Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall: v21.0 GA: Feedback and experiences

Release Post:  Sophos Firewall v21 is Now Available 

Release Notes: docs.sophos.com/.../sf_210_rn.html

Early Access EAP Thread:  Sophos Firewall: v21.0 EAP1: Feedback and experiences (EAP Thread) 

To make the tracking of issues / feedback easier: Please post a potential Sophos Support Case ID within your initial post, so we can track your feedback/issue.   

Only XGS Hardware is supported - Not XG/SG Hardware. Sophos Home is excluded, as it uses Software, which is supported. 

Firmware update from the CM will be available after the firmware is available to all. Please refer to the standard update process.

Firmware update on Sophos firewall requires a valid support subscription (of any type - paid or trial) after the first 3 free firmware updates.

Parents
  • The new alphabetical (but not alpha-numerical?) interface-name-order does not feel very natural?
    I'd expect "P1 XXX" before "P3 XXX"? - like Excel would sort a table ;)

  •  ,

    Request to provide support access id, so we can investigate further.

  • Support Access Id send via PM. You should be able to reproduce on every other appliance as well.

  • Thanks for providing access, will update investigation.

  •  ,

    In v21, we have resolved the issue with lexicographical ordering of interfaces. Previously, for interfaces like Port1, Port2...Port10, Port10 would incorrectly appear next to Port1, resulting in an order like Port1, Port10, Port2, and so on. This has now been fixed.

    Additionally, based on feedback from various users, we’ve adjusted the interface ordering to be alphabetical, with numeric values considered only when they appear at the end of the interface name. For example, PLANInter1, PLANInter2, and PWAN3 will now appear in both alphabetical and numerical order. If a number appears within the name, only the letters before the number are considered for ordering. For example, in "P2 LAN Inter," only the letter 'P' is considered for sorting, and the rest is ignored.

     Considering both numbers and letters that appear anywhere in the name would make the sorting more complex, and the lexicographical issue would persist. This was a design choice we had to make.

    In the future, we aim to further improve this and provide users with the option to customize how interfaces are ordered.

  • Sorry  but that argument makes absolutely no sense in my optinion.


    An interface named "WAN2 xyz" should always be sorted after an interface "WAN1 abc", regardless of the characters that are coming after that number.
    How many of all deployed appliances have more than 10 ports so that the "1, 10, 2" is a real world problem? In my opinion THAT old "sorting problem" was maybe reasonable for 1-10% of all firewall users while 90-99% are now suffering from the new unlogical sort order.

    Just make the interface list adjustable (drag & drop or a configurable "rank" ID number for each interface) and just don't show unconfigured interfaces (like the UTM handled that) at all. That would be an improvement, but not the change that was made in V21...


    Regards,

    Kevin

    Sophos CE/CA (XG, UTM, Central Endpoint)
    Gold Partner

Reply
  • Sorry  but that argument makes absolutely no sense in my optinion.


    An interface named "WAN2 xyz" should always be sorted after an interface "WAN1 abc", regardless of the characters that are coming after that number.
    How many of all deployed appliances have more than 10 ports so that the "1, 10, 2" is a real world problem? In my opinion THAT old "sorting problem" was maybe reasonable for 1-10% of all firewall users while 90-99% are now suffering from the new unlogical sort order.

    Just make the interface list adjustable (drag & drop or a configurable "rank" ID number for each interface) and just don't show unconfigured interfaces (like the UTM handled that) at all. That would be an improvement, but not the change that was made in V21...


    Regards,

    Kevin

    Sophos CE/CA (XG, UTM, Central Endpoint)
    Gold Partner

Children