XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Collapse list of VPN connections

    Some sites have a failover group with 2 or more connections. Since only one connection is established per site, it would be nice if we could collapse the rest of the connections not used.

    When viewing the VPN connections, it would only show you one connection per site and if it’s connected or not.

    This would make it easier to see which sites are actually down.

    We have over 20 sites and growing and the list is getting harder to manage.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. Schedule Reboot XG Firewall

    Enable the feature of schedule reboot in XG like cron job.

    110 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Remove a DHCP lease

    Need to be option for remove DHCP lease IP address

    77 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Clientless users from DHCP reservation list

    If I'm making a bunch of clientless users for things like printers, IOT devices, and whatnot... odds are that I've got their IP addresses reserved in the DHCP server. It would be GREAT if you could either create a clientless user directly from the DHCP reservation list OR could select a reserved IP/host from a drop-down list when making a new clientless user.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Multiple radius authentication servers associated to multiple user groups

    On the menu Configure > Authentication > Services > Firewall authentication methods, you can only select one user group as a Default group.

    I have multiple Radius servers and multiple user groups. I need to associate each Radius server users to one user group. Right now I can only associate every Radius server to only one user group.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Social Login

    Can a feature be added to integrate the user login in the captive portal with social network users like Facebook?

    It would be very useful on scenarios like hotels.

    30 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add "Top bandwidth users" and "Top bandwidth destinations"

    Can you add Top Bandwidth Users and Top Bandwidth Destinations to the dashboard or someplace easy to access?

    43 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sophos network Agent Should have a Persistent connection iOS/Android

    Currently, when the device enters sleep mode or is locked etc the client is disconnected from the internet and is required to open the application again to gain internet access, this should be a persistent connection. Once the client has connected to the firewall for the day the Web Client inactivity Settings should apply where the client will only be disconnected when there is no activity for X amount of time.

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Bind multiple IPs on single MAC

    Allow bind multiple IPs on single MAC between different DHCP networks. We have some scenarios that need this feature and it would be very important to Sophos allow that.

    35 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. SMTP Recipient Verification

    XG lacks the SG feature of being able to query the backend AD or Mail Server to verify the destination recipient.

    By default when XG is acting as a MTA it will pass on a e-mail even if it's addressed to a user that does not exist. SG used to be able to poll Active Directory to ensure the address was valid (or you could disable this).

    This feature should be ported into XG as soon as possible.

    38 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Selfhost

    Pleasse Add Selfhost as DynDNS Provider as soon as possible. Our UTM customers cant migrate to XG with this Feature lack

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow MAC binding feature on Individual User

    Allow MAC binding feature on Individual User. Cyberoam had the MAC binding features , where i can bind the single user to its MAC id for authentication.

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Auto-disable DFS when transmit power <=50%

    Automatically disable DFS when the transmit power is set to 50% or lower on the AP’s as is allowed by the Australian Communications and Media Authority

    Switch CH bandwidth between 20, 40 and 80HMz

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allow firewall rule Summary to be copied to the Clipboard

    In XG firewalls, allow firewall rule Summary to be copied to clipboard. We would like to use the rule summary in our documentation.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Filtering log viewer by network or range of IP addresses.

    Our organization has multiple internal networks with varying subnets. Currently I can only search for the beginning string of an IP if I want to view a range and then dig through pages of records for the IP's I'm looking for. If I could generate reports on a range of IP's and/or subnet that would be great! Also, if I could download all the records at once instead of the 1 page display.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  16. GRE tunnel support for Policy base routing feature.

    The Sophos XG firewall GRE/IPsec VPN could not supported Policy Base Routing. It will get some GRE tunnel lost traffic for the specific routing on the links from the Peer GRE tunnel of the Firewall.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Current Activity Live Connection Details for User Groups

    Current Activities, Live Connection Details are not getting for User Groups, it is only for User Names and IP Addresses. So we need to check it User by User.It is too difficulty and takes more time to check individual User Name by User Name.Please provide the option to take User Group wise Current activity Live Connections details Log or Report.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  18. ACL exception rules with FQDN hosts

    For now, creating ACL exception rule is only avaiable on IP addresses, which makes our administration of Customer XG’s harder. This feature is really important for us. IP addresses may change, FQDN will however (almost) always be translated into correct IP.

    96 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    22 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Disable warnings in Control Center

    I have https and ssh enabled on the WAN and see the warning under messages.

    However, we have our router firewall the WAN IP of the XG to only allow specific source IP's to access the firewall from the WAN side.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.