XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Monitor firewall rule realtime bandwidth monitoring

    HI,
    It would be great if we can have live bandwidth monitoring for firewall rules for troubleshooting and performance.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  2. Stop auto loading the Live Graph

    When navigating to Diagnostics --> System Graphs the page automatically renders all the graphs for the last 2 hours. This forces you to wait to change the time period. Please stop the auto rendering, and allow the admin to select the time period and click the update button.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add PnP to XG Firewall Home Edition

    Add PnP (Plug and Play) to XG Firewall Home Edition so that if you are trying to install it on a Laptop that only has one network interface you can plug in a USB network interface adapter and have the OS be able to use it. This is my issue in trying to get this software up and running.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add Duo MFA integration to Sophos XG

    Apparently the older Sophos UTM has Duo MFA integration. Please build this into Sophos XG firewalls. Duo is extremely powerful, flexible, usable for individuals, companies or full-blown MSPs unlike most of the other MFA solutions available.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Want to add option for Two WAN link for L2TP VPN

    Please add a option to select one more Local WAN port in Local Network details, in L2TP remote access VPN tab. As of now its only for one WAN port.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. 4G/5G USB Dongle Support

    I think it is high time Sophos updated the USB Dongle HCL to include modern technologies such as 4G/5G. With 3G ending for a lot of people soon many of the devices on the current list are about to become obsolete.

    https://docs.sophos.com/nsg/sophos-firewall/v17.0.9/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp%2FAppendixD.html%23

    https://community.sophos.com/kb/en-us/123939

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. DHCP flease for more than 30 days

    DHCP lease for more than 30 days, 30 days are not enough in some cases!!!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Editar a mensagem de senha do dia dos Sophos APs

    Deixar editar a mensagem de senha do dia, para identificar de qual equipamento é a senha enviada para os administradores que recebam

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. SSL VPN ACCOUNT LOCKOUT

    Similar to the admin lockout screen - it would be useful to block users logging into ssl vpn after x amount of incorrect attempts - either lockout for a predetermined amount of time or what would be awesome would be to lock and allow an admin to unlock.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. [SFOS IVIEW ] Reduce the file size of the XLS file which downloading from Archives.

    [SFOS IVIEW ] Reduce the file size of the XLS file which downloading from Archives.

    When we download the CSV file from IVIEW the file size is considered small and when downloaded using Excel format the file size is much greater due to additional data not required.

    When we copy the contents form XLS file to normal CSV file the data captured is less than half of the original file size.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  11. IPSec Remote Access mode should hand out IP's to Android clients

    We should be able to hand out virtual IP for users on a plain IPSec (not Sophos Connect) by config or by user static remote access IP defined.
    Sophos XG's IPSec configuration does not have the ability to configure "rightsourceip" when setting up Remote Access IPSec connection. With this ability we could use the built-in android IPSec XAuth VPN client and not rely on third party apps.

    [IKE] <AndroidIPSec-1|28> peer requested virtual IP %any
    [APP] <AndroidIPSec-1|28> [IPPOOL] (acquire_address) acquire_address...
    [APP] <AndroidIPSec-1|28> [IPPOOL] (acquire_address) Access Server not provided IP for user: ********
    [IKE] <AndroidIPSec-1|28> no virtual IP found for %any requested…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. garner

    garner service sometimes stop to work and no events are logged since it happens up to the time when garner is restarted
    time when you recognize that you have no data about history is the time when you need this data ...
    developer would add feature checking whether garner is able to fill data in logs and make alert or automatically restart garner service and send alert

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add more note fields

    On the SG devices there are several fields for notes and comments which really help us in our job. The XG is only a few of them and in most cases there is no chance to add any comment to it.
    Please add at least the note fields from the SG devices.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Improve Granularity of Central Firewall Interaction

    At the moment when when registering an XG firewall to Sophos central the only option is to enable central management or not.

    If central management is not enabled then we get a limited selection of alerts in central for the firewall, i.e. lost comms between XG and central.

    Typically in our deployments we do not want the firewall to be manageable via cloud service through central, particularly in higher security networks we permit local management only over our internal WAN or VPN links.

    Some level of granularity in between nothing or everything would be fantastic.

    For example a completely read-only…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Synchronized Security (Heartbeat)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Monitoring Sophos XG Firewall with Elastic Beats (Filebeat, Metricbeat & Packetbeat)

    Hi,

    Our company is a Sophos MSP in Brazil and our customers are Families where we want to provide security on the Internet for kids, teenagers and the Family.

    I want to know if it's possible to integrate the Elastic Beats (Filebeat, Metricbeat & Packetbeat) on Sophos XG Firewall to collect and send information about logs, performance, and network to Elastic Stack.

    Elastic Stack is our SIEM and we'll send all endpoint and mobile information to there with Elastic Beats.

    Follow a video that I made to show theses agents working on Sophos XG 105 Firewall:

    https://www.youtube.com/watch?v=kKAgy-R-68s

    I'm nothing using…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. Mode Transparent/Unifié

    Il manque aux possibilités du RED le mode Transparent/Unifié. En effet pour nos clients Education il n'est pas possible que les accès Internet ne transitent pas par le XG. Si la liaison Internet ne fonctionne plus sur le site principal, il vaut mieux alors pour des raisons de sécurité que les élèves ne puissent plus accéder à Internet.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. Please Replace Hold Music with IT Security News

    I think Sophos should replace all their hold music for support calls with IT related news podcasts, at least then I could learn something while I wait. I mean, come on now! If you can have up to 60 minute waits at least make it more tolerable.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. OTP MFA on inbound port forwarding rule

    The world is asking for more than passwords for OWA and RDS Gateway inbound. Please consider adding OTP so the Sophos Authenticator can support the second factor. So, the RDP Connection Client will https to the RDS Gateway that is behind the XG rule. Something will pop up and ask for a "User Portal"-like authentication before the RDP client hits the gateway. Similarly, the same will happen before the browser hits the OWA page.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. log viewer

    Log viewer is good concept for monitoring live traffic, but it is holding information of only one day. Daily some one should download to keep track of the log files, instead of this please make a provision to auto send log viewer information to specific e mail ID at the end of the day. This facility is very useful for internal audit purpose. This feature is provided in Sophos auto backup and sending to email ID at the end of each day, the same may be extended for taking log viewer back up and sending file to same mail ID.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. prioritize Azure traffic as Application

    Dear all,

    We are using many Azure resources and would like to recommend to have "Azure" application to be prioritized as QoS. Actually, we can shaping it base on known IP address, but with Azure, we can not.

    Can you please advise and consider it?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 99 100
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.