XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. force user password complexity on creation

    As objected by our audit team, there must be an option to force user complexity password at the time of creation of user and it must expire after a specific period of time. The user has to change his current password with new password before expiry time else it will be blocked and can be reset by admin only

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  2. My Sophos model -XG125 (SFOS 17.5.9 MR-9)

    we are creating free wifi zone at our Mall. In that regards we have used your device and we would like to suggest that currently your Login page is coming first and later on the registration page. Our suggestion is that the Registration page should come first so that user registers first and then the login poge should appear where they can login and use the service.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  3. CAA option to run without requiring admin install privileges

    This Related to CAA,
    for install of CAA required user's installation right,
    but corporate office domain installation right not give to user.
    because after install with administration, CAA is install but after report it is not shown in taskbar, also software not working,
    every user not have installation right

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  4. Offboarded Users are not able to remove from XG firewall from authentication. It should be remove dynamically

    Off boarded users are not able to remove from XG firewall from authentication. It should be remove dynamically. Becasue how we use STAS for authentication the same way STAS should tell firewall to remove disabled users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  5. stas change Learning State time of 1 hour

    We running into an issue where Stas learning state 1 hour timeout creating an issue for us... we need to have ability to change timeout as needed.
    sophos case# 88882736 for reference.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  6. CAA User inactivity

    We would like to have the option to set the user inactivity per login method. We are trying to create a Zone that can only be accessed when the user authenticates with the Sophos Client Authentication Agent. We don't use STAS because we don't want the user to be logged in continiously. It it possible to set the Inactivity time for NTLM logins. Please enable the feature to also specifiy this time for users that are authenticated trough CAA.

    When setting the General Maximum session timeout, all users are being disconnected an the duration can not be any longer than…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  7. Disconnect users STAS with CLI

    Hi, I need to disconnect users with STAS thought CLI, to create a schedule in the SERVER where installed the service STAS.
    because when you have more than 1000 users listed, it is difficult to search.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow SATC to work with multiple XG firewalls, just like STAS.

    It is possible to specify multiple Firewall appliances when configuring Sophos Transparent Authentication Suite (see KB123156: https://community.sophos.com/kb/en-us/123156). However Sophos Authentication for Thin Client works only with a single firewall appliance (see KB127157: https://community.sophos.com/kb/en-us/127157). This is a serious limitation.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  9. SATC: Need to add more than 64 SATC server IPs

    only 64 IPs possible and a customer with more Citrix Server has a problem.
    Adding a whole Network should be the best option.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  10. Fixes when displaying Active Users in AD STAS.

    Please make improvements to the Advanced> Show Live Users in STAS option, as bulk deletion and IP / User search fixes, because when you have more than 1000 users listed, it is difficult to search.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatic MAC binding with Agent-authenticated users

    There is no feature available on the XG Firewall as the Users when login with the CAA having the Mac Binding option enable on the User in XG and also having the IP address added on it as a restriction, so when the User first login in CAA, the users System Mac Address should appear in the user on the XG, which is available on Cyberoam device.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add ERROR only log level

    Make less verbose STAS log. It is useless to track every debug or trace event when everything is working properly.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  13. STAS: Show which DC/agent sent the login event

    we have in our environment 3 domain controllers, all of them are running STAS and doing authentication service for users. when we chek live users we can not figure out which STAS sent this user login event. it will be very useful if it is shown the domain controller from which the user login

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  14. Ability for the Authentication Agents to provide warnings to users

    It would be nice if the firewall would push down warnings to users through the authentication agents of pending quotas or schedules or any system action that will cause the user to be logged out of the firewall. Right now, when a logout event is reached, the user is logged off the firewall with no warning. For users of online services, this does not give them a chance to save work before connection to the internet is lost.

    For instance:

    Provide a popup from the authentication agent when there is 5 minutes (configurable) left before automatic logout due to a…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support Multiple Forest not Trusted

    STAS rocks! Anyway if you have to manage multiple Forests (not trusted) the XG cannot accomplish the task. Other vendors support this feature. This feature gives to XG a step further for use it in big environment.
    When you will implement this feature, you should allow the Admins to decide if split the XG in multiple firewall (virtual firewall feature http://feature.astaro.com/forums/330219-sophos-xg-firewall/suggestions/11262702-virtual-firewall) or not.

    Thanks.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.