XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. BLE

    Will we get BLE support on XG wireless?? I also posted same for Central wireless but would also like to see it for XG too.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. VLAN bridge support in MESH network

    Currently in XG v18 VLAN bridge in MESH newtwork using APX appliances is not supported.
    This feature does exist in current Central Wireless.

    Please support it also in XG.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Implement RADIUS failover support for APX Access Points

    It has come to my attention that while the XG firewall allows you to enter two RADIUS servers for wireless authentication failover. The APX series access points do not support the secondary server.

    This creates a high risk for wireless service disruption in the event the primary server goes offline. The lack of support for this functionality requires an engineer to manually promote the secondary server as the primary in the event of a failure.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. mimo

    enable mimo/mu-mimo feature on XG wifi similar to central managed

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. internet voucher

    in wifi voucher i suggest to add voucher with long period of validity but with a limited daily quota

    as example voucher valid for one year with limited daily quota 500mb

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Implementation for mac host groups .

    Missing feature since long time Implementation for mac host groups .

    Now It's possible to create group for ip, fqdn but not for mac-hosts.
    For example: the authorization for the connection to wifi using mac filtering with whitelist or blacklist ..the mac host cant be picked from the existent list...and inserting the mac address only miss the possibility to tag and associate the mac to user or pc

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support for 802.11ax

    Support for 802.11ax on AP

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Rolling firmware updates for WAPs

    Would be extremely beneficial to be able to roll out firmware updates for wireless APs in a staged manner - i.e. update one at a time instead of all together, so that there's no (or minimal) interruption to service.

    At the moment, I can't update access points during the day, because it will disconnect WiFi for all users. If we could do them one at a time, it would become possible.

    UniFi has this feature (they call it a "rolling update") and it's really nice. Updates each AP in turn, and doesn't start the next one until the last is…

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Improved AP management

    I'd like to see a few improvements to management and monitoring of APs being controlled by an XG appliance:


    • Display other competing networks and channels strength for channel selection

    • Show access point utilization and establish thresholds for utilization trends

    • Integrate floor plans to position APs visually.

    • Couple the former with perhaps a mobile app to identify potential deadzones/heat mapping

    Use case currently is that I've been getting reports from one of my sites that wifi has been having intermittent issues, and the data needed to remedy it effectively is much more difficult to obtain than it needs to be

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Option to restart AP under XG Web Admin

    We have request here from customer, asking to have option to restart AP under XG Web Admin interface. For your assistance please. Thank You.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. anon@ctc-g.co.th

    WeChat social login for Chinese tourists; Line app social login for Thai guest.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. More options in "Terms of use acceptance" session expires

    I want us to be allowed to get more options in session expires or a full customizable options like voucher definition, in which you can insert a custom value for validity period among other options.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Hotspot password of the day censoring

    We just had a hotspot password of the day of "rapexace02" be generated for a customer that works with people experiencing domestic violence. It didn't go down well. Could these passwords be automatically generated if they contain any sensitive keywords?

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Hotspot password of the day censoring

    We just had a hotspot password of the day of "rapexace02" be generated for a customer that works with people experiencing domestic violence. It didn't go down well. Could these passwords be automatically generated if they contain any sensitive keywords?

    0 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. "Blacklist" of MAC addresses of wireless devices that are not allowed by an AP for a connection

    For each connected AP you should be able to specify a "blacklist" of MAC addresses in the XG that are not allowed by the AP for a connection. This is to ensure that stationary devices such as printers, WiFi cameras, streaming devices can only connect to the AP that is intended for them and that is located nearby.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. WLAN Automatic Blacklisting after x attempts

    Aruba’s Wireless APs have the possibility to block macs after a x attempts with wrong creds (psk or enterprise un/pw)

    This is a good security feature and better than simple whitelisting.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. please support the Radius SSO feature for AP55C.

    According to the Sophos KB 134148, the Radius SSO feature is supported by APX models.
    But customer bought a lot of AP55C, please also support the Radius SSO feature for AP55C.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Hotspot "terms of service" customization

    I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.

    My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.

    When the user accepts, they are granted Internet Access. 
The user…

    100 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. password of the day

    Possibility to use encrypted(WPA2 Personal) Hotspot with Password of the day, with only enter the Password in WLAN Connection. Actually you have to enter the Password to connect to the WLAN, and then you have to enter it again at the Login homepage.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Hot spot

    Hot Spot to be able to Authenticate from Routed IP subnet. Subnet that differs from hostspot interface IP Subnet.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.