Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

Akos

My feedback

  1. 6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
    An error occurred while saving the comment
    Akos commented  · 

    Stuart, I am pretty certain that this feature request is about supporting SMTP AUTH, which is described in RFC 4954. Actually, RFC 6409, referenced by you, says the following in section 4.3:
    "The MSA MUST, by default, issue an error response to the MAIL command if the session has not been authenticated using [SMTP-AUTH], unless it has already independently established authentication or authorization (such as being within a protected subnetwork)."

    While this does not make SMTP AUTH mandatory, it strongly implies that SMTP AUTH is the only valid method of authenticating nomadic users (i.e. those not coming from a protected network like an internal network or a remote access VPN). Even the Wikipedia page you cited gives SMTP AUTH as an example.

    This way nomadic users have no way to send email via the firewall. Another feature that is supported by UTM and basically everybody else except XG. I am sure you are not suggesting that port 587 should be forwarded (by DNAT) to the internal network, I am just misunderstanding your comment.

  2. 34 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Akos commented  · 

    This is another one of those many SG features, which is not needed very often, but if you happen to need it, you are really screwed on XG.

    Akos supported this idea  · 
  3. 786 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    75 comments  ·  XG Firewall » Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  4. 56 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  5. 78 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  6. 16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  7. 28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Akos commented  · 

    This is absolutely necessary. Right now there is no way to filter for anything in the headers, only the body and the envelope.

    Akos supported this idea  · 
  8. 109 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  9. 156 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  10. 142 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  11. 295 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    36 comments  ·  XG Firewall » Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  12. 785 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    97 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  13. 374 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →

    This is being considered. The current intention is to add a superadmin role, making the default admin account just a member of that role.

    This will allow you to create new superadmin accounts, capable of logging into the shell, adding ssh keys, and any other features limited currently to the named admin account.

    Second, you will be able to disable or demote the named admin account.

    Akos supported this idea  · 
  14. 317 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  15. 336 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    18 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  16. 498 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  17. 474 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    64 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  18. 105 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  19. 38 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  SG UTM » Mail Protection  ·  Flag idea as inappropriate…  ·  Admin →
    Akos supported this idea  · 
  20. 61 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  SG UTM » Networking  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Akos commented  · 

    Also, GRE over IPsec would make all the UTM advanced routing features possible (policy routing, dynamic routing) that are currently impossible with the policy-based IPsec implementation in the UTM.

    Akos supported this idea  · 
← Previous 1 3

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.