Sophos Ideas

Do you have an idea for a Sophos product? Do you recognize a good idea when you see one? We want to hear from you!

samuel.heinrich

My feedback

  1. 18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Hardware  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
    An error occurred while saving the comment
    samuel.heinrich commented  · 

    It should be possible to read the power supply status from the cli
    here is the output from XG125 17.5.8:

    XG125_XN03_SFOS 17.5.8 MR-8.HF042920# dmidecode -t 3
    # dmidecode 2.12
    SMBIOS 3.0 present.
    # SMBIOS implementations newer than version 2.7 are not
    # fully supported by this version of dmidecode.

    Handle 0x0003, DMI type 3, 22 bytes
    Chassis Information
    Manufacturer: Default string
    Type: Desktop
    Lock: Not Present
    Version: Default string
    Serial Number: Default string
    Asset Tag: Default string
    Boot-up State: Safe
    Power Supply State: Safe
    Thermal State: Safe
    Security Status: None
    OEM Information: 0x00000000
    Height: Unspecified
    Number Of Power Cords: 1 <-----
    Contained Elements: 0
    SKU Number: Default string

    i'm currently looking into writing custom MIBs

  2. 55 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  3. 56 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  XG Firewall » Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  4. 56 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  5. 62 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  6. 63 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  7. 63 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  8. 71 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  XG Firewall » Email Protection  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  9. 85 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  10. 93 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  11. 145 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    17 comments  ·  XG Firewall » VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  12. 138 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 
  13. 9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  SG UTM » VPN  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    samuel.heinrich commented  · 

    that is truly a big issue with XG.
    With UTM Firewalls it was possible pre-create the users X509 Certs and export them all to deploy them via GPO scripts (cp %username%@...).
    But with XG the user has to login into his userportal and press "download sslvpn" to create the configs.
    I spend hours figuring out a way to do this an admin. no way. in the otherhand sophos refers to their IPSEC client which is unstable and lacks group authentication.

    samuel.heinrich supported this idea  · 
  14. 5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    samuel.heinrich commented  · 

    I feel with you. It's a huge pain.

    I'm currently deploying 70 XG firewalls and we heavily rely on tacacs and ldap auth.

    Fun fact: this already works on SFM, so there is code base around, they only need to port this over to XG.

    I described this in detail here:

    https://community.sophos.com/products/xg-firewall/f/authentication/110893/tacacs-authentication---webadmin-login-limitations

    samuel.heinrich supported this idea  · 
  15. 8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  XG Firewall » Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    samuel.heinrich commented  · 

    The underlying issue here is that the XG does not permit to create "external" users directly with admin privileges.
    Currently, the only way to give "external" user admin rights, is by creating them as normal users once and then assign them admin privileges.
    that is a huge pain in the neck if you work with ldap, radius or tacacs, because the only way to create those external users is, by let them login to the user or captive portal.
    that does absolutely not scale if you work with many firewalls.

  16. 147 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  XG Firewall » Webserver Protection  ·  Flag idea as inappropriate…  ·  Admin →
    samuel.heinrich supported this idea  · 

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.