After having created GUEST USERs (especially if they are many users), should be nice to be able to export the guest users details (Username, password -not encrypted-, duration, etc) in order to be used for other purposes, like to print some customized tickets (tickets with Company logo and other information).
The "exported" list should be created in a plain (not encrypted) format (like text) or in a standard format to be used with Excel, or Word mailmerge function and so on.

When navigating to Diagnostics --> System Graphs the page automatically renders all the graphs for the last 2 hours. This forces you to wait to change the time period. Please stop the auto rendering, and allow the admin to select the time period and click the update button.

Apparently the older Sophos UTM has Duo MFA integration. Please build this into Sophos XG firewalls. Duo is extremely powerful, flexible, usable for individuals, companies or full-blown MSPs unlike most of the other MFA solutions available.

I think it is high time Sophos updated the USB Dongle HCL to include modern technologies such as 4G/5G. With 3G ending for a lot of people soon many of the devices on the current list are about to become obsolete.

https://docs.sophos.com/nsg/sophos-firewall/v17.0.9/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FAppendixD.html%23

https://community.sophos.com/kb/en-us/123939

On the SG devices there are several fields for notes and comments which really help us in our job. The XG is only a few of them and in most cases there is no chance to add any comment to it.
Please add at least the note fields from the SG devices.

Please allow us to sync periodically with Windows AD to pull new users, remove old ones, etc... and same with groups.

It’s very difficult to manage 30+ firewalls with users being able to login to any of them depending which site they visit.

Also need to allow nested groups support.

Right now we can upgrade later SG models to the latest firmware and essentially turn them into an XG at least from a firmware standpoint. Unfortunately they still show up as SG models which in turn prevents us from creating an HA pair with the same exact XG model even though the hardware is virtually identical. If you compare an SG230 Rev.1 and an XG230 Rev.1 they appear to be exactly the same. Why not give us a BIOS update so our upgraded SG model can now become an XG?

I think Sophos have to add notification when WAN to LAN rule executes.

If we enable email notification we can not turn it off we must have the option to disable email notification along with to choose which notification must be enabled like WAN link or backup.

Deutlicherer, farbliche Unterstreichung/Hervorhebung bezüglich dem Hinweis beim wechseln der Sprache, dass hier die Konfiguration der Firewalll gelöscht wird und somit die Firewall in den Auslieferungszustand gesetzt wird . Das vor dem Neustart ein Update der aktuellen Konfiguration der Firewall gespeichert werden muss (Aufforderung kann nicht weggeklickt werden). Das Speichern der aktuellen Konfiguration wird dann im im aktiven Browser heruntergeladen.

System/Sicherung&Firmware/Firmware -> wechseln der Standardkonfigurationssprache

restore option from backupfile on local device in Console menu

The back end diagnostic logs contain valuable information, but are difficult to utilise when having to work with several side, especially Microsoft Azure platform.
There needs to be a way to export / access the diagnostic logs for IPSec and PPPOE without having to SSH connection to the console and just tail them.

Make the FQDN host and host group available in any required service and menu. We live in the DNA era, not in the Stone Age.

Allow to not encrypt backups on XG Firewall 17.5. RIght now we are forced to do encrypted backups. It would be nice to have an option to skip it.

Deploy in the Sophos firewall to show in which rules an object is linked (host and services). This is very useful when I want to delete the object.

Currently the maximum number of zones is set to 100. Can this be enlarged to, f.i., 200.

Off boarded users are not able to remove from XG firewall from authentication. It should be remove dynamically. Becasue how we use STAS for authentication the same way STAS should tell firewall to remove disabled users.

Team,

Looking for a new feature of adding custom image in captive portal, so that we can choose our own image instead of sophos..

Regards,
Srikanth
College of Defense Management- Hyderabad