Web Surfing Reports are downloading in Archive format and we need to extract the Archive to see the .CSV file, it takes a lot of time.
I request that the Reports gets downloaded directly in .CSV format instead of Archive format.

We need to have a better spam filter/content filtering in the XG Firewall. the SG Firewall has a better filtering/blocklist to prevent spam. the XG allows messages that were not allowed through on the SG. not sure if this was from one of the blocklist/RBL but we need that one back, the XG filter is fairly week. can you please put a better one in? also need better content filtering

This is to check whether the mail going outside the network be authenticated and none of the malicious user would be able to share the confidential information thru email to the outside network

NTP authentication is to verify the time source is legit.

It would be useful to able to import DNS entries from a text file.

Buongiorno, in seguito ad una richiesta di supporto, sono a chiedere l'implementazione di import entry dns sul firewall da un file txt.
grazie

Request for the SNMP polling /trap for power supply.

Request can using command /web ui to read power supply status

[On behalf of customer] XG allows you to block, Admin logins after X number of unsuccessful attempts from a same IP, SFM doesn't allow you to do this at the moment.

Ability to filter VPN client by checking that they are fully patched and running AV/anti-malware software, i.e. if the client is insecure then they cannot connect to the VPN.

I would suggest that there is a Match Rules Option like Fortigate's Policy Lookup.

If say the XG have 1000 firewall rules, it is hard to match which rules will a particular packet will use to pass through. From this, it will help in troubleshooting and also help to check unused or misconfigured firewall rules.

Previous firewall that was synchronized to the central admin (RMA'ed unit's backup from the sophos central) shouldn't be deleted once the new device will be overwritten. There should be a way to download it all and be imported to the newly synchronized unit.

We are using Sophos SXG310 and it is configured in transparent mode and for Mail, It is configured as MTA mode. So Mails which are been rejected based on RDNS or IP Address basis by Sophos, Neither recipients or Senders are aware of this failed delivery. So we want to export mail logs based on filter "rejected" for some specific time period from Sophos so that we can manually intimate the recipients regarding failure of Delivery.
Please consider this requirement in next release.

we are creating free wifi zone at our Mall. In that regards we have used your device and we would like to suggest that currently your Login page is coming first and later on the registration page. Our suggestion is that the Registration page should come first so that user registers first and then the login poge should appear where they can login and use the service.

Version 18 has changed how Business Application Rules work. DNAT is done by a combination of NAT policy and regular firewall rules, which can have scheduled on/off times.

WAF/Webserver Protection rules cannot currently be associated with schedules.

This item is created so that folk who previously supported the Business Rule schedule feature because of a WAF requirement can transfer their votes here.

Show the public IP address of REDs in the network interfaces page in addition to the interface address of the WAN port on the RED. Currently, the only way to check the public IP is to grep for the RED device ID in /log/red.log in the advanced shell.

We need session time out after 10 minutes for specific user but this setting availed for all users not for one specific user so please add this feature in firewall.
I recommend you to add captive portal session in suffering quota where is Cycle hours.

I have a new request about issuing shared limit network quota for a group.
Now when I assign to network quota to group , that group each user will getting that particular data quota.

Ex: User Group Name - Test and Allocated 200GB to group, The test group have 10 Users.
As now In sophos Each user will get 200GB. But I want to use this 200GB as a Shared Data bundle.

Aruba’s Wireless APs have the possibility to block macs after a x attempts with wrong creds (psk or enterprise un/pw)

This is a good security feature and better than simple whitelisting.

we need a Report based on the destination IP address, based on the destination we need to find the source IP address.

Need the Option to add multiple WAN interfaces in Sophos Connect client settings.
if there is 2 WAN connection and 1 connection is down then the remote client don't have any option to connect to VPN through 2nd available ISP. if this option is available then the user will have 2 profiles in their Sophos connect client.