XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. PPPoE VDSL setting

    On the Network/Interface/configure PPPoE - VDSL setting area please change/add the text to indicate that this VLAN applies to a FTTH (fibre to the home) PPPoE configuration as well.
    In NZ we have UFB (ultra fibre broadband) to most premises that requires a PPPoE with VLAN 10 configuration.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. See where objects or users or whatever are in use!

    This isn't really a suggestion, it is a basic necesity just like in SG.

    The time it takes to find out where for example a port or a user is in use is just annoying and exhausting (except if you have like up to5 firewall rules and 1 user).

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. DHCP Table export

    I handle two networks which are nearly identical.

    They have just one digit differencing in the DHCP for all devices.

    Everytime a new device comes into this DHCP I have to update both Tables.

    It would be very helpful if I could export these tables in a readable format and import them again.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. QoS - DSCP mark inbound traffic

    Mark return traffic with a DSCP value, enabling the inbound flow for a session to be marked with the same DSCP value detected for the outbound flow.

    This would be an excellent feature with with the increased number of video meetings. I have seen this feature with other firewall vendors.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Captive Portal User Managment Command Line; Make it simple and quick!

    I was surprised this was not already in existence, and feel this would greatly improve the use of the the XG Firewall Captive Portal.

    Have a seperate command-line interface that is scriptable; and externally accessible by password/port.

    Captive portal command line for user standard user managment;

    Easily change or review for a standard captive portal user;

    Name, Username, Group, Surfing Quota, Access Time, Network Traffic, Enable/Disable, Disconnect

    Export Remaining MB, Export Allotted Network Traffic, Export Policy Information.

    That would be the basic; more adanveced could always be done if found useful by many.

    Sophos Captive portal is already very good.…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Captive Portal User Reset Network Traffic Group at start of Cycle

    Currently a user is manually assigned a Network Traffic Quota or group; and this can be easily changed through a month.

    It would be good to be able to assign a network traffic Quota or Group Policy to assign at the start of the cycle; so even if changes have been made during a week; no manual configuration is required to reset the network traffic or group at the start of the month.

    For example Set to Group 10G with Network Traffic been put up to 20Gig. At start of the month; have the user reset back to 10 Gig…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Reduce resolution for XG firewall login page picture

    Hi Team, XG firewall login homepage is having very high resolution image which takes lot of time to load / refresh while we admins work remotely on these firewalls. As an admin, I can disable this image load in chrome but that disables all images for that particular firewall' all admin sections which is not desirable.
    Can you please decrease resolution of login page picture, not useful at all.

    Thanks,
    Nilesh Kahar.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Create the possibility to filter in the Sophos XG Firewall Log for several entries of the same type (e.g. port 80 AND 443)

    Create the possibility to filter in the Sophos XG Firewall Log for several entries of the same type (e.g. port 80 AND 443)

    It is currently only possible to search for an entry e.g. a port, if you add another port via the filter, the first entered port is deleted and only the last entered one is there.
    Ideally, this should be done with e.g. Boolean arguments can be linked in order to be able to build extended log filters. This affects all parameters of the search. If you e.g. want to hide a port like 80 and 443, this…

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Please enable the option for importing the new user credentials through .csv file, which was there but now you have removed

    Please enable the option for importing the new user credentials through .csv file, which was there but now you have removed after firmware upgradation.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Require local XG user password change by administrator.

    Admins should be able require users to change password at next login.... We are setting up our users on a new XG Firewall, we should be able to require them to change password at next login so they are not using the common password for setup... So passwords are unique.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Make Secure Storage Master Key OPTIONAL

    I don't want to use a secure storage master key. This is something we don't need and will just make life more difficult for our staff who manage more than 150 different Sophos XG devices having to store keys all over the place. I'm sick and tired of the screen popping up every time I log in and the fact I can't take a manual backup.

    Will Sophos please stop forcing this and make it optional. I'm the Administrator, not Sophos.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Integrate Azure MS Analytics Agent into XG, to replace old and retired OMS agent

    Your XG vm in Azure currently has an OMS linux agent installed which is no longer supported or used by MS. The new MS Analytics Agent should be added to the XG so that Users of MS Security Center can log and manage the analytics the agent collects as well as review all the collected logs etc.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Geo IP Database

    GEO IP database should be updated with pattern updates and not just when a firmware update happens. I have experienced too many issues with IP's being blocked due to the wrong country.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. IP list suppor feature in SSL VPN

    Dear Team,

    Recently we have changed the devices from cyberoam cr100ing to sophos xg210 and In Cyberoam we are able to add the IP list supported hosts for the SSL VPN but in Sophos XG 210 we are unable to add that. Can you please add that feature in Sophos XG210? because to add the one by one host is the time consuming process as ws have the 200+ SSL VPN uers.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. the latest kernel version 4.14.199 for the XG Firewall

    03116626
    We failed the PCI scan from SecurityMetrics. The scan was just on the XG310 firewall.

    Title: CPE Based Vulnerabilities for Linux 3.0
    Impact: One or more vulnerabilities have been found that affect this service. Please see the relevant CVEs for more details.
    Resolution: Apply the latest vendor patches to your operating system: Linux 3.0
    CVE Score Vector
    CVE-2012-1146 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C
    CVE-2014-2523 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C
    pages of patches

    XG310 (SFOS 18.0.1 MR-1-Build396)

    This is the same thing as the Sophos XG Firewall General Discussion Sophos XG v18 MR1-396 Failing SecurityMetrics PCI Compliance Scans.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. programming of sophos firmware updates

    Possibility of programming (day / time) the firmware update on XG

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. API control over XG local users status

    We were hoping to use the API to create a simple administrative interface that allows a helpdesk to toggle local XG accounts for remote access.

    The current API documentation indicates that the <User> branch allows the <Password> to be updated via the API, but the <Status> is a read-only attribute.

    This seems a bit daft really, if anything I would argue it should be the other way around.
    It seems more secure to allow the API to toggle an account status but not actually change its password, thus requiring access webadmin to change a password.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Temperature Monitoring

    I have seen two request for the ability to monitor temperature. One from 2016 and the other form 2018 both with a combined vote total over 200. What gives?

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Required Live Bandwidth Speed Detail In XG Firewall

    Required Live Bandwidth Speed Detail In XG Firewall if available in XG106 (SFOS 18.0.1 MR-1-Build396) so please support

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable "Maximum login limit" Group wise

    There is only two options we have to set "Maximum login limit" i.e. globally and individually. What if we have to set this for only particular group in which there is so many users. IT's hard to set "Maximum login limit" for too many users. So please provide the same option for group.
    Thank you.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 29 30
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.