XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Regarding Web

    Please Add the MAC Address of System With IP Address when user download during the web url of client users. It is very mandatory things for all the Sophos Client because the DHCP lease IP address change as their particular time but the mac address remain same on the system. So Please do the needful Sophos Client and add this feature in next updates of firewall.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  2. user portal more email adresses

    On xg user cannot access to quarantine email.
    If you have 2 email domains defined, xyz.com and xyzllc.com, and emails to both domains go to the same users, the quarantine digest is sent for only xyz.com but not for xyzllc.com.

    Users shoul be able to see all the quarantine emails from all their email-adresses.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Filter Option not available in under Intrusion prevention-Spoof protection trusted MAC and its very difficult to change MAC or IP

    Please provide this option urgently in XG430 because its very difficult to find MAC or IP. I was used Cyberoam before and this option available and its very easy to use. After upgrading Cyberoam CR750ing to sophos its very difficult. Thanks for Understanding.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Close Sophos Ideas for XG firewall

    Sophos Ideas platform for XG is abandoned by the developers, customers spend time here for nothing, customers may thing that their ideas will be listen and when they notice this is a waste of time they get even more ****** off.

    So, to avoid this is better to close the platform.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sophos integration with Microsoft SCOM-System Center Operations Manager

    Sophos XG/iView should create management pack which includes monitoring configurations and data collection parameters tailored for specific applications and services which we can import on Microsoft System Center Operations Manager to trigger alerts/conflicts/any attacks ralated to Firewall and SCOM will create an incident against this.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  6. Log Viewer Raw Data Export

    When we customize the Log viewer & export it, we get only the last 15 min data. Which is not sufficient. There should be a date range option there so we can download full day log records. Raw data attributes are really useful for the IT Admin point. Also in the Report section, we are not getting all the raw tab features which is in log viewer. It should be there. & there should option for download all data..currently only 5,10,25,50,100,200..but if we want to download all data at single click, we can not. Report tool must need to improve..

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  7. Logfile retention of detailed logs

    There are possibilities to view what happens in XG with Log Viewer. But if you really want to know what happens, then you need to investigate the service log files as described here: https://support.sophos.com/support/s/article/KB-000038142?language=en_US

    These files seems to be more equivalent to the log files which we got with UTM Firewall. Especially SMTP logs with “Log Viewer” are really bad. So you need to consult the smtpd_main.log.

    These logs are rotating in two files: .log and .log.0

    We process daily 8000 email over XG MTA. With the log file of smtpd_main I am able two investigate just the last two…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. sophos xg firewall dashboard icon for vpn color should not br red once one tunnel is working

    sophos xg firewall dashboard icon for vpn color should not be red once one tunnel is working
    it should be yellow with triangle icon and down you can mark 1out of 2 is down

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Request for WAF TLS1.3 Support

    Request for WAF TLS1.3 support feature.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add/Change/Override URL category for website

    I see there are similar feature requests from other people but Sophos really needs to step with their support (really bad) as well as with features which will save a lot of time partners and Sophos XG admins.

    Since XG has really poor database of categorized websites, Sophos really needs to work on this in order to create workflow where non-categorized or wrongly categorized sites can be adjusted without taking big manpower from administrators!!!
    We also work with some other firewall vendors and categorization is actually next business day where customers are the ones submitting it over web.

    As far…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Responsive Admin Dashboard Design

    Could you please improve Sophos XG admin dashboard responsive fit for wide screens and scale properly on mobile devices. At the moment layout is narrow and doesn't utilise modern website scale availabilities. Also is it possible to improve Control Center, main page, start time as takes too long time to load?

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Policy Test improvements

    Policy tester should be able to test/display results for the following:


    • Direct proxy mode (currently you need to search matching rules via proxy debug log)


    • Firewall services (having https://firewallip:4443 as URL will give the result "blocked", even in scenarios where an explicit firewall rule for like the direct proxy is present)


    • SD-WAN rule that would match the specified traffic (must not display the gateway decision itself)


    • NAT rule that would match the specified traffic


    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Extend Notification List

    With XG 18.0.1 there is the "Notification list" in "Configure"/"System Services". Please add more options to that list. First it would be nice to get an email, when an Problem is resolved.

    For example:
    - Wireless Access Point is online
    - RED Connection is online
    - Gateway is online again

    Then it would be also nice to separate notifications for VPN if it is a Client Connection or a site-to-site connection.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  14. RED Tunnel Sorting improvements

    Please improve numbering and allow sorting and filtering of RED tunnels so that they are no longer listed in the order of 1, 10, 11,100,101, 102,..., 198, 199, 2, 20, 200, ...
    When I list my REDs on 17 it is by tunnel ID sorted similar to above.

    When I look at the sorting in version 18.0.1, it shows the Branch Name, the tunnel ID is now invisible, but, the hidden tunnel ID is still the information that RED's are sorted by.

    You could add leading 0(s) to the 1 and 2 numbers numbers and show the Tunnel ID in…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. manage TLD / ccTLD DNS lookup results in XG DNS

    Currently, blocking or redirecting TLD / ccTLD (https://icannwiki.org/Countrycodetop-level_domain) dns lookups for clients using XG dns requires configuring dns request routes for each one to send those lookups to an external Microsoft or other dns server populated with fake TLD / ccTLD zones and wildcard records. It would be simpler to be able to control lookup results within XG without having to route to an external server.
    This request was similar but applied only to web http traffic rather than the dns level to address all protocols: https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/31267192-block-tld

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. botim

    Botim is popular video calling software , Please add signatures of botim to application cyberoam /sophos filter

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
  17. sophos connect

    Can we've an option to integrate AD with Sophos Connect same as SSL VPN?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. Alert customisation

    Please could it be made possible, so we can edit the alert emails that are sent i.e. IPS

    Currently, we receive emails on an IPS event but it appears to be lacking information

    we currently get the firewall serial number, the hostname of the firewall and its management IP, the date and time of the event and the Alert ID

    It would be nice to see not only the threat (Message) but it would be good to see the attacker IP and the source IP the attacker was trying to reach.

    This would save having to go through the firewall…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. MIME types for Macros

    It would be great if you add a new Category to the MIME type filters for any macro enabled Office file type. At the moment we have tor add those file types manually for every customer.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. email quarantain

    Edit the Release Link in Quarantine digest email for XG 17.5.13, not to x.x.x.x:4444
    rather to the UserPortal, instead to message: "You can release quarantined emails only from user portal. To release them, sign in to user portal."
    Or remove the link.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.