Which fundamental features need to be re-engineered on Sophos XG

DPI feature is a step forward. Nothing to say about. Well done to the Sophos unit that worked hard on that. Appreciated it! From my point of view Sophos is putting features and features on top to stay updated with the market but we need that some pillars work. I would say:

  • Logging. Logging module is very bad. Compared to other competitors and to Sophos UTM, in most cases, tcpdump and drop-packet-capture are still needed.
  • Reporting: still reporting is bad. Check the reports you can generate on UTM9 compared to XG and you see the difference
  • Screen resolution: trial the product with an IT manager in his room where a big screen is installed and you lose already points to convince him
  • Proper command line: when admins go in the console or they need to access the advanced shell, commands are spread around without sense. Some are under systems, some under set, some under show. Please consider to have proper menu. Copy command-line style from other vendors. Now cli does not make sense
  • Delete objects: to delete an object, still need to understand where the object is used. Imagine with hundreds of rules...
  • DHCP and DNS mapping

The list can be lenghty with other small improvements but in my case, this is the desired list and the features that people, partners are waiting for. For other improvements like Kerberos, NAT (to be reviewed), DKIM, BATV and other small improvements, well done. I am very critical, you know but when I have to say "well done"  I am the first.

Hope for a better collaboration from Sophos staff and specially PM, keep going.

@Community users: add your own comments.

Thanks

Parents
  • Thank you very much for very crisp feedback.

    Based on our partners, customers and community feedback, we have been improving log viewer with every release - storage of logs, structured filter and free text search, raw logs, flexible column selection, actionable logs are series of capability and usability enhancements we have implemented in last few releases. Plus, syslogs in XG v18 are now standardized and completely redone. Underlying logging module improvement is pretty high on the priority and is on our immediate roadmap.

    XG v18 brings Central Firewall Reporting that will further enhance reporting capability for XG firewall.

    Improvements in command line, DHCP-PD, Object Searching (global search and based on Object value) and Object referencing are also high on the priority and on our roadmap.

    Thank you. Parth.

  • Thanks ,

    for replying here. I hope you understand what we are trying to saying about logging. We need all the logging we have through the command line with tail, conntrack and so forth, in the GUI.

    I hope it is CLEAR and if it is not, feel free to contact me and discuss about. Now logging through UI is 90% useless.

Reply Children