XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Request to have IP List to be configure under Allowed /Blocked client networks under Access Permission on WAF Firewall Rule

    Hello Team,

    We have customer here requesting to have IP List to be configure under Allowed /Blocked client networks under Access Permission on WAF Business Application Firewall Rule.

    For your assistance please. Thank You.

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
    • ppoe

      on the wan port PPOE connection not working properly. every 15 day it will be down automatically ,during that Modem is working fine but in network setting PPOE port shown down.

      please update any new MR for this problem

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Overide Hostname - Multiple Hostnames/IP's

        To have the possibility of put multiple IP's on the "Override Hostname" configuration.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Organization - Group of groups

          To have the possibility of create a group of groups. If I want to separate Business Rules in groups ordered by services, it would be helpful to put the groups of Business Rules in a group, in order to do not confuse Business Rules with Network/User Rules.

          1 vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
          • Create template for Business Application Rules

            When some Business Rules are being configured, it would be helpful to have the possibility of create a template for a rule. In order to optimize the troubleshooting.

            3 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
            • Inside activation Firewall Rule

              If a Firewall Rule (User/Network Based) is disabled, it would be nice to have the option to activate it inside of rule configuration aswell.

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Multiple IPS in Business Application Rules

                When creating a Business Application Rule as a NAT, to have the option to choose more than just one IP Address to receive the connection.

                4 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                • Authentication Client automatically installs relevant Certificates

                  I would really like it if teh Authentication Client automatically installed relevant Certificates from the firewall. I have a couple ideas about how this could be implemented:
                  1) During the download and installation the relevent certificates could be downloaded and installed.
                  2) During operation the client could sense a network location and firewall change (e.g. work/home) and suggest downloading and installing new certificates to support the firewall you are now sitting behind.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                  • firmware update without service interruption

                    firmware update in High Availability (HA) mode should be possible without service interruption

                    4 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                    • After Creating VLANs in Sophos XG 215 firewall Not able to Scan on a network scanner as MultiCast is not Supported.

                      As per feedback received from your support engineer , XG215 UTM does not support MultiCast which my scan application is using. Kindly provide a patch in my XG215 UTM to support MultiCast at the earliest so that we can put End Points , Servers , Printers and Scanners in different VLANs.

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                      • office 365 mail Notification

                        Why does not 17.5 is not supporting the office 365 mail notification. Need to allow the feature in the XG firewall,.

                        2 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                        • Choose interface IPs for built in services

                          The XG does not allow the ability to choose which IP interface a built in service like VPN/IPsec and the SPX portal bind to. For example, I have a /24 public IP range, and in order for a NAT to function for outgoing traffic, I'm required to create an aliased IP address on the WAN link. Each and every aliased IP responds to requests on UDP 500 as the following (via namp or the nessus vulnerability scanner): 500/udp open isakmp StrongSwan ISAKMP.

                          The fact that there may be rules in place in the VPN configuration to limit who can actually…

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                          • Sophos Connect - Add groups to "allowed users"

                            In the current implementation we are unable to select groups in the "Allowed users" field. Selecting groups would vastly improve time spent rolling Sophos Connect out for our pilot users.

                            I bet a lot of other customers also use LDAP against their domain to fetch users from there. Having to maintain pilot users two places makes this a headache.

                            Thanks

                            3 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
                            • Change front lcd display text

                              It would be great to change the front LCD display text using Advanced Shell.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                              • Federico Poni

                                It would be useful to be able to set the number of simultaneous logins for guest users during bulk creation, or to set up simultaneous logins in the guest user creation template

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                • Firewall Rule backup wan Server all connections over primary

                                  Add the option for Action on Failback on the Firewall Rule itself when using the Primary WAN and Backup WAN options.
                                  We have situations where we have a Voice Firewall rule that is for the customers Hosted phones system. We offer the ability to have failover WAN on the system(phone and firewall). In cases due to poor ISP quality the backup WAN (on the voice rule) is not ideal for VOIP and has issues like echo, Dropped packets and so on.
                                  In a failover event we are able to have there phones starting using the backup connection however when it…

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Nofication

                                    SSL VPN Connect after Nofication E-mail Send Support.

                                    1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Fix feature SSL VPN Clientless Web Access

                                      The feature SSL VPN Clientless Web Access that cannot access the remote web page when link is contain dynamic javascript content. This happen on the web page that have a link when the click show the pop up windows and web page that generated dynamically with javascrpt.

                                      2 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
                                      • 2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Purge email via GUI

                                          Hi,
                                          To be able to purge all emails in mail spool via GUI instead of CLI!
                                          Many Thanks

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.