I'm in the proces of setting up a Sophos XG on an Intel platform and step by step overcoming the differences I encounter from other FW products I have used. I mainly have experience with Untangle and Ubiquiti products.
The plan was to onboard all of…
Ive been asked to setup a firewall rule to allow 1 country access in. But the IP address that's showing is an IPv6 one.
Ive been into the separate IPv6 tab in firewall rules to try and add the rule in but I cant select any country group as the source…
Another UTM vs XGS comparison.
Would be nice to be able to manually bounce an email back to my internal senders. Rather than wait for it timeout (72 hours). I usually find myself figuring out how the mis-addressed it, then contacting them and sending…
Hello Sophos,
Last week (01.22.22) Sophos issued a security advisory that included that to close the vulnerabilities should be updated to version SFOS 19.5 (our firewalls ran on SFOS 19.0.1). Since we always want to close security issues promptly, we…
I haven't yet found an answer to this, so please forgive if one already exists. If not, perhaps this may serve as a potential enhancement request.
IMO, one of the most basic and integral functions of any firewall should be to allow the termination of…
Hello,
Any way to monitor VPN Ipsec status ? API , SNMP ? this , should be a basic option... im not able to find anythings in sophos mib and the API...
Did someone make it ? get vpn status like up or down ? :p
Best Regards,
Is it possible in the web filtering to apply a "warn" action with an FQDN host group as the activity? The specific situation I am thinking of is there is a website we want to configure as "warn", but then if the user chooses to proceed, then we need to…
Hi,
since the last update 19.5 there is a search window for the host and services.
I would also like this search function for the rules, it would make it much easier to search for a specific rule!
Thanks
Hi,
we are migrating from UTM to XGS and as we use SPX Encryption in UTM with custom expressions I am looking for a solution to do the same in the XGS (Email in MTA-mode) but I can find only the pre-defined DataControl Lists and no option to use custom…
Since Ideas.sophos.com has been retired and it wasn't clear if its replacement is operational, yet I went by the retirement article suggesting using the discussions.
Sophos Firewall - Feature Request - Rule Group parameters,
While working on firewall…
Hi Sophos,
Recently, during an implementation of SD-RED 60, I was faced with an impossibility to configure a VLAN connection on the SD-RED uplink interface.
Here in Portugal, ISP's provide internet connections configured with VLAN.
Here an example…
HI,
Since myfirewall.co stops working, I would appreciate if you can add the ability to add a custom option. If you cannot add that option, I would appreciate if you can add the entry for my provider joker.com/.../what-is-dynamic-dns-dyndns.html Th…
Hello,
We are using your XG firewall for a couple of months now. I'm very glad with the product, however I have a request.
We are factory of food products and cooperate with a lot of suppliers of machines for the production proces. This suppliers…
Hello everyone,
Is it possible to create custom WAF configurations without It being overwritten every time you edit or create a new WAF Policy ?
I need to add both "AllowEncodedSlashes NoDecode", and "nocanon" at a certain WAF Policy.
Thanks!
Hi,
is there a way to monitor realtime bandwith usage of individual Site2Site VPNs?
So far, i could not find any graph displaying VPN bandwith with history or realtime values. In the latest XG Academy webinar i was told to monitor using CLI and "iftop…
Good Day,
when you have enabled blocking of unknown Websites and you are surfing on unusual websites such as personal websites of small companies or blogs you always have to submit thousands of Websites for categorisation because they are unknown…
Hi,
Can you guide me on the Sophos XG models that support WAN optimization? I am looking WAN optimization for my one of client and my office also.
Regards,
Deepak Kumar
I have enabled the Sophos Notification to inform me on Gateways status changes and it come to my attention that when you have just one WAN you only receive the notification when the wan is back. That makes sense since without connection there is no way…
Using ACL, on XG, is possible to assign services to zone and not to IP. How can we restrict services like:
MTA
L2TP
PPTP
SSL VPN
USER PORTAL
to a specific IP?
This Feature request has been closed:
https://ideas.sophos.com/forums/330219…
Hello,
URGENT!
I have recently noticed that they left out any way for "Users" or Admins to "Whitelist" email addresses that are getting quarantined. I have to go sort through the logs to try and find out why the real estate agent that sends mail to…
Hello,
We need a way to "effectively" block the Internet Attacks to the email system from things like "YLMF-PC" and other well known Internet Threats. We are currently seeing huge numbers of garbage emails tying up the processing power of the firewalls…