XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support Multiple Forest not Trusted

    STAS rocks! Anyway if you have to manage multiple Forests (not trusted) the XG cannot accomplish the task. Other vendors support this feature. This feature gives to XG a step further for use it in big environment.
    When you will implement this feature, you should allow the Admins to decide if split the XG in multiple firewall (virtual firewall feature http://feature.astaro.com/forums/330219-sophos-xg-firewall/suggestions/11262702-virtual-firewall) or not.

    Thanks.

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Authentication clients  ·  Flag idea as inappropriate…  ·  Admin →
  2. Availability Groups

    In the UTM I had a "Public DNS Servers" availability group, which was listed in "DNS Forwarders". I found this to be the best way to maintain reliable DNS forwarders in the UTM. Currently there is no way to create availability groups in the XG, let alone use them for DNS forwarders. I miss this feature.

    63 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add navigation to first and last page for multipage displays

    In log files and in other areas of the UI where there are multiple pages presented, you can only go right or left one page at a time. A multipage selector with first and last controls would be ideal. But at a minimum be able to go to first page/last page directly. When paging through a log, it takes a long time to get back to the first page.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. Web portal to view secure email

    The SPX Email Encryption is an awesome feature used by many of my customers. However, it's not always trust by recipients because everyone these days are taught not to open unusual emails. The likes of UK Government and Barclays send an email to you to say there is a secure document waiting in their portal. So you logon and see that document and have the choice to save it locally.

    What would be awesome is this same/very similar feature on the UTM/XG, so you still have the SPX encryption engine but the email/pdf is held on the device for X…

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. RED: Webfilter Agent or Module on RED for local web breakout.

    Lots of customers love the idea of the Sophos RED, but they are less enthusiastic when they learn about the web filtering limitations.
    The remote site must have an Internet connection as this is what the RED uses to connect back to the central SG/XG, but if they use this for direct internet access, they have no web protection features. If they backhaul web traffic to the SG/XG they get web filtering, but waste a lot of bandwidth in the process.
    I am suggesting a RED, that allows local breakout, but has a local web filter proxy controlled transparently by…

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add Lookup for Message ID on Security Policy Log

    Security Log Denies shows a 'Message ID' but there is nowhere to look up what the message is saying.... even an on-line table with the ID's and maybe a link from the ID in the log or even a link on the page to the table would be muchly appreciated. WE see that its getting denied? Why is it getting denied? For instance what is 01001 message ID?

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Use the userPrincipalName (email style) for AD users

    Hi please use userPrincipalName instead the fuuuu... sAMAccount with 20 letter limit.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Wi-Fi Support multiple Radius Server for failover

    XG can use only one Radius server to authenticate users when they are connecting to Wi-Fi networks. Please remove this limit. If the single radius goes down, clients cannot authenticate.

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Access ID - Available for Partners

    Sophos support can connect to XG appliances using Access ID (once enabled by customer). This option should be available for partners too. This can simplify our troubleshooting without using third-party utility or have a long list of SSL VPN.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allow Wildcard Support for Email Domain Filtering

    Would be very helpful to be able to create content scanning rule using wildcard to filter known spam/spoofed email top-level-domains.

    Example:
    Filter rules using .xyz, .dot, etc. instead of domain1.xyz, domain2.xyz, domain3.xyz, etc.
    *.dot

    68 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Supports for Intel I219 Chipset

    Realeased in Q2 2015, the Intel I219 chipset has been gain popularity and is used in many oth there new products. It would be nice to see support added for this chipset.

    24 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Improved Multicast Routing across VLANs

    Sonicwall firewalls have the capability to adjust multicast reception on interfaces which is useful to implement Apple Airprint across different VLANs. I have been unable to get Airprint to function using the XG105. I'm hoping the functionality is improved or I'll be forced to switch back to a Sonicwall.

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. custom vpn config file

    I think that VPN SSL Remote connection needs to have a custom imput filed where we can inser the Firewall FQDN or Pubblic IP that we want to have on the vpn config file that users can daownload from Web User portal.
    If you have firewall behind a NAT or multiple WAN you colud choose the VPN SSL Wan interface o bypass NAT problems.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. SPX PDF should render image Attachments inline

    When a recipient receives an SPX encrypted e-mail with inline photos the photos do not appear in the PDF file and are instead attachments inside the PDF. Why not render the e-mail with the photos exactly as it would look if it were received in an e-mail client. We have a customer who has a great deal of difficulty explaining to the recipients how to retrieve the pictures that are attached inside the PDF especially those who use smartphones or tablets to receive the SPX PDF. If they could just open the PDF and see what they need to see…

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Block Files Upload in Webmail

    The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
    Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
    but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)

    27 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. VPN Wizard: No NAT-T and other aspects

    For Sophos Firewall Manager to have NAT-T and other aspects on VPN wizard

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Central Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Wake On LAN - Send Magic Packet to Clientless Hosts

    Would it be possible to incorporate sending WOL packets to host before trying to connect to them using Clientless access?

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. SPX - Sender Notifications

    When sending an encrypted e-mail it would be nice if the Sender would receive confirmation from the appliance that the e-mail was indeed encrypted and sent to the recipient. Could you add this as an option in the SPX templates if it isn't already there?

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Network Threat Reports - Links to Tools

    It would be awesome if you could make the link for an Attacker's IP address take us to a place like CentralOps.net or even the built-in tools so we can reverse DNS the IP address to figure out if the threat is credible or not. Also awesome would be the ability to then block that attacker permanently by creating a firewall rule to reject traffic from that specific address with a simple button click.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Device Specific Authentication

    UTM allows us to configure different web profiles where different device-specific authentication can be set.

    This is very useful in environment where BYOD is required and more than one profile is needed.
    So inherit from UTM.

    76 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.