XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Supports for Intel I219 Chipset

    Realeased in Q2 2015, the Intel I219 chipset has been gain popularity and is used in many oth there new products. It would be nice to see support added for this chipset.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Improved Multicast Routing across VLANs

    Sonicwall firewalls have the capability to adjust multicast reception on interfaces which is useful to implement Apple Airprint across different VLANs. I have been unable to get Airprint to function using the XG105. I'm hoping the functionality is improved or I'll be forced to switch back to a Sonicwall.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. custom vpn config file

    I think that VPN SSL Remote connection needs to have a custom imput filed where we can inser the Firewall FQDN or Pubblic IP that we want to have on the vpn config file that users can daownload from Web User portal.
    If you have firewall behind a NAT or multiple WAN you colud choose the VPN SSL Wan interface o bypass NAT problems.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. SPX PDF should render image Attachments inline

    When a recipient receives an SPX encrypted e-mail with inline photos the photos do not appear in the PDF file and are instead attachments inside the PDF. Why not render the e-mail with the photos exactly as it would look if it were received in an e-mail client. We have a customer who has a great deal of difficulty explaining to the recipients how to retrieve the pictures that are attached inside the PDF especially those who use smartphones or tablets to receive the SPX PDF. If they could just open the PDF and see what they need to see…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Block Files Upload in Webmail

    The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
    Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
    but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. VPN Wizard: No NAT-T and other aspects

    For Sophos Firewall Manager to have NAT-T and other aspects on VPN wizard

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Wake On LAN - Send Magic Packet to Clientless Hosts

    Would it be possible to incorporate sending WOL packets to host before trying to connect to them using Clientless access?

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. SPX - Sender Notifications

    When sending an encrypted e-mail it would be nice if the Sender would receive confirmation from the appliance that the e-mail was indeed encrypted and sent to the recipient. Could you add this as an option in the SPX templates if it isn't already there?

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Network Threat Reports - Links to Tools

    It would be awesome if you could make the link for an Attacker's IP address take us to a place like CentralOps.net or even the built-in tools so we can reverse DNS the IP address to figure out if the threat is credible or not. Also awesome would be the ability to then block that attacker permanently by creating a firewall rule to reject traffic from that specific address with a simple button click.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Device Specific Authentication

    UTM allows us to configure different web profiles where different device-specific authentication can be set.

    This is very useful in environment where BYOD is required and more than one profile is needed.
    So inherit from UTM.

    66 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. DHCP Static Assignment from List of Leases

    On the UTM9 you could assign a static lease to a device by clicking on a Make Static button, please add this functionality to the XG.

    49 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Use E-mail Sensitivity header for SPX Encryption

    Rather than require a plugin to encrypt an e-mail can you add the option of using the Sensitivity header which has been around for quite a long time now and is used by your competition (IronPort) to trigger encryption. A simple check box in the setup of the SPX profile will be sufficient. Just seems like you are trying to re-invent the wheel with your Outlook Add-in which in its current state on the UTM won't even install on most computers without an error.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. DLP - trigger encryption based on keywords in subject

    Please add the ability to encrypt e-mail based on a keyword at the beginning of the Subject of an e-mail like "Secure" or "Confidential" or "Encrypted". This functionality already exists on the SG, can you bring it over to the XG? In lieu of this could you provide more than just a plugin for Outlook? Something for mobile devices? An extension for Thunderbird?

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. WIFI - HOTSPOT - Email authentification with report

    It's was a good idea to create just email authentification in Hotspot and to have report with all mail. Free Wifi is good but a lot of Customer want to have a revenu with free wifi.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email Quarantine and SMTP spool management

    A feature to allow Admins to do the following:
    - View and perform actions (delete, download, deliver, report FP) on SMTP and POP3 Quarantine
    - View the SMTP mail spool and perform actions (delete, download, view, bounce, retry)
    - View SMTP log, with filters, searching, sorting
    - View corrupt/undeliverable SMTP messages and perform actions (delete, download)

    186 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    26 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Web Filter exceptions based on User Agent

    I believe this is related to an existing suggestion:
    http://feature.astaro.com/forums/330219-sophos-xg-firewall/suggestions/10944024-resolve-netflix-streaming-issue

    UTM customers are able to get around Netflix streaming issues using the workaround detailed here: https://www.sophos.com/support/knowledgebase/121646.aspx
    This involves creating an exception for traffic based on its User Agent. There is no option to do this when configuring exceptions in XG as far as I can tell.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Customize Logo for SPX Portal

    Like the UTM allow for a custom logos to be uploaded and used for the SPX portal page (possibly block pages as well?). This is currently not available when making SPX templates.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Download archived Logs

    Archive and download old logs in tgz format like in UTM: Logging and Reporting > View Log Files > Archived Log Files.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Notification Rules

    At the moment no way to customize notification. I receive mail when the WAN gateway is down/up.
    You need to provide us a way to create rules where we can decide when receive notification, alert level (warning, information, critical),who will receive the notification. As soon you integrate SMS, please also allow us to receive SMS (it is an old way) but when the mail does not work....
    I would suggest you to create a panel as the Network Policy Rule rule to manage notification rules.

    392 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    37 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Network Traffic Quota warning via email

    The system should send users an email when 50%, 80% etc. of their cycles Network Traffic Quota is consumed.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.