XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to use FIDO 2 and U2F Tokens to log in into Sophos XG management website and user accounts

    Using FIDO 2 Tokens for logging passwordless in into the Sophos XG Firewall as an Administrator or User would make it more comfortable and secure to log in.
    Using it as a 2FA using the U2F standard would make the login much more secure.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. iview

    I need to install VMware tools for integration with backups. There are many people that asking about this problema but nobody has open this idea.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Automatically turn down other Member interfaces in the bridge when one of the interface states is switched to down

    Automatically turn down other Member interface(s) in the bridge when one of the interface states is switched to down.
    For example, transparent deploy FW for detection. There are two interfaces (Port1 and port2) in a bridge group.
    PortE3 and PortE3 are connected to a switch (PortE3 --- switch A, PortE4 - switch B). If portE3 is switched to the down state, switch B will still send data to Port E3. After 4~5 seconds, STP will detect this change.
    We want PortE2 to switch to the down state immediately when the PortE1 state is down.In this case, stp can switch lines…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. import specific config

    when importing configuration from another device, it would be nice to have an ability to import specific configurations only like IPsec, SSL, etc instead of importing the whole configuration

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. User must change the password feature for Captive Portal when user logged in using LDAP

    When User login into the Captive Portal using his/her LDAP Credentials, he should be prompted to change his password on very first login or should be having an option to change his own password.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. GUEST Users details export

    After having created GUEST USERs (especially if they are many users), should be nice to be able to export the guest users details (Username, password -not encrypted-, duration, etc) in order to be used for other purposes, like to print some customized tickets (tickets with Company logo and other information).
    The "exported" list should be created in a plain (not encrypted) format (like text) or in a standard format to be used with Excel, or Word mailmerge function and so on.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Stop auto loading the Live Graph

    When navigating to Diagnostics --> System Graphs the page automatically renders all the graphs for the last 2 hours. This forces you to wait to change the time period. Please stop the auto rendering, and allow the admin to select the time period and click the update button.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add Duo MFA integration to Sophos XG

    Apparently the older Sophos UTM has Duo MFA integration. Please build this into Sophos XG firewalls. Duo is extremely powerful, flexible, usable for individuals, companies or full-blown MSPs unlike most of the other MFA solutions available.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. 4G/5G USB Dongle Support

    I think it is high time Sophos updated the USB Dongle HCL to include modern technologies such as 4G/5G. With 3G ending for a lot of people soon many of the devices on the current list are about to become obsolete.

    https://docs.sophos.com/nsg/sophos-firewall/v17.0.9/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FAppendixD.html%23

    https://community.sophos.com/kb/en-us/123939

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add more note fields

    On the SG devices there are several fields for notes and comments which really help us in our job. The XG is only a few of them and in most cases there is no chance to add any comment to it.
    Please add at least the note fields from the SG devices.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Periodically sync with Active Directory

    Please allow us to sync periodically with Windows AD to pull new users, remove old ones, etc... and same with groups.

    It’s very difficult to manage 30+ firewalls with users being able to login to any of them depending which site they visit.

    Also need to allow nested groups support.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Update the BIOS on SG to change the HW ID so it appears as an XG once upgraded to SFOS?

    Right now we can upgrade later SG models to the latest firmware and essentially turn them into an XG at least from a firmware standpoint. Unfortunately they still show up as SG models which in turn prevents us from creating an HA pair with the same exact XG model even though the hardware is virtually identical. If you compare an SG230 Rev.1 and an XG230 Rev.1 they appear to be exactly the same. Why not give us a BIOS update so our upgraded SG model can now become an XG?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to create an HA pair using one SG and one XG if both are running SFOS 17+.

    So here is the scenario, client has invested a good bit in the latest SG hardware and has since upgraded that hardware to SFOS essentially making it an XG. Now they would like to buy the same model but get the XG this time since the SG is bound to go away in the future, and set them up as an HA pair. This way they keep their investment in the SG and have the latest and greatest hardware as their primary firewall. As I understand it from Technical Support they cannot do this as they would have to be…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add notification when WAN to LAN rule executes.

    I think Sophos have to add notification when WAN to LAN rule executes.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Option to disable Email notification completely

    If we enable email notification we can not turn it off we must have the option to disable email notification along with to choose which notification must be enabled like WAN link or backup.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Standardkonfigurationssprache

    Deutlicherer, farbliche Unterstreichung/Hervorhebung bezüglich dem Hinweis beim wechseln der Sprache, dass hier die Konfiguration der Firewalll gelöscht wird und somit die Firewall in den Auslieferungszustand gesetzt wird . Das vor dem Neustart ein Update der aktuellen Konfiguration der Firewall gespeichert werden muss (Aufforderung kann nicht weggeklickt werden). Das Speichern der aktuellen Konfiguration wird dann im im aktiven Browser heruntergeladen.

    System/Sicherung&Firmware/Firmware -> wechseln der Standardkonfigurationssprache

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. restore option from local device in console menu

    restore option from backupfile on local device in Console menu

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to export back end diagnostic logs

    The back end diagnostic logs contain valuable information, but are difficult to utilise when having to work with several side, especially Microsoft Azure platform.
    There needs to be a way to export / access the diagnostic logs for IPSec and PPPOE without having to SSH connection to the console and just tail them.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. FQDN on any menu and service

    Make the FQDN host and host group available in any required service and menu. We live in the DNA era, not in the Stone Age.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Encrypted Backups - Option to use or not use

    Allow to not encrypt backups on XG Firewall 17.5. RIght now we are forced to do encrypted backups. It would be nice to have an option to skip it.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.