XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. block psiphone WITHOUT the need to scan HTTPS protocol

    We strongly request this features ! As, it is totally not practical to install https cert on all computer. Especially guest Network in order to stop Psiphone. From the report we are losing 223.92 GB or 11.21 % daily on bandwidth to psiphone. Hope this issue will get someone in XG team alert and a solution is indeed !!

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. SCADA/ICS Application Awareness

    Please bring the ICS/SCADA protocol awareness that the Cyberoam devices have over to the XG.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. Webfilter & Application on User based like Cyberoam

    Webfilter & Application on User based control

    A great feature in cyberoam was the ability to change webfilter/App filter for a user or group in the identity section.

    With XG that good option was left off, allowing only firewall rule based webfilter/App filter application as competitors do.If this feature is came back its very helpful to small organisation like below 25-50 users

    Requesting Sophos to bring back that feature which made Cyberoam so popular.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Need new firmware updrade

    For a particular group like for example i created one group named DEMO for training/temporary purpose.I want to give access to this group via Enable/Disable button.
    On the user level we can do this by selecting all the users and changing status of them to inactive.
    But we want the same via Group by single click.....
    Also,there is one suggestion like for particular user in particular group for example, test1 user in test group should not follow the same policy as the other group members are following. There must be some exception user we can create which we want in…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. RED Tunnel Timeoue

    It would be great to be able to adjust the timeout values on the REDs to prevent the device from disconnecting as fast when connected to an unstable ISP connection

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. OpenAppID integration

    OpenAppID is an open, application-focused detection language and processing module for Snort that enables users to create, share and implement application detection. OpenAppID puts control in the hands of users, allowing them to control application usage in their network environements and eliminating the risk that comes with waiting for vendors (Sophos, for example) to issue updates.

    OpenAppID harnesses the power of open source and the larger security community to provide application visibility and address the application attack vector by accelerating development of application detectors and controls. Application-layer context augments security events that tie to attack protection and allows for granular…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. clone application filter

    1. Allow cloning of policy in Application Filter. It would be great if i can clone a policy and tweak it for other staff to use, saves a lot of time.
    2. Apply QoS inside every policy (web and application) just like schedule time. Right now it is globally set. I would like to apply different qos for web and app to staff or group of staff. E.g. Those in top management can have higher bandwidth for File Transfer than the others. Is this possible?

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Traceroute to an URL with TCP option is not working it should work. If I connect directly to the wan link for a laptop,then its working.

    Traceroute to an URL with TCP option is not working through sophosXG 125, it should work. But If I connect laptop directly to the ISP then its working.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. 14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add "Microsoft Team Foundation" to Application Control

    Please add Microsoft Team Foundation application to Application Control.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. "Internet services to firewall policies"

    Add Internet services (applications) to firewall policies. Maybe very useful to switch to a real application firewall. Now also fortinet introduced the "internet service database" to reach this goal

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Winbox

    We are an ISP and we use Mikrotik equipment. We connect with the software Winbox. Winbox application uses TCP Port 8291. Please can you add the Winbox application so the traffic is recognised in the firewall. Right now it is unclassified.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block PYTHON XG210

    The Python software does not appear in the list of applications, it is a VPN proxy application and the idea is that with a new firmware we can block this application in our companies. I appreciate your collaboration.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. After make any changes in group, all live desktop clinet will automatically disconnected.

    If i made any changes in group or firewall rule all desktop client will automatically disconnected.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. SFM

    SFM in give me option for firewall redirect link so open SFM in any other setting SFM not support to click firewall redirect link to open firewall admin login tab and configure same.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. In XG firewall, there should a placement facility of all WIFI routers and network hardware's into MAP of office structure.

    In this kind of features, we can place all the network device which indicates that the device is working or not. Such kind of facility would be much helpful to finding out whether which device is running up and running down. We can easily track all device using map (jpg or png file).

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Identify application activity in detail

    Identify application activity in detail eg. Webmail > message sent > via GMail/Office 355

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. RPC Connection Tracking Helper

    Open up dynamicly the ports that are negociated and used by MS-RPC. Intead of opening up a full range

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. mac binding ssl vpn user

    Require mac binding of ss vpn users, if possible kindly revert

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Custom Application Category

    We could like to be able to create a custom Application Category for applications discovered as part of the Synchronised Application Control process.

    We would like to be able to block newly discovered/uncategorised applications (SyncAppCtl), until they have been verified by an admin. Once verified we would like to add them to a custom category which we can allow/deny access to the Internet as part of an application filter policy.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.