XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Web Surfing Reports- CSV file Downloaded in Archive Format

    Web Surfing Reports are downloading in Archive format and we need to extract the Archive to see the .CSV file, it takes a lot of time.
    I request that the Reports gets downloaded directly in .CSV format instead of Archive format.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  2. MTA SPAM Filter

    We need to have a better spam filter/content filtering in the XG Firewall. the SG Firewall has a better filtering/blocklist to prevent spam. the XG allows messages that were not allowed through on the SG. not sure if this was from one of the blocklist/RBL but we need that one back, the XG filter is fairly week. can you please put a better one in? also need better content filtering

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Email sending thru the corporate network should have the approval of email from the authority before it goes outside

    This is to check whether the mail going outside the network be authenticated and none of the malicious user would be able to share the confidential information thru email to the outside network

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. NTP server authentication

    NTP authentication is to verify the time source is legit.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. DNS - Import entries from a text file

    It would be useful to able to import DNS entries from a text file.

    Buongiorno, in seguito ad una richiesta di supporto, sono a chiedere l'implementazione di import entry dns sul firewall da un file txt.
    grazie

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Power supply: SNMP and Web UI monitoring

    Request for the SNMP polling /trap for power supply.

    Request can using command /web ui to read power supply status

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  7. SFM allow login security as you do for XG

    [On behalf of customer] XG allows you to block, Admin logins after X number of unsuccessful attempts from a same IP, SFM doesn't allow you to do this at the moment.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. VPN Client: Check endpoint device health before connecting

    Ability to filter VPN client by checking that they are fully patched and running AV/anti-malware software, i.e. if the client is insecure then they cannot connect to the VPN.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. Match Rules Lookup / Search Option

    I would suggest that there is a Match Rules Option like Fortigate's Policy Lookup.

    If say the XG have 1000 firewall rules, it is hard to match which rules will a particular packet will use to pass through. From this, it will help in troubleshooting and also help to check unused or misconfigured firewall rules.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Central Mgmt: Don't delete backups from returned devices

    Previous firewall that was synchronized to the central admin (RMA'ed unit's backup from the sophos central) shouldn't be deleted once the new device will be overwritten. There should be a way to download it all and be imported to the newly synchronized unit.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Sophos XG Firewall Gateway Specific Web Filtering/Application Control

    Would be great if we had this feature. When using a backup gateway on a rule we don't necessarily want to allow as much traffic to pass over that gateway as on the primary gateway. Our backup gateway may be capped or not able to sustain such a large amount of traffic rendering it unproductive in the event that we need to use it. If we could setup gateway specific web and application filters that would allow us to limit or restrict what traffic passes over a gateway - specifically a backup gateway - we could limit and block all…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Export Rejected mail Log Option

    We are using Sophos SXG310 and it is configured in transparent mode and for Mail, It is configured as MTA mode. So Mails which are been rejected based on RDNS or IP Address basis by Sophos, Neither recipients or Senders are aware of this failed delivery. So we want to export mail logs based on filter "rejected" for some specific time period from Sophos so that we can manually intimate the recipients regarding failure of Delivery.
    Please consider this requirement in next release.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. My Sophos model -XG125 (SFOS 17.5.9 MR-9)

    we are creating free wifi zone at our Mall. In that regards we have used your device and we would like to suggest that currently your Login page is coming first and later on the registration page. Our suggestion is that the Registration page should come first so that user registers first and then the login poge should appear where they can login and use the service.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  14. Schedule WAF rules

    Version 18 has changed how Business Application Rules work. DNAT is done by a combination of NAT policy and regular firewall rules, which can have scheduled on/off times.

    WAF/Webserver Protection rules cannot currently be associated with schedules.

    This item is created so that folk who previously supported the Business Rule schedule feature because of a WAF requirement can transfer their votes here.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Show WAN IP for RED devices

    Show the public IP address of REDs in the network interfaces page in addition to the interface address of the WAN port on the RED. Currently, the only way to check the public IP is to grep for the RED device ID in /log/red.log in the advanced shell.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. Per-user session timeouts

    We need session time out after 10 minutes for specific user but this setting availed for all users not for one specific user so please add this feature in firewall.
    I recommend you to add captive portal session in suffering quota where is Cycle hours.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Shared Network Quota

    I have a new request about issuing shared limit network quota for a group.
    Now when I assign to network quota to group , that group each user will getting that particular data quota.

    Ex: User Group Name - Test and Allocated 200GB to group, The test group have 10 Users.
    As now In sophos Each user will get 200GB. But I want to use this 200GB as a Shared Data bundle.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. WLAN Automatic Blacklisting after x attempts

    Aruba’s Wireless APs have the possibility to block macs after a x attempts with wrong creds (psk or enterprise un/pw)

    This is a good security feature and better than simple whitelisting.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Reporting

    we need a Report based on the destination IP address, based on the destination we need to find the source IP address.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. multiple WAN interface option in Ipsec client vpn settings

    Need the Option to add multiple WAN interfaces in Sophos Connect client settings.
    if there is 2 WAN connection and 1 connection is down then the remote client don't have any option to connect to VPN through 2nd available ISP. if this option is available then the user will have 2 profiles in their Sophos connect client.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.