When XG rejects an email bigger than maximum allowed size, show this event in the GUI logs.

Email notification for any failed HA synchronization

I work at a school and it would be very helpful if teachers were able to test URLs using a student account to see whether sites are blocked or not.
We often get requests to unblock sites in the middle of a class as a teacher has tested the site using their credentials but not student credentials.

Add the ability to clone NAT rules

When the XG is reporting to SNMP, view in the SNMP the interface name, desciption or branche name. Ej.
SDRED, interface reds1, branch name: Detroit Officces.
View in SNMP Detroit Offices no the interface name (reds1)

Importing a list of known good email addresses would help our business. We have a list of legitimate customers, and their emails. We could format it in a CSV or just simply copy and paste, but there are over 2000 emails in this list and I cannot do them one at a time in the exceptions page.

I created a port forwarding rule from external port 8443 to internal 443, without thinking that SSL VPN is using 8443 already. XG is not complaining about this and creates the rule. So VPN is not working any more. It could be helpful if XG firewall would show a warning or an error before saving this to running config.

It would be great to have the possibility to add différents Domain Name by VPN policy, for case of Firewall mutualisation for various customer with multiple AD

This is regarding your service request number #03923876

We have configured 2 types of VPN in XG-210 i.e. SSL & IPSEC. For SSL we assigning the subnet 10.81.234.0/24 and for IPSEC we assigned subnet 10.87.143.0/24.

Now we are having the requirement to route the VPN USERS WAN IP traffic through XG UTM through particular ILL.

For Example
10.81.234.0/24 subnet traffic route through WAN 1 for end users.

10.87.143.0/24 subnet traffic route through WAN 2 for end users.

If you have any solution please suggest

It appears that the Sophos dashboard displays network attacks even for vulnerabilites that have been given an exception.

The web path /error/README is accessible from the User Portal URL and it displays the multi language custom error documents information. Pages like this are irrelevant and is not required for the User Portal to function correctly. Though unlikely that this will result in a successful attack, it still provides information to potential attackers about the system.

Removal of pages like this is appreciated.

Allow in SSL VPN to be able to put the fixed ip to a client.

Useful for CMMC and NIST compliance.

I use VirusTotal often either manually or via 3rd party apps or even via the API, so it would be ideal if we could use VirusTotal within Sophos XG v18 Web UI somewhere for diagnostics or threat hunting as an option on live logs or reports.

The Sophos XG Firewall routers need the web interface config pages speeded up - all units are much slower than the Cyberoam UTM pages load at and adding and changing a config can take from 5 to 15 seconds to load. Makes configuring a sophos from scratch a slow and tedious process.

Possibility to change the highest supported version of IGMP. Prohibition of use of IGMPv3 version.

Please add GeForce NOW game streaming service to applications recognized by Sophos XG.

Main website: play.geforcenow.com

Hostnames under *.cloudmatchbeta.nvidiagrid.net
us-central
us-east-2
us-midwest
us-northeast
us-northwest
us-south
us-south-2
us-southwest
us-west-2
eu-central-2
eu-central-3
eu-central-4
eu-northwest
eu-southeast
eu-west

Ports:
Game streaming: UDP (1:65535) / (49003:49006), TCP (1:65535) / (49006)
Testing: UDP (1:65535) / (5001:5002)

For XG / XGs with dual power supplies, a single PSU failure is indicated via audible alarm and blinky light.It would be great to have this condition logged, and to have a new notification category (e-Mail). This way customers could parse logs/messages/traps and catch failure conditions quickly vice relying on audio/visual cues.

When dealing with multiple REDs devices, it would be important not to drop the connection of existing REDs devices when changing/adding a RED configuration. Currently, if you change/add a red configuration, as soon as you save, all RED connections drops for a few seconds and affects all remote offices for connection-sensitive applications/processes (like Remote Desktop).