Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is still missing on v18

To be honest I like the v18 version but, of course, certain implementation need a better improvement. I posted this thread only for reporting and logging:

https://community.sophos.com/products/xg-firewall/f/logging-and-reporting/118663/reporting-and-logging-dear-xg-we-need-a-big-improvement-in-these-2-fields

and I did not complete the list as it is already long.

For the rest of the features, where I have feedbacks from my customers, the list of things to implement and improve are:

  1. Logging and reporting as described in the above thread
  2. Merge network objects. The same subnet/IP list and so on is created multiple times now. Please leave the hosts as the only source/Destination and make sure it is usable in all sections. For example, DHCP, DNAT wizard and so on
  3. Merge DHCP and DNS entries. It is a mess to understand which computer name with which IP and so on.
  4. Delete objects like UTM. Inform where the object is used before the deletion is performed
  5. Perform backup and restore via CLI. In some few cases, the box does not start completely or the UI is down. Allows admins to perform backup/restore operations via console
  6. Improve the DNAT wizard. I already had some feedbacks from the presentation I did to few customers about the new DNAT wizard. From 8 of 10 people, said: Why they removed the nice Create Business Application Rule? It was so nice and straightforward compared to other vendors and compared to the raw Server DNAT wizard? So I would prefer and suggest to have the old BAR. For the DNAT wizard, Sophos you need to include:
    1. Destination IP should be a selectable object and not an ip
    2. Possibility to choose an IPS filter
    3. Possibility to decide if the rule is enabled/disabled
    4. Enable logging by defautl
  7. Have unencrypted backup option. It is a bad options, but some small customers they cannot remember even their own password. Ability to decide if the backup is encrypted or not.
  8. Change firmware version from console. If the box does not start for some reason but the console starts, possibility to choose (ok restart the box with this firmware version). This can be done now but the process is not straightforward
  9. Change KBs to Kb/s. QoS in the industry is based on Kb/s.
  10. Flow monitor Graph where we can show to customers they bandwidth consumption and block or shape application directly from there like UTM. When I showed this during POC, in the UTM era, customers where already impressed and prompt to buy it!
  11. Customize the control center: customers are different. Every customer wants to customize their dashboard. One of the top request is the current bandwidth utilization in the Control Center. The gadget is missing!
  12. UI resolution on big screen! Change the UI framework!

Hope other users can add their top features list.

As always, I am here to improve the product!

Regards



This thread was automatically locked due to age.
Parents
  • Hi Luk, i want to comment on some of those Points with my personal opinion. (As always, please consider this as my personal opinion, not "Sophos is saying this!").

     

     

    5. I would recommend to consider another backup method, relying on the CLI is like saving Backup on the Disk(Locally) and hoping, the Disk is not broken. 

    7. Instead of using unencrypted Backups, consider using Central Management. It will resolve Point 5 and Point 7. Central stores the Backup encrypted, but you have to insert the password in Case you actually need the Backup! By downloading the Backup, central asks for a Encryption password. You do not have to memory the password. 

    8. You could start the SF_Loader by pressing Space while booting. There you could switch the Firmware. 

     

    __________________________________________________________________________________________________________________

Reply
  • Hi Luk, i want to comment on some of those Points with my personal opinion. (As always, please consider this as my personal opinion, not "Sophos is saying this!").

     

     

    5. I would recommend to consider another backup method, relying on the CLI is like saving Backup on the Disk(Locally) and hoping, the Disk is not broken. 

    7. Instead of using unencrypted Backups, consider using Central Management. It will resolve Point 5 and Point 7. Central stores the Backup encrypted, but you have to insert the password in Case you actually need the Backup! By downloading the Backup, central asks for a Encryption password. You do not have to memory the password. 

    8. You could start the SF_Loader by pressing Space while booting. There you could switch the Firmware. 

     

    __________________________________________________________________________________________________________________

Children
  • Thanks .

    I know all the points but:

    5. I saw few cases where the UI is not working at all and the XG is booting, the console and the advanced shell is available. So a command can help. If the disk is broken, we have backups via email....but consider that the backup is scheduled once a week, you potentially can loose 6 days of configuration. Not all customers want to go for Cloud. Do not neglect this aspect!

    7. Not all customers want to go for Cloud. Do not neglect this aspect!

    8. I know this option but I am suggesting to have another option available.

    Thanks

  • What else is missing

    1/. IPv6 parity with IP4

    2/.  DHCP

    a reservations within  scope

    b exclusions within  scope

    c being able to assign IP4 and IPv6 addresses to the same device

    d being able to have a device in multiple scopes that point at a specific interface

    3/. APs display the current address for the device on the SSID not all used addresses.

    4/. Not have to use RA in IPv6 to assign an address.

     

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.