XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow to use the userPrincipalName

    Hi please use userPrincipalName instead the fuuuu... sAMAccount with 20 letter limit.

    5 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    • Support for Microsoft DirectAccess in XG

      Accessing server resources using Microsoft DirectAccess feature so that remote users don't need to use traditional VPN. So there should be a way to port forward necessary ports/services in Sophos XG firewall for allowing access

      11 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
      • Email protection enduser Whitelist

        Sending on behalf of client:

        Like the UTM 9 and email appliances allow users to create their own whitelist/allowed senders from the user portal. Rather then having an Admin create a list for each individual user have the ability for the endusers to modify their own list.

        21 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
        • Wi-Fi Support multiple Radius Server

          XG can use only one Radius server to authenticate users when they are connecting to Wi-Fi networks. Please remove this limit. If the single radius goes down, clients cannot authenticate.

          7 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
          • Access ID - Available for Partners

            Sophos support can connect to XG appliances using Access ID (once enabled by customer). This option should be available for partners too. This can simplify our troubleshooting without using third-party utility or have a long list of SSL VPN.

            4 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
            • Allow Wildcard Support for Email Domain Filtering

              Would be very helpful to be able to create content scanning rule using wildcard to filter known spam/spoofed email top-level-domains.

              Example:
              Filter rules using *.xyz, *.dot, etc. instead of domain1.xyz, domain2.xyz, domain3.xyz, etc.
              *.dot

              45 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                5 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
              • Supports for Intel I219 Chipset

                Realeased in Q2 2015, the Intel I219 chipset has been gain popularity and is used in many oth there new products. It would be nice to see support added for this chipset.

                22 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  3 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                • WE NEED AUTO CONNECTING TUNNEL IPSEC VPN

                  IPSEC VPN MANUALLY WE HAVE TO INITIATE THE TUNNEL. PLS CHANGE THE SETTING. WE NEED AUTO CONNECTING TUNNEL. EVERY TIME. WE HAVE TO IPSEC THEN CLICK THE TUNNEL. ITS PROCESSING MORE TIME.

                  12 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                  • Add DHCP MAKE AS A STATIC IP. PREVIOUSLY SG OS HAVE THIS FEATURE

                    Add DHCP MAKE AS A STATIC IP. PREVIOUSLY SG OS HAVE THIS FEATURE

                    3 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                    • Shedule Installation of updates

                      It would be very helpful to set the date and time of the installation of updates.
                      Not only every day, every 2 days, every week..

                      9 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                      • mac

                        Allow a user to assign mac addresses to their account so they do not have to authenticate on the specific device. Presently if there is no browser available to authenticate through the captive portal then the device will not function (this is the case on playstation 4 console and some phones.

                        3 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                        • Improved Multicast Routing

                          Sonicwall firewalls have the capability to adjust multicast reception on interfaces which is useful to implement Apple Airprint across different VLANs. I have been unable to get Airprint to function using the XG105. I'm hoping the functionality is improved or I'll be forced to switch back to a Sonicwall.

                          8 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                          • custom vpn config file

                            I think that VPN SSL Remote connection needs to have a custom imput filed where we can inser the Firewall FQDN or Pubblic IP that we want to have on the vpn config file that users can daownload from Web User portal.
                            If you have firewall behind a NAT or multiple WAN you colud choose the VPN SSL Wan interface o bypass NAT problems.

                            6 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              2 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
                            • SPX PDF Inline Attachment Improvement

                              When a recipient receives an SPX encrypted e-mail with inline photos the photos do not appear in the PDF file and are instead attachments inside the PDF. Why not render the e-mail with the photos exactly as it would look if it were received in an e-mail client. We have a customer who has a great deal of difficulty explaining to the recipients how to retrieve the pictures that are attached inside the PDF especially those who use smartphones or tablets to receive the SPX PDF. If they could just open the PDF and see what they need to see…

                              5 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
                              • Block Files Upload in Webmail

                                The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
                                Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
                                but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)

                                20 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
                                • To have VPN Wizard: Configuring Failover on Sophos Firewall Manager

                                  On Sophos Firewall Manager to have Configuring Failover on VPN Wizard

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                  • VPN Wizard: No NAT-T and other aspects

                                    For Sophos Firewall Manager to have NAT-T and other aspects on VPN wizard

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                    • To have status of all IPSec connections on Sophos Friewall Manager

                                      To have status of all IPSec connections on Sophos Friewall Manager

                                      5 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Possibility of granular Management like UTM

                                        The XG is the next step to ACI but there are things that aren't right:

                                        - creat a LAG need to have a IP address at least a DHCP client
                                        - each Network will have a DHCP server which isn't needed maybe
                                        - no chance to avaluate Automatic Processes inside the XG
                                        - the Dashboard shows data that takes a long time while you don't even need it

                                        Create a Pro-User Frontend like the UTM is or have a possibility to switch back to the old frontend.

                                        Most people that contribute on Sophos UTM likes the transparency of the UTM…

                                        3 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                        • WOL - Send Magic Packet to Clientless Hosts

                                          Would it be possible to incorporate sending WOL packets to host before trying to connect to them using Clientless access?

                                          12 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.