XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. iperf

    Having iPerf available on the system. Would make it very easy to test bandwith speeds.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add option to custom time range for Log Viewer

    In the "Log viewer" custom time range filter is missing. If lot of firewall traffic is logged, option "Last 10 minutes" still display too much events.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  3. stix/taxii integration

    Add support for STIX/TAXII threat intelligence feeds

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. CTR files must have file extension name.

    CTR file must have file extension name

    CTR files don't have any file extension name. It caused
    1. Customer can't upload file through Support Web Form
    2. FTP server or client sometimes misunderstand file type as Text and make it corrupted,

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Delete live users in STAS in one click

    I have a client that would like to have a feature where in he can delete live users in STAS in one click

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  6. MAC not capture in Authentication agent app

    MAC not capture in Authentication agent mobile app
    To impliment MAC bases authentication.
    Please provide New version of App in Android and ios to capture MAC also.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Assign physical interfaces to networks manually

    Right now the physical interfaces are assigned automatically to WAN, LAN... and can't be changed, if after an installation you add more virtual or phisical interfaces you can't configure them in Sophos.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Block page

    Sophos websites and application block page is looking very weird. It should be customized or at least have some good view. i.g. fonts and center image, logo etc. like other firewalls have.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Application

    Allow (within the organization) the ability to add their own applications. Currently there appears to be no way to add a custom application without getting approval through the Sophos board.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. alert threshold

    Please add a threshold setting to Central alerts. We have several clients with Internet and/or power issues that trigger down/up alerts, all in less than one minute. These arent email alerts, just the alerts that show in Central monitoring.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. Propagate Hosts and Services definitions to all firewalls managed by same central

    Option to propagate Hosts and Services definitions to all firewalls managed by same central account.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. GUI, interface shutdown (off/on switch), without losing config of the interface

    Im missing a feature in XG GUI that will allow me to shutdown/(and power on) interface without loosing it configured static IP settings. At this point this can be only achieved by switching interface zone to NONE, but all config is lost.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Change port without editing firewall rules or other objects

    At the moment, if you want to change the port of a zone form PortX to PortY, the process is not straightforward without pain. Since XG is using zone concept, port and zone should be decoupled but it is not like this at the moment.
    Thanks

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Need to add custom Template mode in EVE-NG

    Greetings,

    I want to add Sophos XG Firewall image in Eve-NG. Someone from Technical Side please assist me.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to restrict ALL system services under Administration -> Device Access

    This is similar to https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/16593775-assign-the-built-in-services-vpns-admin-etc-to which was marked as "Already Possible" even though it is not. I want to restrict RED device access to a single external IP address. Currently ALL external/WAN IP addresses have port 3400 open listening. I can restrict SSL VPN and User Portal but I cannot restrict RED access or IKE (port 500) even if I wanted to. This is causing me pain in my PCI compliance scans. If this cannot be done then I need to be able to enable these services per IP address and not per Zone like it currently is.

    If I…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Different SSL vpn for different location so we need to have 2 vpn simultaneously

    Different SSL vpn for different location so we need to have 2 vpn simultaneously for user's PC. Could you please let us know the option to use since currently we are not able to use it.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. auto switch internet once the bandwidth connection is less than 5 mbps

    Need to add a rule where assigned ISP should automatically switch to other ISP once the bandwidth speed goes down below 5 mbps.??

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Expire local accounts?

    Need ability to expire user accounts that exist solely on the XG appliance (vendor access to specific resources internally through SSL VPN)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  19. HA unlinked status like in UTM9

    Please introduce unliked status in XG HA like it is in UTM9.

    After we upgrade customer's XG firewall in HA, often the box without important ethernet cables end up as master (active) and then important networks are not available.

    At least in XG18 EAP3 is should be possible to change monitored ports? We hope so.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. change tracker

    The UTM had a feature that tracked changes in detail that made troubleshooting a little easier. The detailed information made it easier to go back and undo anything that was not working. XG has the Admin Events but they are very basic and do not show the exact changes that were made. It also showed detailed changes that were made by other users.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.