IPv6 MLD2 support

The ability to ignore Logoff requests issued by RADIUS accounting - similar to the feature found in STAS. This is because many wifi providers issue STOP frames as devices roam to RADIUS Accounting, which can cause temporary internet disconnections when roaming.

Can a feature/checkbox be added to auto-launch the VPN client upon successful authentication to the User Portal? This would simplify the user experience so they only have to login via a web-browser and not actually start a client first. Sonicwall can do this with NetExtender and simple check-box "Launch VPN Client after login".

XG does not have a anti-portscan feature. Please vote it!

It would be really nice to have a chrome extension for the XG firewall to identify a Chrome user using a Chromebook. This way we could identify user or Group to use certain rule sets. This would also be great reporting purposes.

Allowing to set application bandwidth based on the percentage of the WAN bandwidth available will make enable copying configs from firewalls with different total WAN bandwidth. Moreover will make it a less hassle to upgrade or downgrade WAN bandwidth in the future. This feature would greatly enhance the settings for MSPs or vendors who send out pre-configured firewalls.

Smtp malware scanning support with add user/network policy

Not scan smtp malware with user / network policy.
I want this function to be supported

For Sophos XG:
Routers like OpenWRT do not know the IP address when a client connects and can only report the MAC to the firewall. If this firewall is also serving as a DHCP, it can match the MACs ( from accounting message and IP lease) and thus, the Framed-IP-Address attribute is not required any more.

Couldn't find it previously suggested, so want to throw this in the mix. It would be awesome if we could host WPAD file locally on the XG unit. If I missed it in the documentation I'd appreciate if someone corrected me.

It would be useful to be able to create hotspot vouchers with starting and ending validity , and also to schedule the creation of them

Some core functionality for other wireless chipsets should be provided, even if it isn't "guaranteed perfect".

For example, ath9k (Atheros) drivers ship with XG, but cannot be loaded because of a version conflict with a dependency. Atheros chipsets are the most compatible with other linux, and considered to be "100%". The code is all there, and being used in production by other manufacturers.

Sophos XG Home isn't usable in my circumstance because it doesn't support common wireless chipsets, which is needed in my home. Purchasing a Sophos wireless appliance is possible for my company, but not for me at home!

Installer should support serial interface. It's already text-based. XG supports the serial interface once it's installed.

Lots of hardware doesn't have a GPU, such as many AMD G-series, and requires a painful hack to install it - such as using alternative hardware and hot-swapping memory, or doing a "blind install", copying keypresses from a virtualized installer. This should be a trivial improvement that would make installation 100x better!

It would be great if the DHCP configuration could be simplified.

1/ Make static IP from an assigned IP would be great.
2/ It would be nice to have a single DHCP pool with exceptions/exclusions/static assignments within that pool or outside that pool.

References:
https://serverfault.com/questions/768655/how-dhcpd-handles-static-ips-vs-dhcp-reservations
https://linux.die.net/man/5/dhcpd.conf

Please add guest access menu on captive portal like UTM 9

Bring back the captive portal session timeout like UTM 9, in XG if closing the window after login is the same as logout.

Please can we have an Outlook add-in which will allow users to blacklist with a single click.

I love the daily digest which allows users to release false positives but there seems to be no function for undetected spam which makes it through.

Thanks

It would be better adding if there are operating systems and device types maybe device brands in source networks and device when creating a firewall rule.

For example;

LAN
Source Networks and Devices : IOS,ANDROID, (LINUX,WINDOWS.. etc.) (Maybe dell,hp,samsung,sony, apple, asus.. etc.)

During Scheduled Time : All the Time
Destination & Services

WAN
Destination Networks : Any
Services : Any

There is no Application Specific Signature for Ring Central, which means we can't apply Application-based Traffic Shaping Policy for it.

Please add Ring Central as a defined Application.

See below:
https://community.ringcentral.com/ringcentral/topics/how-do-i-troubleshooting-call-quality-issues-qos
https://www.ringcentral.com/support/qos-router.html?_ga=1.41909153.2038724511.1480961611

It would be amazing if Sophos added support for this WLAN USB NIC.

It would be great to have integration of Office 365 multifactor authentication process (ability to use it to protect vpn connections for instance)