We need the ability to connect the Sophos XG to a third party private VPN service (NordVPN, PIA, Proton VPN). The XG would function as a client connecting to the service.

today, companies have no way of knowing how long a user was connected to the VPN and today due to use in the home office, the company has no control over usage and how long the user was connected

Today, if the user downloads the VPN application, he can install it on a personal computer, which should not have this access and in this way, it would be another point of security for companies that only the company's computers have. access, or just the equipment that has Sophos antivirus, which could be validated through heartbit security

Today too many companies need to define at what time the user can connect via SSL VPN, for example, users can only connect during business hours from Monday to Friday

Allow setting a category for multiple applications at once.

Synchronizes Application Control identifies a number of applications but puts them under "SyncAppCtl Discovered" Category. Some apps get detected multiple times because of different paths or other reasons.

It would be great to be able to select multiple applications from the list and set a category for them in one go.

Hello Team,

We have customer requesting here to implement Multi factor authentication to be integrated on active directory as they will be needing different level of security between their SSL VPN users. For your assistance please.

Thank You

Need to have Ip2country for IPv6 based hosts and IPv6 addresses per country. Also be able to list of networks in IP object like IPlist.

Required Live Bandwidth Speed Detail In XG Firewall if available in XG106 (SFOS 18.0.1 MR-1-Build396) so please support

Hi, can we request to add this app to be allowed?
This is installed on IOS/android mobiles used to post updates to Instagram.

This app is currently not working after going through our XG firewall.

https://smarterqueue.com/

Please advise. Thanks.

Would like to take a minute to address my request to the development team to have the feature in upgrading from firmware 17.5.14 to firmware 18.0.XX since we might lose some data if we did downgrade the firmware to an older module. Even though we have the backup for the old version but we might lose some data and sites which are currently connected to our XG firewall.

There is only two options we have to set "Maximum login limit" i.e. globally and individually. What if we have to set this for only particular group in which there is so many users. IT's hard to set "Maximum login limit" for too many users. So please provide the same option for group.
Thank you.

There is only two options we have to set "Maximum login limit" i.e. globally and individually. What if we have to set this for only particular group in which there is so many users. It's hard to set "Maximum login limit" for too many users for a group. So please provide the same option for group.
Thank you.

With some devices requiring the management or network creation to be on the same network, having to delete and recreate static assignments for specific management devices each time is quite a chore. Being able to disable a static assignment in one network so the device can be enabled in another network would be of great assistance. When using IPv6 recreating a static assignment is difficult at the best of times.

In instances where thousands of users need to connect to the company network especially now that a lot of users are WFH . It would be great to utilize multiple ISP links available when connecting to the company network. This will enable for creation of different profiles for different company sections while at the same time eliminating the single point of failure

Please add the ability to bypass ips/application regognigtion per rule, when performance is needed. even without applied ips rule, snort is analysing the traffic for application control, which result in a performance impact.

Please add the ability to bypass ips/application regognigtion per rule, when performance is needed. even without applied ips rule, snort is analysing the traffic for application control, which result in a performance impact.

Dear Team,

In PDF & HTML, we can only download the report page by page only which is very time consuming and also not the right way to export the data.

In CSV format above requested format is available but it should also be with PDF & HTML option so that on one go we could export the data in single file.

Cyberoam and SFOS v17x you can change SNMP Manager port from default 162
Please allow in XG SFOS v18x to make this similar change for compatibility.

In the UTM on "Network Definitions", you can click on a network and with the "blue I" from information option, there was information where the selected network is used in which configurations.
Even the modification time/date was visible.
For purpose to keep the systeem nice and clean, i would this option again in the XG version.