XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Option to monitor health of RED via SNMP

    The option to monitor the health of RED via SNMP. Specifically individual port traffic on the RED itself (not just the single RED interface on the XG) as well as WAN and failover status so that a site does not inadvertently get 'stuck' in failover mode and consume excessive cellular data.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. Use LTE connectivity instead of only 3G/GSM/UMTS on RED

    I noticed that when configuring a 3G/UMTS failover for a RED appliance even with using a Sophos 3G/4G expansion module module, that there is no option to actually use LTE connectivity, only GSM exists at this time it would seem.

    Support has confirmed in fact that the failover is in fact only GSM = 3G UMTS

    It would be good for RED to use or have the option to use LTE connectivity given that GSM/3G/UMTS is yesterday technology and 3G in my country has its days numbered (3G network closure announced for 2024).

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. master key is forcefully feature. keep it an optional

    i am strongly recommended that keep this master key feature optional. as i am facing lots of problem regarding Master key. i am administrator & managing 5 Sophos device of each different location. we are already using encryption password method for backup.
    so why this feature needed and mandatory ?

    this is forceful feature not usable for my current scenario & have double headache to remember key and store it on safe place.

    also i read in your website , if we lost this key all backup will loss. if you have don't have recovery option this feature is useless…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. User internet usage report fine tuning

    Need user web browsing report and internet usage report finetune. Not able trace user which site accessed and how much internet used individual users.
    Not able to trace user internet usage activity clearly.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  5. Please enable the option for importing the new user credentials through .csv file, which was there but now you have removed

    Please enable the option for importing the new user credentials through .csv file, which was there but now you have removed after firmware upgradation.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. time of click protection

    Due to the risk of users visiting unsecure sites that is being listed as HTTP:// bowsers are updating these security protecting by forcing the sites to go to HTTPS://. This being said the Sophos Email Appliance that is still being used by some companies out there is currently protecting the users with time of click protection but the link that the user gets is http://email appliance name : port. Will it be possible to get the link that the email appliance changed to be sent as HTTPS://email appliance name:.

    If possible or not please may I have feedback on this…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add tiktok to application policy list.

    Add tiktok application to application policy list to manage traffic easily. It's a high data consuming app and please always ensure a way to control application traffic by sending updates for latest application or suggest a way we can add application manually as sophos let us control web traffic.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Require local user password criteria to be defined

    Administrators should be able to require users passwords to meet certain password criteria/complexity, Character length, Case, numeric, special characters.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  9. Require local XG user password change by administrator.

    Admins should be able require users to change password at next login.... We are setting up our users on a new XG Firewall, we should be able to require them to change password at next login so they are not using the common password for setup... So passwords are unique.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Create a schedule to turn SSL Site to Site VPN on and Off

    Some of the competitors allow for Site to Site VPN connections to be turned on and off by schedule. For example, nights and weekends when people arent using the connections. That would be good for small offices.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. Make Secure Storage Master Key OPTIONAL

    I don't want to use a secure storage master key. This is something we don't need and will just make life more difficult for our staff who manage more than 150 different Sophos XG devices having to store keys all over the place. I'm sick and tired of the screen popping up every time I log in and the fact I can't take a manual backup.

    Will Sophos please stop forcing this and make it optional. I'm the Administrator, not Sophos.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Integrate Azure MS Analytics Agent into XG, to replace old and retired OMS agent

    Your XG vm in Azure currently has an OMS linux agent installed which is no longer supported or used by MS. The new MS Analytics Agent should be added to the XG so that Users of MS Security Center can log and manage the analytics the agent collects as well as review all the collected logs etc.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Geo IP Database

    GEO IP database should be updated with pattern updates and not just when a firmware update happens. I have experienced too many issues with IP's being blocked due to the wrong country.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Advanced user access

    Require custom profile feature with User add/ remove Disable and that custom profile user should control only Sophos connect VPN user list and not be able to change anything else.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. The internet is not accessible for the remote machines which connected behind RED-15 machine while XG is down

    Kindly allow the traffic for the RED-15 appliance as a switch while it is not connecting to XG.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. BLE

    Will we get BLE support on XG wireless?? I also posted same for Central wireless but would also like to see it for XG too.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. I need configure Sophos as transparent allow DHCP from WAN to Lan My DHCP Server Is My Cisco Router Not Sophos

    I need configure Sophos as transparent allow DHCP from WAN to Lan My DHCP Server Is My Cisco Router Not Sophos
    MY Scenario Is
    Port1 Connected to Cisco Router 172.16.5.1 /24 As WAN1
    Port2 Connected to Cisco Router 192.168.0.1/16 As Wan2
    i need
    allow DHCP Range 172.16.5.0/24 From Port1 to Users Which Connected Throw Port5
    allow DHCP Range 192.168.0.0/16 From Port2 to Users Which Connected Throw Port6
    .
    I need
    Users On Port5 Out From Port1
    Users On Port6 Out From Port2

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  18. IP list suppor feature in SSL VPN

    Dear Team,

    Recently we have changed the devices from cyberoam cr100ing to sophos xg210 and In Cyberoam we are able to add the IP list supported hosts for the SSL VPN but in Sophos XG 210 we are unable to add that. Can you please add that feature in Sophos XG210? because to add the one by one host is the time consuming process as ws have the 200+ SSL VPN uers.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ampliar rutas máximas con Sophos Connect

    Poder tener más de 100 rutas configuradas con Sophos Connect ya que actualmente solo permite 100 o poder modificarlo manualemente en la configuración.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. Password Age and Password History Feature Add to Password Complexity

    It will be a good value add for the purposes of PCI-DSS audits, that the firewall should have in its local authentication mechanism (if the customer opts to use this option as against offloading to a dedicated IAM) for administrators and end users, a password age, and Password History feature.

    Password Age will ensure that the administrator can set how old a user's password or admin password can stay in the system unchanged before it begins to remind the users and admin to change their password. It can be 30 days, 45 days, 60 days, or as flexible for the…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.