Firewall Management in Central

Suggest, discuss, and vote on new ideas for Firewall Management in Sophos Central. Powerful enterprise and multi-customer management for Sophos XG Firewall.


Firewall Management in Central

Suggest, discuss, and vote on new ideas for Firewall Management in Sophos Central. Powerful enterprise and multi-customer management for Sophos XG Firewall.


  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Try to contact the server SQL

    https://trac.edgewall.org/wiki/TracUsers
    You can find the programs and software they are using

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  2. AD based Admin-Group

    It would be great, if the firewall decides automatically based on a defined AD-Group, if the User is an Firewall-Admin. This would simplify the User/Admin-Management in centrally managed environments with multiple Administrators.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  3. Synchronize User Database inside a Group

    It would be a big profit, if we were able to synchronize the AD-Users over the central group to prevent the manual registration on every single firewall cluster. Especially if we need to add an administrator, it is currently needed to register the user on every device. Also changing passwords would be a burden with multiple firewalls. That must be centrally managed.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable hosts and services import from XG's, XML, and CSV

    Functionality in Central to import lists of everything found under the "hosts and services" area in XG's such as ip hosts, ip host groups, fqdn hosts, fqdn host groups, services, etc would enhance bulk management capabilities and reduce time required to deploy these. This should be possible to do from CSV + XML files and by querying managed XG's to directly import locally created hosts and services from those for deployment from Central to other XG's. Also see https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/33035827-import-fqdn-s-cidr-lists-from-csv-or-txt

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. The number of firewalls for a group should include the number of all firewalls of all its subgroups

    If you use groups, subgroups, and subgroups in those, the groups will only show the number of firewalls in that group. If you only have firewalls in subgroups of subgroups, the top group and subgroup will always show (0). The number should include all firewalls in subgroups of a group, and all the firewalls in their subgroup, so a group always shows the correct number of firewalls managed by that group, be it directly or per inheritance of policies.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  6. reordering, grouping and renaming of firewall rules

    since SFOS 17 we are able to
    - group firewall rules
    - move firewall rules aswell as groups to change their position (and therefore the processing order)
    - automatically assign firewall rules to the first matching group (if selected)

    in central firewall manager none of this is currently possible, i.e. groups are not supported and you cannot change the position of rules

    in addition you cannot rename a rule after it has been created

    all of this should be possible via central. In the current state rule handling is unusable for our customers.

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add the rule group option in the rules and policies

    As it's possible to add groups of rules in local, it would be nice to be able to do the same directly in central...

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  8. Move and copy firewall groups

    I am in the process of setting up groups for my locations and just came to the realization that I should place another group in between my current top level and children. Unfortunately, this means that all of the configuration that I've already completed on the children will need to be redone on newly created groups. Thankfully, I'm early in the process, but this still represents several days of work to get them synced.

    I would like to see the ability to move groups within the hierarchy, or at least provide a way to export/import or copy group policies to…

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  9. Central Firewall Manager Alert Policy Editing

    Please allow other admins to edit the Alerts profiles in CFM. Currently, only the admin that created a Alert Profile can edit that profile.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  10. Rename Objects and Description field

    It would be very helpful to be able to rename objects that have been created as changes are often required. I would also suggest the addition of a description field.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Configure and Manage VPN Communities

    With our previous firewall vendor, we were able to configure VPN communities and then push this configuration out to all of the involved devices. In doing so, we would only have to configure a few parameters, and all of the required VPN connections would automatically be built.

    In the previous case, this was controlled separate from the firewall policy. A similar method would be to have a special VPN group where you could note which devices should participate. Central would then determine all of the VPN connections that needed to be created and execute the changes necessary to bring them…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  12. Creation and editing of existing VPN configuration for Firewall Group

    Allow creation of new VPN configurations and editing of existing VPN's.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Group Management  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.