail policy, a notification to the sender must be made. False positives always occur.

    If an e-mail is rejected by the "Spam Protection" or "File Protection" policy, there is no way to inform the sender. The same applies to the RDNS tests, also the sender is not notified here.

    The reason:
    In Germany, an invoice can be sent by e-mail, even if the reminder is not respected, the court order for payment can be opened at the dunning court. About the statement "My firewall has…

    41 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Users to have ability to manage emails Whitelist and Blacklist via User Portal and quarantine report .

    Users to have ability to manage emails Whitelist and Blacklist via User Portal and quarantine report .

    303 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    36 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Email Protection: Implement SPF and Header functionality into Sophos XG

    Hi Sophos, for Security and anti Spam enhancement please include the spf check and header modification functionality in your xg firewall.

    196 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.