Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory)

My feedback

  1. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Central Management  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Have you tried using the Policy Test feature to do this. It allows you to specify a bunch of parameters for the connection you wish to test, and will tell you which firewall rule (and web policy, where appropriate) is hit.

  2. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Hotspot authentication relies on identifying the device by MAC address and associating that with a user. When a user is connecting from a device on a routed IP subnet the hotspot will not see the MAC address of the original device, but of the router interface.

    Captive Portal will work in this situation because it is IP-based, but it doesn't control access to the actual WiFi.

  3. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Are there any particular options they want to be able to select from?

    What kind of load balancing are you thinking of - WAN link, WAF load balancing to servers, or HA node load balancing?

  4. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Can you provide more detail on where and when this will be useful?

  5. 2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    When you say "it affects all the tunnels" do you mean all the tunnels are reconfigured, or just that they drop and reconnect when the configuration is applied?

  6. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    How many zones do you have?

  7. 2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Can't you just create one rule with IPS turned off for the sources and/or destinations you want to exclude? Why do you need to duplicate every FW rule?

  8. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Can you please provide more information? Which feature? What would you like to see in the GUI? How would it benefit customers?

  9. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Which warning message?

  10. 74 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    17 comments  ·  XG Firewall » Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Version 18 will add support DNS-o-MATIC.

  11. 70 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    https://community.sophos.com/kb/en-us/123042

    MAC binding works only in Agent Authentication mode. Captive Portal and AD SSO modes are not supported, neither is SSL VPN client.

    Please provide more details on the requirements if you need support for this with currently unsupported Auth mechanisms.

    Note there are other suggestions relating to MAC binding for SSL VPN that you should look at and consider supporting.

  12. 61 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Although we only display the users in one primary group, we do take into account all AD group memberships for evaluating policies.

  13. 53 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Traffic from Sophos Endpoint products have appeared as 'None' in the past because this traffic currently bypasses our web policy mechanisms and so never gets a category applied. This is being resolved in v18.

  14. 50 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    In version 18 you'll be able to use DNS-o-MATIC which provides a kind of gateway service to other Dynamic DNS providers.

  15. 8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. 45 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    There is another item requesting differentiated policies for Administrator accounts

    See https://ideas.sophos.com/admin/v3/ideas/34310923/

  17. 30 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Would this capability be more appropriate for the Hotspot feature? Captive Portal is intended for authenticating known user accounts to company directories.

  18. 32 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  XG Firewall » Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    XG Firewall Web Filtering can filter HTTPS traffic and apply policy based on destination IP or on the server name, without having to decrypt. In v18 it can do this on any port. We also filter DNS requests with our ATP feature.

    DNS filtering would add very little value, and has its own blind spots such as when clients use DNS over HTTPS or when apps bypass DNS in other ways.

  19. 21 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    Why don't you want to use the Policy Test? It will tell you the answer straight away...

  20. 32 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    To be clear - by SFTP you mean the protocol that runs over SSH, not FTPS which runs over SSL/TLS.

← Previous 1 3 4 5 6

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.