Firewall Management in Central

Suggest, discuss, and vote on new ideas for Firewall Management in Sophos Central. Powerful enterprise and multi-customer management for Sophos XG Firewall.


Firewall Management in Central

Suggest, discuss, and vote on new ideas for Firewall Management in Sophos Central. Powerful enterprise and multi-customer management for Sophos XG Firewall.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sophos Connect VPN Client Independent Management Feature

    When users are disconnecting/connecting, XG fires email alerts and reports to Sophos Central that IPSec tunnel went down or IPSec Tunne Reconnected. This times all users operating with this client get over-reported (false positive). We use site to site VPN to other sites, so turning off these alerts is not an option. I would strongly suggest being able to manage the client's VPN alerts independently.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Scheduled firmware updates

    When firmware updates are available for my firewalls, I would like to be able to schedule when they will be installed -either one firewall at a time, or for a group of firewalls.

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Configure and Manage VPN Communities

    With our previous firewall vendor, we were able to configure VPN communities and then push this configuration out to all of the involved devices. In doing so, we would only have to configure a few parameters, and all of the required VPN connections would automatically be built.

    In the previous case, this was controlled separate from the firewall policy. A similar method would be to have a special VPN group where you could note which devices should participate. Central would then determine all of the VPN connections that needed to be created and execute the changes necessary to bring them…

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Creation and editing of existing VPN configuration for Firewall Group

    Allow creation of new VPN configurations and editing of existing VPN's.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. Import firewall settings to create a group

    As a sophos customer, I would like to be able to export the configuration from a single firewall, and use that as the starting point for a new firewall group's configuration

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Central Firewall Manager Alert Policy Editing

    Please allow other admins to edit the Alerts profiles in CFM. Currently, only the admin that created a Alert Profile can edit that profile.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Move and copy firewall groups

    I am in the process of setting up groups for my locations and just came to the realization that I should place another group in between my current top level and children. Unfortunately, this means that all of the configuration that I've already completed on the children will need to be redone on newly created groups. Thankfully, I'm early in the process, but this still represents several days of work to get them synced.

    I would like to see the ability to move groups within the hierarchy, or at least provide a way to export/import or copy group policies to…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Display Hostname on Tab or Menu

    When managing individual firewalls, please display the Hostname of the device currently being managed in the browser tab or title bar. Currently the tab displays "Sophos". This will help avoid confusion and costly mistakes when managing and configuring multiple devices.

    It would also be helpful to display the hostname next to the company name below the admin menu in the top-right corner of the each page.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Single device management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Integrate firewall licensing into Sophos Central

    I would like to have just one portal to manage my firewalls and their licenses. Integrating firewall licensing into Sophos Central, would also simplify account management, and license visibility among all of my administrators.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Centrally Change Admin Passwords

    With the recently disclosed firmware vulnerabilities requiring us to change the admin password on every appliance (twice in the last few months!), it would be extremely helpful to be able to select each firewall from the list, click a "reset admin password" link, and set the new password from Sophos Central. While we only have a small deployment of about 30 devices, it still takes a significant investment in time to remote into each device to change the password, apply firmware updates, etc. Central Administration should allow us to do simple tasks such as this without requiring us to log…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Customer dashboard features  ·  Flag idea as inappropriate…  ·  Admin →
  11. Be able to disconnect VPN users

    To have the ability in Remote Access management to disconnect vpn users that have gone idle.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Customer dashboard features  ·  Flag idea as inappropriate…  ·  Admin →
  12. Sophos XG Cluster

    it would be important so be able to identify (and modify) a XG-Cluster and its state in Central.
    Actually a cluster-member is marked as not available, which, in fact, is not quite the correct system state of a A-P-Cluster Member (for the backup-device)

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Customer dashboard features  ·  Flag idea as inappropriate…  ·  Admin →

    We are working on improvements to support of HA firewalls, and will release this in two stages. Stage one will be available in a amatter of days, allowing both members of an HA pair to be registered to Central, and placed in the same management group.

    Phase 2 will follow in a matter of months, and will make joining both devices to Central easier, and will show members of an HA pair as a single logical device in Central, reflecting the HA state, current primary device, etc..

  13. VPN connections indicators

    When customer has a lot of users working remotely via VPN to the XG it'd be nice to have some report indicating for a chosen period of time, the time of 1st connection started, time of last connection ended and total amount of time conected. When remote access is the only way to work this can serve as a kind of audit of working time for some professional profiles. So far I guess reports include amount of times and number of times. Log can show active connections and starting time of the active connections. This is complementary info

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Customer dashboard features  ·  Flag idea as inappropriate…  ·  Admin →
  14. Manage individual firewall configuration directly in Central

    I would like to manage individual firewall configuration directly in Central, so I can fully configure a device before it has even been deployed, and so that group management can be improved with smarter dynamic objects, and to more easily share configuration already made on one firewall, with other firewalls, and more easily swap in an RMA replacement firewall.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Support XG firewalls running v17.5 in group management

    As a customer with older model firewalls that may not be able to upgrade to v18 and beyond, I would like to manage those firewalls in Sophos Central

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Customer dashboard features  ·  Flag idea as inappropriate…  ·  Admin →
  16. Rename Objects and Description field

    It would be very helpful to be able to rename objects that have been created as changes are often required. I would also suggest the addition of a description field.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  17. Retain Routing Gateway in Rules and Policies

    It will be helpful and user friendly for the users if the Gateway Routing comes under firewall rule.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Use AD users and groups from Central account in group firewall policies

    I want to be able to create user-based policies for my firewall groups, using the AD users and groups that Central already knows about.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Lock objects and policies on XG created by firewall management

    I would like to restrict changes to objects and policies created from a firewall group, to protect them from local conflicts or accidental overrides. Objects and polices should be view-able but not editable when logged into the firewall locally, and it should be possible to pin firewall and NAT rules to the top or bottom, to better preserve the rule order.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Partner Dashboard support

    As a Sophos partner, I would like to create firewall groups that can apply to more than one of my managed customers at a time. I would like to use the Global policies feature available for other Sophos products, to similarly push firewall settings to multiple customers at a time.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Partner dashboard features  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.