XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. OSPF Routing Summarization

    OSPF dynamic routing should allow advertising of summarized routes. For reference Cisco's documentation refers to this behavior as "a key feature of OSPF".

    As an example, 10.0.1.0/24 and 10.0.2.0/24 in area 0.0.3.1 should be able to be advertised as only a part of the larger supernet 10.0.0.0/12 to 0.0.0.0; in this way only 10.0.0.0/12 is advertised with remote routers having no concept of the smaller subnets.

    What currently happens is if you add 10.0.0.0/12 to 0.0.3.1, it advertises only 10.0.1.0/24 and 10.0.2.0/24. This gets messy as internal routes get more complex and none of them need to be individually advertised.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Extend IPS/IDS content filter maximum file length

    The current file length limit for content filters is 2000 lines. It is important for us to extend it because many external lists are much longer than 2000 lines.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. admin log

    it is amazing, if any Firewall Rule deleted then sophos do not make logs. it is a basic report which every admin wants.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  4. Option to Generate Web Filtering Report For User's Visited Websites Only

    Hello Team,

    We have customer here requesting to have option to generate Web Filtering Report For User's Visited Websites Only. Customer advise that currently the customized web surfing report your isn’t end-user friendly at all. As a MSP, customer want and need the reporting to better align to what end-users want to see and most often that is quite simply:

    User friendly web surfing reports that clearly list the websites a user has been visiting and possibly and additionally categorize that information. Ultimately they just want the browsing history for that user.

    For your assistance please. Thank You.
     

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  5. AUTOMATIC VISIBLE DEFAULT DENY FIREWALL RULES FROM ZONE TO ZONE

    When a Network zone is added, firewall rules shoud be created with a specific "view" of zone to zone rules to help administrators to maintain firewall rules and add specific accept rules in the correct "view" of zone to zone scope by copying the default deny zone to zone rule and position with the good sequence number after verification to avoid traffic dismissing

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. flowspec alert DDOS to routing subsystems from IDS

    When DDOS attack is detected, a web page should authorize the admin to send after validation
    a BGP FLOWSPEC message with preformated tupples acl to upstream routers with network traffic limitation or drop
    just to load balance the security defense between routers and the target or intermediary firewall

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. L7, APPLICATION, AAA, self sourced firewall traffic

    self sourced traffic of the firewall services should be defined on a specific "micro service" address type loopback to simplify acl special security in the menu "system" "administration""device access" even if this special menu is greatfull

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. route map for route redistribution control between protocols

    route maps with acl defined subnets, interfaces, next hop should be usefull to mitigate routing table hijacking propagation inside severals IGPs and BGP

    "Should be used in conjonction with network namespace and vrf lite"

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. network namespaces or vrf lite

    network namespaces or vrf lite are a way to mitigate the internal private routing tables exposition to external public routing table when there is no way to build a multi level firewall architecture

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Show traffic summary in log view

    Make the log items in "Email / Log Viewer" expandable and show traffic details with time stamps like:
    - incoming connection from
    - mail from
    - mail to
    - blocked because of
    - outgoing connection

    These information is sometimes crucial to trouble shoot mail problems and is otherwise buried in log files.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Show deleted mails from quarantine in smtp log

    Please add a functionality, to show emails in smtp log, which were deleted from the smtp quarantine! If a mail gets quarantined, the smtp log shows "quarantined". But if I now delete the email, this action is not logged into the smtp log. Instead of this, if you delete mails from smtp spool, it gets logged into smtp log. Why? Please log this and show this in smtp log. If i release a mail from quarantine, this is logged to smtp log as "delivered"...

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow downloads from specific websites

    Allow the possibility to download files types from specific websites.

    i.e. Block all executable and compressed downloads except from the following websites.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. V18: option to disable SSH session idle timeout

    As per this thread V18 has 15 min. idle timeout for SSH sessions set for non specific security reasons.

    As likely most, if not all, IT professionals I always have my workstation locked, unless being right in front of it.

    Therefore there is no such security feature needed, instead is is very disrupting as it may disconnect a session half way through a configuration or troubleshooting.

    Yes, we all get interrupted at times or may need to prioritize sth. else, before returning to to our (hopefully still open) SSH session, at a later point in time.

    Idle disconnect on SSH…

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Regarding Web

    Please Add the MAC Address of System With IP Address when user download during the web url of client users. It is very mandatory things for all the Sophos Client because the DHCP lease IP address change as their particular time but the mac address remain same on the system. So Please do the needful Sophos Client and add this feature in next updates of firewall.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  15. user portal more email adresses

    On xg user cannot access to quarantine email.
    If you have 2 email domains defined, xyz.com and xyzllc.com, and emails to both domains go to the same users, the quarantine digest is sent for only xyz.com but not for xyzllc.com.

    Users shoul be able to see all the quarantine emails from all their email-adresses.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Filter Option not available in under Intrusion prevention-Spoof protection trusted MAC and its very difficult to change MAC or IP

    Please provide this option urgently in XG430 because its very difficult to find MAC or IP. I was used Cyberoam before and this option available and its very easy to use. After upgrading Cyberoam CR750ing to sophos its very difficult. Thanks for Understanding.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Close Sophos Ideas for XG firewall

    Sophos Ideas platform for XG is abandoned by the developers, customers spend time here for nothing, customers may thing that their ideas will be listen and when they notice this is a waste of time they get even more ****** off.

    So, to avoid this is better to close the platform.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. Sophos integration with Microsoft SCOM-System Center Operations Manager

    Sophos XG/iView should create management pack which includes monitoring configurations and data collection parameters tailored for specific applications and services which we can import on Microsoft System Center Operations Manager to trigger alerts/conflicts/any attacks ralated to Firewall and SCOM will create an incident against this.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  19. Log Viewer Raw Data Export

    When we customize the Log viewer & export it, we get only the last 15 min data. Which is not sufficient. There should be a date range option there so we can download full day log records. Raw data attributes are really useful for the IT Admin point. Also in the Report section, we are not getting all the raw tab features which is in log viewer. It should be there. & there should option for download all data..currently only 5,10,25,50,100,200..but if we want to download all data at single click, we can not. Report tool must need to improve..

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. Logfile retention of detailed logs

    There are possibilities to view what happens in XG with Log Viewer. But if you really want to know what happens, then you need to investigate the service log files as described here: https://support.sophos.com/support/s/article/KB-000038142?language=en_US

    These files seems to be more equivalent to the log files which we got with UTM Firewall. Especially SMTP logs with “Log Viewer” are really bad. So you need to consult the smtpd_main.log.

    These logs are rotating in two files: .log and .log.0

    We process daily 8000 email over XG MTA. With the log file of smtpd_main I am able two investigate just the last two…

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.