Provide an option to reboot a RED device from the XG web GUI. Currently, the only way to reboot the device is to go to the site and power cycle the unit.

Provide an option to reboot a RED device from the XG web GUI. Currently, the only way to reboot the device is to go to the site and power cycle the unit.

Under IP Host, it would be great to have a Network List feature where we can add multiple networks, similar to IP List (which only allows for IP address' and not Networks).

MD5 checksum is not listed on the download site in the Hardware Installers and Virtual Installers of Firewall OS for XG Series.

MD5 should be written like SG from the viewpoint of security and installation failure.

it would be great to be able to manage multiple host on the same IP while creating a DNS record on the Sophos XG.

Right now we se the gateway as a DNS server and creating more than 100 records is no cool.

Allowing the use of wildcard would be even better.
*.domain.com A 192.168.0.1

Option require on load Balance with IPsec VPN

Dears ,

We need to have a Virtual domain in our XG firewall like in Fortigate & Palo alto . because sometime this feature kick us out from competition

Dears ,

It will be awesome if you make a change in your subscriptions EnterpriseGuard by adding email protection to be anti-spam like in Fortigate in this way Sophos will be more flexible to meet customer requirements . When customer asking about subscription with anti-spam and not full email protection we can provide EnterpriseGuard by this way we will be more competitive . but if the customer look to full email and WAF then the FullGuard will be choise

Dears ,

I'd like to suggest one thing regarding hard drive SSD . if it is become more flexible . i mean if we can change the SSD hard drive on the firewall according to the customer requirements

Because sometimes the firewall throughput's being acceptable but the customer be restricted to specific size of SSD this caused lost a lot of projects against other competitors

Most ISPs in Europe require you to use a DHCP Option on the WAN Interface in order to use your own Router or Firewall.

If this can't be done on the Sophos XG it is useless to me and a lot of other people, which would be a shame.

The very purpose of the Cyberoam firewall is defeated as the Cyberoam does not/cannot prevent users from setting a weak password. The Cyberoam should prevent users from setting weak password. Also, admin shoul be able to set complex password policy.

Secondly, the user should be allowed to reset his password after the first logon. Why should the admin know the users password? The admin can assign the password initially. However, when the users logs in for the first time using that password the user should be able to change his password so that it is known only to him.

XG already has 802.1x for AP authentications, but it can't be used as a client. Many ISP's (specifically AT&T) use 802.1x client on their supplied CPE with priority vlan 0 tagging to authenticate.
UTM can replace the vendor-supplied CPE by adding a wpa_supplicant, but you don't have the kernel-level control on XG as you do on UTM. Sophos would have to add this feature to XG.

Currently in MTA Mode you only have the ability to block inbound spam based on email address of FQDN. Having the ability to block by keyword and or ip address would be a significant gian. We curerntly get 20 od emails a day from "Famous Parts" all different email domains. If we could block "Famous Parts" or IP these would be siginificantly reduced.

You missed to implement sha1 in snmpv3 config. Many monitoring solutions only support md5 and sha1, but not sha256 and sha512, so we must use md5 for hash.

Security cannot be an argument, since "DES" is still offered for the encryption.

It would be nice when changing the hostname in the Sophos XG WebGUI it will be also changed in the OS-System. Actually only the application changes it for certificates, but the Operating System is still localhost. This looks confusing in the ESXi virtual machine overview

We need to now in central SOPHOS device wise or users wise what are the application is suing & which are websites are accessing date & duration if it captures it will be easy to monitor employee usability

We need complete monitoring of applications if user opens any application it should capture the log based on usage we will block the same