Firewall Management in Central
Suggest, discuss, and vote on new ideas for Firewall Management in Sophos Central. Powerful enterprise and multi-customer management for Sophos XG Firewall.
-
reordering, grouping and renaming of firewall rules
since SFOS 17 we are able to
- group firewall rules
- move firewall rules aswell as groups to change their position (and therefore the processing order)
- automatically assign firewall rules to the first matching group (if selected)in central firewall manager none of this is currently possible, i.e. groups are not supported and you cannot change the position of rules
in addition you cannot rename a rule after it has been created
all of this should be possible via central. In the current state rule handling is unusable for our customers.
7 votes -
Central Firewall Manager Alert Policy Editing
Please allow other admins to edit the Alerts profiles in CFM. Currently, only the admin that created a Alert Profile can edit that profile.
3 votes -
Move and copy firewall groups
I am in the process of setting up groups for my locations and just came to the realization that I should place another group in between my current top level and children. Unfortunately, this means that all of the configuration that I've already completed on the children will need to be redone on newly created groups. Thankfully, I'm early in the process, but this still represents several days of work to get them synced.
I would like to see the ability to move groups within the hierarchy, or at least provide a way to export/import or copy group policies to…
5 votesThis idea is on our backlog, though not scheduled for an upcoming release. We’ll keep an eye on the feedback here, when deciding its priority
-
Configure and Manage VPN Communities
With our previous firewall vendor, we were able to configure VPN communities and then push this configuration out to all of the involved devices. In doing so, we would only have to configure a few parameters, and all of the required VPN connections would automatically be built.
In the previous case, this was controlled separate from the firewall policy. A similar method would be to have a special VPN group where you could note which devices should participate. Central would then determine all of the VPN connections that needed to be created and execute the changes necessary to bring them…
4 votes -
Creation and editing of existing VPN configuration for Firewall Group
Allow creation of new VPN configurations and editing of existing VPN's.
4 votes -
Rename Objects and Description field
It would be very helpful to be able to rename objects that have been created as changes are often required. I would also suggest the addition of a description field.
3 votes
- Don't see your idea?