In the moment there is no way to generate a connection overview report from out of an XG. For example the custom reports section could be extended. These tables should be available:

Source-IP, Source-Port, Destination-IP, Destination-Port

Optional Fields:

Time, Application, Packet-Count, Byte-Count

The Query should be able to provide distinct results, especially when adding the packet-count field. To create a connection overview is a quite common task and is pretty easy in different deployments like inline deployment or even just as a Tap Device.

If the XG could simply generate a report, it would be a great function for any IT Provider.

I again noticed last night, the issue of getting Cert's onto Client devices in order for HTTPs decrypt and scan to work. Its fine for us IT people or Techies but for end users its always a headache (well in my case it has) So I wondered if it would be possible for Cert installation to be added as a feature of either Sophos Mobile control or another App that can be downloaded via the XG user portal or even just a link on the user portal (we already have the Client Auth cert on the user portal for IOS/Android so why not add the HTTPS decrypt and scan cert too)? That could be downloaded or logged onto so that users can easily install the HTTPs decrypt and scan Cert, I realise it can be done via an MDM solution but not everyone will have access to an MDM solutions so it would be a great idea if something could be done for Sophos XG licence holders..

Custom>Custom Web Report
Date Range = 18-09-2019 to 23-09-2019
Upon generating of custom mail report i have selected.
Report type - details
Search in = domain
search for - user
Records Per Chart = 200
Upon getting result of over 200 items / multiple page, i should be able to download all pages in any format.
at this stage i only be able to download one (current) page instead of over all pages together.

in my case, i get over 200 pages and all i have to do is change page, download it and keep going until i finish all pages, then combine together to make one report.

One of the columns in the Firewall log is User name.
If I click Add filter and choose User name in the Field box, my only options for Condition are: is, is not, Starts with and Does not start with.
I need to find all of the log entries that have no User name. If I try to use the filter to see those entries by the Condition box to "is" and leaving the Value box empty, an error appears stating "You must enter a value for User name".

To allow me to find all of the log entries that have no User name, I suggest you add a condition like Is blank, Is empty or something like that. Similarly, to allow me to find all of the log entries that have a User name, I suggest you add a condition like Is not blank, Is not empty or something like that.

When you have more than three alias ip addresses defined on a network interface the list will expand on mouse-hover to show the scroll bar. At least on Chrome and Firefox this scroll bar will force the edit/delete icons to flow over to another line making it almost impossible to edit the entries. This could be easily fixed by removing the max-height definition in the gui css on the "aliasBlockPort" element and removing the on-hover css change to overflow:auto.

Addidionally, when deleting an alias entry it will show an confirmation popup for deleting the entry. But the popup does not show which entry you are trying to delete and together with the overflow/size problem above there is no way to see if you hit the right alias definition