Sophos Ideas

Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

TheMachineWhisperer

← Sophos Ideas

My feedback

  1. Assigning Multiple Groups to a Single User

    78 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  2. Customization in User Portal

    411 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    22 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    In UTM the ability to hide / disable portal categories is really useful for enterprise deployments. This absence of this feature in XG is really notable.

    TheMachineWhisperer supported this idea  · 

  3. Sophos Switches with Synchronized Security

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    You make a good point about the value of detection and enforcement at switch level.

    I'm not sure Sophos getting into expanding their focus from the core endpoint / boundary enforcement into switching would be a good move though. I think Sophos' strength is that it has product focus, it hasn't gone down the route some vendors have e.g. the "Forti-everything" approach.

    Looking at methods of integrating Sophos protections from central endpoint / XG with existing best of breed switches might be a better approach. The APIs for XG and central could already be used with vendor agnostic switch management software suites to achieve this.

    API says endpoint health has gone red, API knows endpoint IP and MAC, switch management integration to API picks up the change, identifies access port by MAC, applies ACL to port to restrict traffic only to the XG, XG restricts communication only to Sophos to support EDR / endpoint recovery.

    Cisco are trying to do something similar as an eco-system with their ISE product.

  4. VPN access to Guest users

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    Seconded, ability to create auto-expiring guest SSL VPN profiles with connection number and time restrictions for specific access requirements like temporary supplier remote support would be ideal.

    TheMachineWhisperer supported this idea  · 

  5. Weak hand shake - SSL VPN

    39 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  6. TLS 1.2 support for SSL VPN

    43 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  7. Harden SSL VPN (OpenVPN) Configuration

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  8. Update SSL VPN Client for Parity with Latest OpenVPN Features

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer shared this idea  · 

  9. Allow custom OpenVPN parameters in SSLVPN configuration

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  10. Expose more OpenVPN Configuration Options

    10 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  11. Update SSL VPN to newest OpenVPN version.

    34 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    +1 client version too please not just server for features available in the latest OpenVPN client like pull filter

  12. VPN site-to-site monitoring via SNMP

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    +1 But also for SSL VPN connections

  13. Power supply: SNMP and Web UI monitoring

    17 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Hardware  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  14. enable button on vpn ssl (remote access)

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  15. Support for HSM to Protect XG Appliance Private Keys

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer shared this idea  · 

  16. Use FQDN hosts and host groups in all policies and services

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    Agreed.

    Anywhere a host entry can be configured should permit all host/group types.

    For me specifically FQDN entries should be allowed in Device Access Local service ACL exception rules too.

    TheMachineWhisperer supported this idea  · 

  17. Allow monitor-only connection to Central Firewall Manager

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  XG Firewall » Central Management  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer shared this idea  · 

  18. Allow Configuration of DHCP Options

    409 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    17 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 
    An error occurred while saving the comment
    TheMachineWhisperer commented  · 

    Also need this to encompass being able to push DHCP options via the SSL VPN which does not have a typical DHCP server scope as with normal subnets on physical interfaces.

  19. Change warning in messages if firewall no longer registered with OR managed from Sophos Central

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  XG Firewall » Reporting  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer supported this idea  · 

  20. Support for Industrial Protocols in DPI / IDS

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  SG UTM » Network Protection  ·  Flag idea as inappropriate…  ·  Admin →
    TheMachineWhisperer shared this idea  · 

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.