Can a feature/checkbox be added to auto-launch the VPN client upon successful authentication to the User Portal? This would simplify the user experience so they only have to login via a web-browser and not actually start a client first. Sonicwall can do this with NetExtender and simple check-box "Launch VPN Client after login".5 votes
XG does not have a anti-portscan feature. Please vote it!376 votes
It would be really nice to have a chrome extension for the XG firewall to identify a Chrome user using a Chromebook. This way we could identify user or Group to use certain rule sets. This would also be great reporting purposes.20 votes
Allowing to set application bandwidth based on the percentage of the WAN bandwidth available will make enable copying configs from firewalls with different total WAN bandwidth. Moreover will make it a less hassle to upgrade or downgrade WAN bandwidth in the future. This feature would greatly enhance the settings for MSPs or vendors who send out pre-configured firewalls.30 votes
Smtp malware scanning support with add user/network policy
Not scan smtp malware with user / network policy.
I want this function to be supported4 votes
For Sophos XG:
Routers like OpenWRT do not know the IP address when a client connects and can only report the MAC to the firewall. If this firewall is also serving as a DHCP, it can match the MACs ( from accounting message and IP lease) and thus, the Framed-IP-Address attribute is not required any more.5 votes
Couldn't find it previously suggested, so want to throw this in the mix. It would be awesome if we could host WPAD file locally on the XG unit. If I missed it in the documentation I'd appreciate if someone corrected me.21 votes
It would be useful to be able to create hotspot vouchers with starting and ending validity , and also to schedule the creation of them8 votes
Some core functionality for other wireless chipsets should be provided, even if it isn't "guaranteed perfect".
For example, ath9k (Atheros) drivers ship with XG, but cannot be loaded because of a version conflict with a dependency. Atheros chipsets are the most compatible with other linux, and considered to be "100%". The code is all there, and being used in production by other manufacturers.
Sophos XG Home isn't usable in my circumstance because it doesn't support common wireless chipsets, which is needed in my home. Purchasing a Sophos wireless appliance is possible for my company, but not for me at home!7 votes
Installer should support serial interface. It's already text-based. XG supports the serial interface once it's installed.
Lots of hardware doesn't have a GPU, such as many AMD G-series, and requires a painful hack to install it - such as using alternative hardware and hot-swapping memory, or doing a "blind install", copying keypresses from a virtualized installer. This should be a trivial improvement that would make installation 100x better!2 votes
It would be great if the DHCP configuration could be simplified.
1/ Make static IP from an assigned IP would be great.
2/ It would be nice to have a single DHCP pool with exceptions/exclusions/static assignments within that pool or outside that pool.67 votes
Please add guest access menu on captive portal like UTM 95 votes
Bring back the captive portal session timeout like UTM 9, in XG if closing the window after login is the same as logout.9 votes
Please can we have an Outlook add-in which will allow users to blacklist with a single click.
I love the daily digest which allows users to release false positives but there seems to be no function for undetected spam which makes it through.
It would be better adding if there are operating systems and device types maybe device brands in source networks and device when creating a firewall rule.
Source Networks and Devices : IOS,ANDROID, (LINUX,WINDOWS.. etc.) (Maybe dell,hp,samsung,sony, apple, asus.. etc.)
During Scheduled Time : All the Time
Destination & Services
Destination Networks : Any
Services : Any25 votes
There is no Application Specific Signature for Ring Central, which means we can't apply Application-based Traffic Shaping Policy for it.
Please add Ring Central as a defined Application.
It would be amazing if Sophos added support for this WLAN USB NIC.9 votes
It would be great to have integration of Office 365 multifactor authentication process (ability to use it to protect vpn connections for instance)4 votes
Appreciate if you could provide solution the each Interface Internet Service Provider bandwidth Utilization Report.
Appreciate if you could provide solution the each Interface Internet Service Provider bandwidth Utilization Report. I need to pull the report of Utilization of bandwidth for every month (Example: WAN Utilization of each Service Provider, how much upload and download utilization).26 votes
Google Authenticator is not working on the XG firewall but is on the UTM 9 devices. I believe it is a programming issue on the OTP Key length that the Sophos supplies. The key has "=" signs in the code which Google Authenticator does work with.38 votes
- Don't see your idea?