XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Network Alias GUI

    When you have more than three alias ip addresses defined on a network interface the list will expand on mouse-hover to show the scroll bar. At least on Chrome and Firefox this scroll bar will force the edit/delete icons to flow over to another line making it almost impossible to edit the entries. This could be easily fixed by removing the max-height definition in the gui css on the "aliasBlockPort" element and removing the on-hover css change to overflow:auto.

    Addidionally, when deleting an alias entry it will show an confirmation popup for deleting the entry. But the popup does not…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Firewall hard drive maintenance routine

    I recently experienced a firewall freeze/crash and from what I read in the forums, the most common cause is some type of hard drive failure/corruption. I suggest the following:

    Create a maintenance routine and/or structure that allows the firewall to check its hard drive at regular maintenance intervals for file corruptions, bad sectors, etc. in order to promote a continuously healthy hard drive and firewall!

    Perhaps a parallel/mirrored drive system could both facilitate this maintenance routine as well as improve the firmware update process if it is not already existing.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Option to prevent user changing their own password

    When we provide same username for more than 2 person in case of examination or class . means multiple login with same user id, then any one can change the password and other will suffer. if password changing option will be disable then we need not to worry about these conditions

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Can Cyprus (Greek) and Cyprus (Turkish) be added?

    The Greek part of Cyprus is a member of the EU. An EU country group would need to contain the Greek part of Cyprus, not the whole of Cyprus.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Grant Admin Rights to AD Groups instead of just users

    Would be great to be able to grant admin rights to an entire group instead of just a user.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add a non-geographical UTC or GMT timezone

    There are only cities available for selecting a time zone. Some customers may want to their logs to be in UTC/GMT which is not a clearly available option. Adding a definition for UTC/GMT would be great.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. XG Firewall integrate with 3rd NSPM (Network Security Policy Management)

    I suggest create an integration of XG Firewall with 3rd solution of NSP for optimization and check rules duplicated, overlayed or shadowed. The XG Firewall not realize this functions and some customers want this.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to use FIDO 2 and U2F Tokens to log in into Sophos XG management website and user accounts

    Using FIDO 2 Tokens for logging passwordless in into the Sophos XG Firewall as an Administrator or User would make it more comfortable and secure to log in.
    Using it as a 2FA using the U2F standard would make the login much more secure.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. iview

    I need to install VMware tools for integration with backups. There are many people that asking about this problema but nobody has open this idea.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Option for bridge group: When one interface goes down, turn them all off

    Automatically turn down other Member interface(s) in the bridge when one of the interface states is switched to down.
    For example, transparent deploy FW for detection. There are two interfaces (Port1 and port2) in a bridge group.
    PortE3 and PortE3 are connected to a switch (PortE3 --- switch A, PortE4 - switch B). If portE3 is switched to the down state, switch B will still send data to Port E3. After 4~5 seconds, STP will detect this change.
    We want PortE2 to switch to the down state immediately when the PortE1 state is down.In this case, stp can switch lines…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Select which configurations to apply on config import

    when importing configuration from another device, it would be nice to have an ability to import specific configurations only like IPsec, SSL, etc instead of importing the whole configuration

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. User must change the password feature for Captive Portal when user logged in using LDAP

    When User login into the Captive Portal using his/her LDAP Credentials, he should be prompted to change his password on very first login or should be having an option to change his own password.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. GUEST Users details export

    After having created GUEST USERs (especially if they are many users), should be nice to be able to export the guest users details (Username, password -not encrypted-, duration, etc) in order to be used for other purposes, like to print some customized tickets (tickets with Company logo and other information).
    The "exported" list should be created in a plain (not encrypted) format (like text) or in a standard format to be used with Excel, or Word mailmerge function and so on.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Stop auto loading the Live Graph

    When navigating to Diagnostics --> System Graphs the page automatically renders all the graphs for the last 2 hours. This forces you to wait to change the time period. Please stop the auto rendering, and allow the admin to select the time period and click the update button.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add Duo MFA integration to Sophos XG

    Apparently the older Sophos UTM has Duo MFA integration. Please build this into Sophos XG firewalls. Duo is extremely powerful, flexible, usable for individuals, companies or full-blown MSPs unlike most of the other MFA solutions available.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. 4G/5G USB Dongle Support

    I think it is high time Sophos updated the USB Dongle HCL to include modern technologies such as 4G/5G. With 3G ending for a lot of people soon many of the devices on the current list are about to become obsolete.

    https://docs.sophos.com/nsg/sophos-firewall/v17.0.9/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FAppendixD.html%23

    https://community.sophos.com/kb/en-us/123939

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. More objects should have note fields

    On the SG devices there are several fields for notes and comments which really help us in our job. The XG is only a few of them and in most cases there is no chance to add any comment to it.
    Please add at least the note fields from the SG devices.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to create an HA pair using one SG and one XG if both are running SFOS 17+.

    So here is the scenario, client has invested a good bit in the latest SG hardware and has since upgraded that hardware to SFOS essentially making it an XG. Now they would like to buy the same model but get the XG this time since the SG is bound to go away in the future, and set them up as an HA pair. This way they keep their investment in the SG and have the latest and greatest hardware as their primary firewall. As I understand it from Technical Support they cannot do this as they would have to be…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add notification when WAN to LAN rule executes.

    I think Sophos have to add notification when WAN to LAN rule executes.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Option to disable Email notification completely

    If we enable email notification we can not turn it off we must have the option to disable email notification along with to choose which notification must be enabled like WAN link or backup.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.