Sophos Ideas

Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory)

← Sophos Ideas

My feedback

  1. Match Rules Lookup / Search Option

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Central Management  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Have you tried using the Policy Test feature to do this. It allows you to specify a bunch of parameters for the connection you wish to test, and will tell you which firewall rule (and web policy, where appropriate) is hit.

  2. Hot spot

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Hotspot authentication relies on identifying the device by MAC address and associating that with a user. When a user is connecting from a device on a routed IP subnet the hotspot will not see the MAC address of the original device, but of the router interface.

    Captive Portal will work in this situation because it is IP-based, but it doesn't control access to the actual WiFi.

  3. Apply different load balancing condition for specific firewall

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Are there any particular options they want to be able to select from?

    What kind of load balancing are you thinking of - WAN link, WAF load balancing to servers, or HA node load balancing?

  4. restore option from local device in console menu

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Can you provide more detail on where and when this will be useful?

  5. Changing pre-shared key on one IPSec tunnel impacts all

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    When you say "it affects all the tunnels" do you mean all the tunnels are reconfigured, or just that they drop and reconnect when the configuration is applied?

  6. Zone Groups

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    How many zones do you have?

  7. Bypass IPS

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Can't you just create one rule with IPS turned off for the sources and/or destinations you want to exclude? Why do you need to duplicate every FW rule?

  8. Probe in GUI mode

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Can you please provide more information? Which feature? What would you like to see in the GUI? How would it benefit customers?

  9. VPN profile configuration notice message not required

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Which warning message?

  10. Add OpenDNS DynDNS Provider

    69 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    17 comments  ·  XG Firewall » Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Version 18 will add support DNS-o-MATIC.

  11. MAC based authentication

    67 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    12 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    https://community.sophos.com/kb/en-us/123042

    MAC binding works only in Agent Authentication mode. Captive Portal and AD SSO modes are not supported, neither is SSL VPN client.

    Please provide more details on the requirements if you need support for this with currently unsupported Auth mechanisms.

    Note there are other suggestions relating to MAC binding for SSL VPN that you should look at and consider supporting.

  12. Active directory users in multiple group not listing

    56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    6 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Although we only display the users in one primary group, we do take into account all AD group memberships for evaluating policies.

  13. Feature request - Custom security risks level

    51 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Traffic from Sophos Endpoint products have appeared as 'None' in the past because this traffic currently bypasses our web policy mechanisms and so never gets a category applied. This is being resolved in v18.

  14. Dynamic DNS - Create own providers like possible with SMS Gateways

    46 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Dynamic DNS Providers  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    In version 18 you'll be able to use DNS-o-MATIC which provides a kind of gateway service to other Dynamic DNS providers.

  15. Schedule WAF rules

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) shared this idea  · 

  16. Enforce user password complexity rules

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    9 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    There is another item requesting differentiated policies for Administrator accounts

    See https://ideas.sophos.com/admin/v3/ideas/34310923/

  17. Social Login

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Would this capability be more appropriate for the Hotspot feature? Captive Portal is intended for authenticating known user accounts to company directories.

  18. DNS Web filter

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    XG Firewall Web Filtering can filter HTTPS traffic and apply policy based on destination IP or on the server name, without having to decrypt. In v18 it can do this on any port. We also filter DNS requests with our ATP feature.

    DNS filtering would add very little value, and has its own blind spots such as when clients use DNS over HTTPS or when apps bypass DNS in other ways.

  19. Search firewall rule for an ip that never get connected to the firewall

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    Why don't you want to use the Policy Test? It will tell you the answer straight away...

  20. SCP/SFTP Support for Backups

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID - Old - Do not use Log in with your Sophos ID
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    AdminRich Baldry (Senior Product Manager, Network Security Group, Sophos Features & Ideas Laboratory) commented  · 

    To be clear - by SFTP you mean the protocol that runs over SSH, not FTPS which runs over SSL/TLS.

← Previous 1 3 4 5 6

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.