XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Heatbeat for MacOS

    Hi, synchronised groups from AD will not show uses with MacOS in logs, only Windows users both with Endpoint protection installed. Can we have the same functionality for Macos.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Notification alert on bandwidth consumption threshhold

    Alert or notification should be sent to administrator when bandwidth usage reaches 80 %

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Heartbeat Client Monitoring Regardless of Location

    Regardless of clients PC network, there still need to be a mechanism that allows heartbeat monitoring. Only having a feature that is network dependent defeats a centralized management system. With multiple remote clients and offices not having the ability to monitor these stations because they are not on the same network as the firewall is very limiting and not practical.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Heartbeat support for Mac/Linux over SSLVPN

    Mac and Linux client are currently not able to send there heartbeat over the SSL client VPN.
    How can we ever build a secure network for everyone?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Heartbeat client list must be avalible at ANY time

    Heartbeat client list must be avalible at ANY time not only if there is a missing or at Ristk client.
    Otherwhise there is no way to determ which client is registerd with heartbeat (esspecially as live connections heartbeat clients differ from Security Heartbeat status).

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  6. SSL VPN - Single click connect

    SSL VPN Connect Option Provide On desktop without any right Click Option only single click

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sync App control recognizes same app at different paths

    Currently, Synchronzed Security detects application based on installation path of an application. It could easily cause problem, as the same abc.exe in C:\ and D:\ on different computer is detected as two different application, which results in huge workload of firewall administrator.
    Please change the mechanism how Synchronzed Security detects an application, for example hash value of abc.exe.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos Endpoint should pass user login info to firewall

    Better integration between XG and Endpoint beyond just heartbeat. e.g, logged on user can be passed to firewall for use in user-based rules.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Email Alert for Heartbeat status + Customize the heartbeat block page

    It would be good to have an email alert when any endpoint goes to critical "red" mode so that we know the reason for internet not working.

    Also if we can customize the heartbeat block page it would be good.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow heartbeats from more than one Central account

    Synchronized Security is a really cool idea, but the current implementation really limits what can be done; and in many cases prevents deployment of Synchronized Security.
    A couple of changes could greatly expand usage:


    1. Support/recognize heartbeats from more than one Sophos Central account.
      As a Sophos partner, I run Sophos Endpoint on my laptop that I use at Sophos client sites.
      If I deploy FW rules that use heartbeats, I effectively lock myself out.
      Just because you have a heartbeat does not mean you have a heartbeat that the XG FW will acknowledge/accept.
      Sophos XG clients would greatly benefit from…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Use synchronized security to deploy firewall cert to endpoint for SSL scanning

    having the endpoint be able to deploy the firewalls CA/Cert to perform the SSL scanning would be a huge asset to assist deployment and improved security in non AD environment especially

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable features for home version

    Hi,

    I would like to ask for the HA function in sophos xg home lots of people run it in homelab and like to experiment with it.
    Also 1 or 2 endpoint licenses to use heartbeat function
    Last a sandstorm option maybe limited in a way.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Can XG firewall user authentication be added to Sophos endpoint client?

    Sophos endpoint client already has users information. Why not have that info shared directly so authentication does not need multiple configuration points.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Policy Routing based on Web Categories and/or Applications

    it could be very nice to have the ability to make the routing decision based on the Web Category (Applications too) within the web policy (or apps filter) for exemple, so we can use the main Wan or Gw for business related and productive categories and Apps and all the rest goes through the secondary Wan connexion usually used for backup for exemple. and it can be blocked if primary wan or gw is down so the backup wan or gw gets used for the business traffic.

    70 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Heartbeat: Drop to next rule on heartbeat failure

    I would like to suggest that with heartbeat enbaled that when someone is Red or no heartbeat that there is an option to either block internet access, or to drop next policy in the list

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Using Sophos Home for Home licence

    The Security Hartbeat uses the commercial version of Sophos cloud services.
    For home licence users it would be nice to have the Sophos home cloud instead of to exchange the Sophos endpoint protection of UTM).

    75 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Integrate Alarm output into RMM tools

    With the new XG firewall with the heartbeat function. Nearly all IT reseller/Partners use RMM tools, these alarms need to be integrated into these tools. (Connect wise, kasya, etc).

    Adding a connector into these tools will do the following:-

    Integrate automatic Ticket generation for alarms and alerts from the Sophos XG platform into the IT billing and Ticket system.
    
    Stop IT companies having to go and manage multiple web pages and different sites to generate Tickets of work.
    Be a powerful difference between Sophos and other Firewalls sold.
    This should not be very hard to integrate into the Partner Web
    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

  18. Web Protection: Enforce policy on Sophos Endpoints

    It would be amazing to configure the Sophos Endpoint (not the UTM-provided one) to inherit the Web Filtering policy defined in the UTM.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.