XG Firewall
Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.
-
Allow to use the userPrincipalName
Hi please use userPrincipalName instead the fuuuu... sAMAccount with 20 letter limit.
5 votes -
Support for Microsoft DirectAccess in XG
Accessing server resources using Microsoft DirectAccess feature so that remote users don't need to use traditional VPN. So there should be a way to port forward necessary ports/services in Sophos XG firewall for allowing access
11 votes -
Email protection enduser Whitelist
Sending on behalf of client:
Like the UTM 9 and email appliances allow users to create their own whitelist/allowed senders from the user portal. Rather then having an Admin create a list for each individual user have the ability for the endusers to modify their own list.
21 votes -
Wi-Fi Support multiple Radius Server
XG can use only one Radius server to authenticate users when they are connecting to Wi-Fi networks. Please remove this limit. If the single radius goes down, clients cannot authenticate.
7 votes -
Access ID - Available for Partners
Sophos support can connect to XG appliances using Access ID (once enabled by customer). This option should be available for partners too. This can simplify our troubleshooting without using third-party utility or have a long list of SSL VPN.
4 votes -
Allow Wildcard Support for Email Domain Filtering
Would be very helpful to be able to create content scanning rule using wildcard to filter known spam/spoofed email top-level-domains.
Example:
Filter rules using *.xyz, *.dot, etc. instead of domain1.xyz, domain2.xyz, domain3.xyz, etc.
*.dot45 votes -
Supports for Intel I219 Chipset
Realeased in Q2 2015, the Intel I219 chipset has been gain popularity and is used in many oth there new products. It would be nice to see support added for this chipset.
22 votes -
WE NEED AUTO CONNECTING TUNNEL IPSEC VPN
IPSEC VPN MANUALLY WE HAVE TO INITIATE THE TUNNEL. PLS CHANGE THE SETTING. WE NEED AUTO CONNECTING TUNNEL. EVERY TIME. WE HAVE TO IPSEC THEN CLICK THE TUNNEL. ITS PROCESSING MORE TIME.
12 votes -
Add DHCP MAKE AS A STATIC IP. PREVIOUSLY SG OS HAVE THIS FEATURE
Add DHCP MAKE AS A STATIC IP. PREVIOUSLY SG OS HAVE THIS FEATURE
3 votes -
Shedule Installation of updates
It would be very helpful to set the date and time of the installation of updates.
Not only every day, every 2 days, every week..9 votes -
mac
Allow a user to assign mac addresses to their account so they do not have to authenticate on the specific device. Presently if there is no browser available to authenticate through the captive portal then the device will not function (this is the case on playstation 4 console and some phones.
3 votes -
Improved Multicast Routing
Sonicwall firewalls have the capability to adjust multicast reception on interfaces which is useful to implement Apple Airprint across different VLANs. I have been unable to get Airprint to function using the XG105. I'm hoping the functionality is improved or I'll be forced to switch back to a Sonicwall.
8 votes -
custom vpn config file
I think that VPN SSL Remote connection needs to have a custom imput filed where we can inser the Firewall FQDN or Pubblic IP that we want to have on the vpn config file that users can daownload from Web User portal.
If you have firewall behind a NAT or multiple WAN you colud choose the VPN SSL Wan interface o bypass NAT problems.6 votes -
SPX PDF Inline Attachment Improvement
When a recipient receives an SPX encrypted e-mail with inline photos the photos do not appear in the PDF file and are instead attachments inside the PDF. Why not render the e-mail with the photos exactly as it would look if it were received in an e-mail client. We have a customer who has a great deal of difficulty explaining to the recipients how to retrieve the pictures that are attached inside the PDF especially those who use smartphones or tablets to receive the SPX PDF. If they could just open the PDF and see what they need to see…
5 votes -
Block Files Upload in Webmail
The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)20 votes -
To have VPN Wizard: Configuring Failover on Sophos Firewall Manager
On Sophos Firewall Manager to have Configuring Failover on VPN Wizard
2 votes -
VPN Wizard: No NAT-T and other aspects
For Sophos Firewall Manager to have NAT-T and other aspects on VPN wizard
2 votes -
To have status of all IPSec connections on Sophos Friewall Manager
To have status of all IPSec connections on Sophos Friewall Manager
5 votes -
Possibility of granular Management like UTM
The XG is the next step to ACI but there are things that aren't right:
- creat a LAG need to have a IP address at least a DHCP client
- each Network will have a DHCP server which isn't needed maybe
- no chance to avaluate Automatic Processes inside the XG
- the Dashboard shows data that takes a long time while you don't even need itCreate a Pro-User Frontend like the UTM is or have a possibility to switch back to the old frontend.
Most people that contribute on Sophos UTM likes the transparency of the UTM…
3 votes -
WOL - Send Magic Packet to Clientless Hosts
Would it be possible to incorporate sending WOL packets to host before trying to connect to them using Clientless access?
12 votes
- Don't see your idea?