XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Detection Requests  ·  Flag idea as inappropriate…  ·  Admin →
  2. Web: Blocking based on keywords in URLs

    Can you please add the ability to block based on keywords. This feature is extremely useful when attempting to sell to a school or charity, or any organization.

    This feature is available in SG UTM.

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. IPSEC tunnel bandwidth

    Reporting on data transferred over IPSEC tunnels, broken down per-tunnel, showing application usage and other breakdowns to see how the bandwidth is being consumed.

    26 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  4. Override hostname in Cisco IPsec Client

    Override Hostname in Cisco IPSec VPN Client Section in case where firewall is NATETD...

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Bandwidth usage stats for QoS policies

    Can we have the ability to view the total bandwidth used on a confiugured QoS policy?

    E.g, if we have set 1Mbps on total streaming media, how can we see that the QoS policy is working and the total consumption?

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ability to do bandwidth and speed tests for the WAN interfaces.

    I would like the ability to run speed tests and check interfaces errors for WAN testing.

    121 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability to check multiple networks for the local network on the VPN page.

    I would like to see the ability to add multiple networks, at the same time, to the VPN Local network box. Just like the Remote network section.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add Support for Novatel U620L

    Novatel U620L is listed as "Can be added" in the cellular modem compatibility list for SFOS.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Firewall rule id when editing

    It would be great if we could see the Firewall Rule ID in the "Summary" section when editing a rule.
    We use the rule ID in our firewall change log and it can be useful to see the firewall rule id in when editing the specific rule.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Multiple SAA certificate

    User can have more than one certificate attached, where admins can upload certificates and attach to users.

    https://community.sophos.com/products/xg-firewall/f/authentication/94053/authentication-client

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Support for DNSSEC (Domain Name System Security Extensions)

    Please add support for DNSSEC (Domain Name System Security Extensions) to XG-Firewall.

    Thanks

    40 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. PFS

    In order to avoid warnings due to deficient email encryption, should be installed as soon as possible a PFS encryption in the XG.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Active directory users in multiple group not listing

    we have synced AD server to sophos XG ,but if we expand a groups no user's listed, if the user exist in multiple groups.Please enable this feature

    61 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. DMARC Support

    Please add DMARC to the E-Mail Protection. More Information under https://dmarc.org.

    This is a very important Security Feature for us.

    Thanks

    87 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Local Service ACL Exception Rule default action

    Please change the default action in the Local Service ACL Exception Rules from drop to allow.
    I already locked out myself twice. Makes now sense to me that this is drop from default.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Local Service ACL Exception Rule Custom Services

    Please could we have the ability to add custom services to the Device ACLs? I need to add 6677 and 5566 to get the STAS to work when the firewall is a breakout point for an MPLS solution as it is being blocked by the Local ACL (according to the onboard packet capture).

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. SSL VPN settings should be per-profile

    In SSL VPN there is limitation of setting up source (DHCP range)networks, there is no option to create another VPN setting (P1 and P2) for different VPN profile.

    which is important for Multi profile VPN configuration for different department and access.

    22 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. AD Loose Integration

    This feature will allow you to create custom groups without interfering with the active directory. This feature worked very well on Cyberoam.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Export Logs to a .txt, .csv or .xls file

    We need the ability to EXPORT LOGS in EVENT VIEWER (all options) to a txt, csv or xls format.
    And not just the first page, but all the pages or option for x # logs pages. When trouble shooting its so much easier to export all the data to excel and then filter out the garbage and just look into the relevant data.
    I do this in WatchGuard right now and it makes finding needles in hay stacks a lot easier.

    The reports are their, just add the functionality to EXPORT.

    28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add ERROR only log level

    Make less verbose STAS log. It is useless to track every debug or trace event when everything is working properly.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.