XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. POP3 Prefetch

    This is the only feature that is preventing me from migrating from UTM to XG

    I use the POP3 prefetch mode heavily for mail hygeine, but it is not possible in XG, and as this is used at home, I cannot alter my MX records as my ISP's IP ranges are blacklisted

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Group wise report with available data

    I created few groups and enabled each group network traffic quota.
    Now I want get each group allocated data and available data report.
    Unfortunatly sophos not available that feature.
    so i'm requesting to enable that feature.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  3. AD Password Change using user portal

    I'm using AD as authentication service in my sophos xg.
    But users can't change password using user portal.
    So pls enable that option for the AD.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Include trusted Certificate on sophos

    I have a huge problem with doing HTTPS Decryption and Scaning.
    Because in my enviroment haven't AD to push self-signed certificate.
    So I want to add CA Author Signed certificate, But unfortunatley any of CA Authority not providing root certificate. Therefore I have new suggestion , Pls add sophos own CA Signed root certificate to sophos firewall. It will be helpful all of sophos users to enable HTTPS Decryption and Scaning without installing certificate manually. Because browser will trust certificate automatically. I still waiting for solution for this.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sophos XG Home Hardware limits

    Considering the high internet connections already available to home users I think it would be important to at least increase the CPU's limit.
    Currently is 4 threads, whichs is a problem because in most home installations the firewall is virtualized and this means that you can only use 2 cores (4 threads).
    I think a limit of 8 threads would be fine. Right now the firewall with the IPS enable can hardly go above 300Mbps and I have 2 cores and 4 threads at 3.8 Mhz Zen2.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Hardware  ·  Flag idea as inappropriate…  ·  Admin →
  6. Vpn failover hostname

    I want to add second override hostname for vpn settings.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. please support the Radius SSO feature for AP55C.

    According to the Sophos KB 134148, the Radius SSO feature is supported by APX models.
    But customer bought a lot of AP55C, please also support the Radius SSO feature for AP55C.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. VPN Email Alerts

    Dear Sophos Developer Team,

    Please develop a solution to customize the SSL VPN Email Notification Alerts in your next OS release. We are receiving Hundred of emails per day after enable the VPN Email Notification Alerts of up/down status. Please do the needful.

    Thanks
    Regards
    Farrukh Naveed

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. Hotspot "terms of service" customization

    I serve a customer who uses XG firewalls in their chain of restaurants. They want to keep the customer hotspot sign-on process as clean and simple as possible. Vouchers etc. are a mission to manage - they just want to provide free Internet to their customers, limited by data or time.

    My customer would like to their hotspot setup in such a way that when a user joins, they are presented with a branded captive portal with a splash page, with terms of service for the user to accept.

    When the user accepts, they are granted Internet Access. 
The user…

    80 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. DHCP options 81

    If you use the Sophos DHCP Server and another DNS Server it is necessary that the option 81 is active to set and update the reverse zone pointer in the DNS Server.
    It is possible to add per CLI options to the DHCP Server but just to set an option without to know which fields has to be set makes no sense.
    Please add the option 81 to the DHCP Server.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. SSL client configuration profile name

    All profiles installed in a computer are installed in vpn client as [user]sslvpn_config. If you install a new profile when another one is already installed it overwrite the installed one.
    I know it is possible to edit the configuration file name for that but it would be great if the profile were installed with a name like [user]@device or something like that.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. Integrate with prtg for monitoring

    regarding monitoring for sophos products with prtg from paessler:
    is there any planning for a partnership to create sensors for utm, xg, wireless etc based on standard sensors for prtg ?

    or - is there any planning to distribute sensors or rest api scripts to take senseful analysis of this items / regarding too - snmp and operating values.

    at the moment, it is really a lot of work to create new simple sensors for monitoring sopohs products on a base level.

    it can be nix if the events were dropped by sophos central - but it is not nearly…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Sophos connect client allowed users

    The Sophos connect client permit list should be able to add users by active directory security group. We are a firm spread across 9 offices and the STAS works great on 17.5 MR9 to load the users to all firewalls but the process of adding all users into the connect client is really laborious especially when there is high turnover.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. With active MPLS link bypass Particular Server IP Traffic through IPSEC S2S VPN link

    A particular Server IP address which is included in the Static Route range for MPLS

    connection need to redirect through IPSEC Site to Site VPN link.(Case ID 9440485)

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email Alerts

    Please Enable the Feature of Email Alerts, whenever the users try to access any Blocked Website.get Email alerts who trying to access.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. Alert on advance threat Protection and Web protection

    PLease allow us to receive alerts for advance threat Protection and Web protection. If there is any kind of DoS or DDOS attack and any type of Web application blocked, admin can get alerts instantly on email.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. PPPOE time period option to reconnect after long outage

    PPPOE connection does not reconnect after being out of service (Outage) for too long. Need an option to set a time period for a attempt to reconnect after a long outage. The only solution for now is to get back to the office and reconnect manually which is a pain.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Microsoft sstp vpn pass through WAF rule

    At the moment, it is not possible to publish Microsoft SSTP server through WAF rule. Traffic is blocked at the Proxy module level. It would be good if this module were told about SSTP.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Sophos firewall rule routing control works.

    Routing internet traffic via another gateway should be supported when configured via a firewall rule. Case number 9360729 goes into detail with issue.

    I would also like to do policy based routes for only internet bound traffic so that internal traffic can still use the routing table of the Sophos to reach corporate networks and only internet traffic will go out via another gateway.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Major XG Log Improvements

    The log would benefit from the following changes.


    1. When scrolling thru the log the column headers are not sticky.

    2. The ability to sort each column with ascending or descending.

    3. The ability to filter events using a time range and place under the "Timer Filter".

    4. Change the word "Timer Filter" to "Time Filter".

    5. Add the ability to filter on a date range. Add this button next to the "Time Filter" and call it "Date Range".

    6. Ensure export to xls downloads all entries. Seems to stop at 100 records or less.


    7. Add the ability to break the logs up on pages if…

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.