XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Create object option is missing

    Please add the function "Create new" to the Hostname field in E-Mail -> Encryption

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Email Protection: exceptions for virus,- spam and content checks

    Please make it possible to make specific exceptions for virus,- spam and content checks like it is possible in the UTM. Now you can only make general "Spam Check Exceptions" for "Domain Name"??? Which actually only creates an exception for the IP blacklisting check.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Outgoing email quotas

    The MTA should offer an option or a specific FW rule to set some email outgoing limit up (e.g. max 200 outgoing emails per hour, max 10 emails per hours if user is XYZ, ecc.).

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Content based email filtering

    It would be very helpful if it we could set a filtering rule to bypass/mark an email if the content of the email contain certains words or phrases. I could be similar to a DLP rule but with custom parameters.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. MTA

    Add possibility to use an FQDN Host in Mail > Policies > SMTP > Routing by Static host
    Add possibility to use an FQDN Host in Mail > Relay Settings > Host based Relay > Add Relay From Host/Network

    It's work with UTM9 but not in XG

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Encoded content on headers

    Hi,

    we received a phishing attempt in which an internal and effective email address appear as sender. After some analysis we found in the message header that sender and subject were encoded on UTF-8 (Base64).

    Here the modified header as example:

    - - - - - - - - - - - - - - - - - - - - - - - - - -

    Received: from hide (hide) by hide
    (hide) with hide (TLS) id hide via hide
    Transport; Wed, 10 May 2017 23:45:21 +0200
    Received: from hide (hide) by hide
    (hide) with hide (TLS) id hide;…

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Outlook add-in for Email Protection

    Please can we have an Outlook add-in which will allow users to blacklist with a single click.

    I love the daily digest which allows users to release false positives but there seems to be no function for undetected spam which makes it through.

    Thanks

    50 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add option for hostname in quarantine digest report

    Option to use a hostname for quarantine digest report instead of ip address like it has now.

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Mail Logs

    in the Mail Logs Filter need
    Date Status From To Subject

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Sending only 1 quarantine report to user

    Currently the quarantine digest sends a report to very e-mail adres that is configured as a user.

    When user1 had 1 email address it gets 1 report
    When user2 has 3 email addresses it gets 3 quarantine reports these other two are duplicates, so only need to be send once.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. POP3/IMAP-Increase email scan limit

    Please increase POP3/IMAP email scan size limit from 10 MB to at least 50 MB as for SMTP. It is not acceptable to have security only until 10 MB. Denying is also no option, if you want to keep your business communication going.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. SPX Portal on port 443 in stead of 8094

    It is only possible to use ports between 1025 and 65535 for the spx portal. Receipients behind a firewall which block non standard ports will not be able to choose a password for encryption. I know port 443 is being used for the user portal so it will conflict so maybe use an alias for both. Just like the ssl vpn port not able to use port 443 is a major flaw in this product.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow outgoing emails to be signed with DKIM

    Include the possibility of signing outgoing emails using DKIM for all or only selected email domains as in UTM9

    220 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    38 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. SMTP Smarthost

    Get back the possibility to relay outgoing email from the Sophos XG to a SMTP smarthost like we had in UTM 9

    71 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. XG MTA mode - bypass a sender/recipient from email protection

    The new MTA SMTP deployment mode in SFOS v16 lacks the ability to bypass a (or some) sender/recipient from all email protections. At the moment, we can only create a SMTP policy to bypass a destination email domain from email protections, and it is not practical in most situations.
    However, in the Legacy SMTP deployment mode, we can create a SMTP scanning policy to bypass certain sender/recipient from all email protections.
    It will be great if MTA mode can be implemented with the feature of bypass certain sender/recipient from email protections.

    80 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Support Outlook 2016 with SPX outlook add-in

    Currently XG is still using version 1.3 of the outlook plug-in which does not support Outlook 2016. Can you please update the plugin/add-in on the XG User portal.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. e-mail spoofing protection

    Dear All,

    This product already has integration with domain environments and it will be really great to have functionality to check for existing mailboxes. In case appliance receive an e-mail with randomly generated recipient (real domain with fake user part) it will discard it asap.

    I'm not familiar with how it should be properly implemented (may be exchange integration needed), but it will be really awesome functionality!

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Please add the ability to create a black and white List on the “mail domain name” and “IP”. Expample: contoso.com, mail@contoso.com, 10.20.

    Please add the ability to create a black and white List on the “mail addres", "domain name” and “IP addres”.
    Expample: contoso.com, mail@contoso.com, 10.20.30.40 (in one rule)

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. XG: Allow SPX Data protection rules to use keywords

    On the XG - version 16 in MTA mode you can only use predefined CCLs and are limited in what you can look for in Data protection to encrypt emails.

    Like legacy mode and version 15 - you can use a keyword to encrypt emails. For example any emails with Subject: [Encrypt] - SPX encrypt this email. This is a very crucial feature that should exist.

    Sent on behalf of client.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. pattern/expression filter for SMTP Protection

    Ability to filter email based on a word search. Would be nice to have a list of prohibited words that if the SMTP scanner sees the word, the email could be filtered or dropped, etc.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.