XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Dhcp lease Export in one Excel File

    It is submitted that in the firewall the DHCP Lease can not be download properly due to this admin user has facing the problem. So your are requested to please provide the function to import excel file of all DHCP Lease IPv4 so that all lease can be downloaded easily and maintain the DHCP logs by the admin user properly. Firewall>Network> DHCP>IPv4

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. User Disconnect Facility Provide the User Access Portal

    It is submitted that the user provide the facility of disconnect the live user himself by their User Access Portal that. Right now their are 2 facility is available in the firewall to disconnect the user (1 is by the Firewall Admin> Current Activities> Live Users> Disconnect & 2 is user login the same pc and logout himself. User needs to extra facility to disconnect himself from any PC by the User Access Portal.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  3. User Disconnect Facility Provide the User Access Portal

    It is submitted that the user provide the facility of disconnect the live user himself by their User Access Portal that. Right now their are 2 facility is available in the firewall to disconnect the user (1 is by the Firewall Admin> Current Activities> Live Users> Disconnect & 2 is user login the same pc and logout himself. User needs to extra facility to disconnect himself from any PC by the User Access Portal.

    0 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  4. Quarantine Page on XG Firewall needs more options

    I would like to have the ability to choose the number of quarantine email that I can see at one time with a selectable list of options, 25, 50, 100, 200, all, etc. I would also like to see the delete and release buttons at the BOTTOM of the list as well as the top. The fields that contain the senders email addresses need to be longer or selectable in some way so that you can copy the domain information. Perhaps there could also be a button to create an exception rule directly from the selected email as well.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Surfing quota should not apply to SSL VPN login when SSL VPN is not used as a default gateway

    Based on case 03497881, Sophos doesn't think that having the surfing quota tied to the SSL VPN function is a bug even when SSL VPN is not used as the default Internet gateway. This should be changed so customers do not need to create separate user IDs for LAN usage and for SSL VPN login.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  6. reporting

    Hi,
    It has become apparent for us to try and implement Traffic Shaping rules for specific interfaces - in our example we have couple of rule and 4 ISP provide circuit in that
    utilization of bandwidth on rule base report WAN usage.
    please prepare the bandwidth occupancy based on the functions such as rule name Annotation, DI, OP, SF etc

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  7. RED WiFi Uplink

    It would be nice to configure the Uplink of a RED-Device over WiFi (e.g. RED15W or WiFi-Modul for RED). The first-initialization over LAN is not the problem.
    This would be a good feature for HomeOffice.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. OP Manager Compatibility with XG

    Customer wanted to have the OP manager compatibility with XG Firewall

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Radius on Sophos XG Firewall should forward the IPv4 Attribute to MFA solution.

    Radius connection from Sophos XG Firewall dosn't forward the IPv4 Attribute to our MFA system (test with other firewalls vendos do that)

    We are using the RADIUS Attribute CALLING-STATION-ID (31) in our ENTRUST MFA solution.

    In our setup users authendicate through RADIUS when connecting with remote VPN (Sophos Connect) - we can see the remote IP of the user in the firewall so the XG know it - but the IP not forwarded to the MFA solution

    The IP is uses e.g. for risk management settings.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  10. users are using their PC as hotspot? And Sharing the internet with other devices over wifi?

    Hello, I am admin of the XG firewall , I want to bring in your knowledge that some of my users
    are using their PC as hotspot? And Sharing the internet with other devices over wifi? we need to stop them

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Sophos Connect Client 2.0 for macOS

    Currently XG Firewall only supports Sophos Connect Client version 2.0. At the moment, there is only a Windows version. I've contacted support and received the following reply:

    "Sophos XG now only support v2.0 of Sophos Connect Client which has only Window Support.
    For Mac its still in feature request. Our Sophos team is working on it.

    Sophos currently doesn't support your requested feature but values your input into improving the product to best meet our customer’s needs.

    We have requested you to raise feature request using http://ideas.sophos.com/ and subscribe the notifications.

    This would be reviewed by our Product Management Team…

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. OWA

    The ability to download the Outlook Add-in XML file to add to the Encrypt & Report as Spam button to OWA (Outlook Web Access).

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Ability to Traffic Shape & QoS Specific Interface

    Hello!

    It has become apparent for us to try and implement Traffic Shaping rules for specific interfaces - in our example, we have a site which has many RED Branch Offices. These branch offices appear to be causing high utilization on our available WAN usage.

    Currently, to create a Traffic Shaper or QoS rule we'd need to define it within "System services > Traffic shaping" and then apply this to a firewall rule under "Rules and policies > Firewall rules > [[Edit Rule]] > Other security features > Shape traffic".

    This works great for when you have a specific service…

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. SSL VPN logs

    I want to suggest if we can have IPSec and SSL VPN logs to be visible from the GUI. Currently, we need to go to the advanced shell and it is very slow especially when you are accessing it through Sophos Central.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. I would like you to be able to confirm whether the AirGAP license has been applied.

    I went on a business trip to the site, operated it, and returned once without being able to confirm whether it was applied normally on the spot.
    Check the log output after the next day, and if it doesn't work, go again and extract the log ...
    I think that it is a product. It's too inconvenient to use.
    Because it is an AirGAP function that is supposed to be used in a closed environment
    Because you can't operate it unless you go to the site one by one, it seems that it is only a defect that you need…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. 4G Data limits and reporting

    Being able to monitor, report and alert on the data usage that the 4G modules are using would be good, being alerted that an SD-RED or XG is consuming excessive data or putting a data cap/throttle on the system to prevent excessive charges is needed

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  17. Authentication: UUID instead of MAC address for binding

    Sophos XG supports MAC binding for user authentication.
    This is a feature used e.g. SSL VPN connections to identify devices.
    Mobile devices with Android or iOS as operating system do not support sending the MAC, but instead the UUID.
    Therefore I request adding this feature so we can identify corporate devices by UUID.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  18. VPN detail report

    We have Migrated our Firewall from 18.0.3 MR3 to 18.0.4 MR4 from then Detailed report of Date wise VPN Usage is not coming from Fireawall

    We need date wise report with data like


    • Who accessed VPN (User name)

    • From Which Public IP and with VPN IP (Source)

    • Which Server it accessed (Destination)

    • Which Service Used (Protocol)

    • If data transferred , how much data transferred (data size & File Transfer details)

    • When Session Authenticated & when Started (Start time)

    • When Session Terminated (End time)

    • Success and failure incidents count its details (Audit Logs)

    Please help as early as possible

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. User Portal MFA

    If you try to log in to the user portal with MFA enabled, the login form needs to display either another text box to insert the MFA code or a message stating that a MFA code needs to be appended to the password.

    The current login form causes a lot of helpdesk calls because they don't realize ( or keep forgetting) that their MFA code needs to be inserted after their password.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make XG18 Web Filter User Notifications to Fully Customize HTML

    Being able to fully customize the user notifications & logo (displayed to the user when browsing blocked or warned pages, for example (PROTECT --> Web --> User Notifications --> Block message )) is desirable, e.g for purposes of translating the pages, the possibility to use full HTML with variables & logo images maximum size 125x70 pixels; they are ridiculously small to display the customer's logo properly.

    Additionally in the past we sold SonicWall and customers ask us for the same level of customization that they allow. (SonicWall even allows you to fully customize the UTM admin login interface)

    Please keep…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.