XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. WIFI - HOTSPOT - Email authentification with report

    It's was a good idea to create just email authentification in Hotspot and to have report with all mail. Free Wifi is good but a lot of Customer want to have a revenu with free wifi.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Mail Manager

    Give us a mail manager screen like we had in the UTM 9 SG.

    121 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Web Filter exceptions based on User Agent

    I believe this is related to an existing suggestion:
    http://feature.astaro.com/forums/330219-sophos-xg-firewall/suggestions/10944024-resolve-netflix-streaming-issue

    UTM customers are able to get around Netflix streaming issues using the workaround detailed here: https://www.sophos.com/support/knowledgebase/121646.aspx
    This involves creating an exception for traffic based on its User Agent. There is no option to do this when configuring exceptions in XG as far as I can tell.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Customize Logo for SPX Portal

    Like the UTM allow for a custom logos to be uploaded and used for the SPX portal page (possibly block pages as well?). This is currently not available when making SPX templates.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Download archived Logs

    Archive and download old logs in tgz format like in UTM: Logging and Reporting > View Log Files > Archived Log Files.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. SSL VPN Port modification request

    Hi Sophos XG Firewall Team,

    Need your support to allow the Firewall administrator to configure the SSL VPN port, because most of the networks are not allowing to use 8443 port especially in ISP side.

    It is crucial for all Sophos XG Firewall end customer.

    Regards
    Damodharan..

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Notification Rules

    At the moment no way to customize notification. I receive mail when the WAN gateway is down/up.
    You need to provide us a way to create rules where we can decide when receive notification, alert level (warning, information, critical),who will receive the notification. As soon you integrate SMS, please also allow us to receive SMS (it is an old way) but when the mail does not work....
    I would suggest you to create a panel as the Network Policy Rule rule to manage notification rules.

    356 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    27 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Network Traffic Quota warning via email

    The system should send users an email when 50%, 80% etc. of their cycles Network Traffic Quota is consumed.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Possibility of modifying the logo in customer portal, as is the entrance to the company. Cheers

    Possibility of modifying the logo in customer portal, as is the entrance to the company.

    Cheers

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Two IPSec Peer on VPN Configuration

    We have more customer with many branches and two or more Internet connection. We want to enable a Singla VPN SA that could be terminated on two differents Peer IPSec Gateway, so we can create a reliable VPN Connection that can use two different Internet connection, depend on what we can specify as first and second Remote Peer VPN.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add options for IPv6 DHCPv6-PD

    My ISP supports native IPv6, they support prefix delegation using DHCPv6-PD to assign a /56 subnet. They do not assign the WAN interface an IPv6 address (i.e. no IA-NA) and only provide a prefix delegation (IA-PD). Currently XG (and UTM9) doesn't work with my ISP to get a PD because there are no options to request IA-PD only. My ISP edge router will respond to a solicit message with a IA-NA and IA-PD request but it would appear that the XG doesn't conform to RFC7550 when it sends a IA-NA message and receives a "NoAddrsAvail" from my ISP edge router.

    232 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    33 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Enable selectable SSL certificate for SMTPS scanning

    The Email Protection lacks ability to select a specific host certificate for an exposed SMTP server. Right now only CA certificate can be chosen and host certificate is dynamically created. SSL Certificate in Email Protection could be assigned the same way Web Certificate is in Web Protection.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add ability to create MAC host groups.

    In the list of host objects, all have the option to create groups, except for MAC hosts. Please add ability to also create groups for those objects.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. SCP Access should be possible

    According to the following thread, SCP-Access to the Firewall should be possible. It would improve troubleshooting workflows a lot.

    https://community.sophos.com/products/xg-firewall/f/46/t/73960

    74 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add Google's DynDNS Provider

    Please provide ability to use Google's Dynamic DNS service.

    41 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
  16. time of click protection

    For real protection from malicious emails, this is one of the best way to protect organization. This hasn't been in Sophos email appliance, UTM but I wonder if they will be adding it to XG. Without this, there is no easy way to compete with Fortinet/Proofpoint ... I won't even mention this is demanded by customers.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. button for renew DHCP on the Wan interface

    In UTM Wan interface there is a button for renew DHCP. There is not such button in the XG Wan interface.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow Ping using Business Application Rule

    When creating an Alias (System > Network > Interfaces > Add Alias) and then creating a Business Application Policy for the external address

    - Business Application Policy does not have an option to forward pings through to the Internal Server

    Currently it is only possible if Forward All Ports is selected from the Business Application rule
    -

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Email addresses should be case insensitive

    When viewing the various dashboards, email addresses should not be split into separate entries if someone used various case (all lower case, all upper case, some lower and some upper case).

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Connection/Session/timeout limitin on Policy Rule

    We need to specify differenti timeout or different concurrent session per Security Policy

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.