Hi All,
I migrated my home box from MR7 to v17 and all good.
In my case, the IPS did not start automatically after the reboot.
The other thing is the UI is faster than v16 but the Network menu is very slow compared to the others. I have only 2 NICs and 2 VLAN.
Last thing, where is the policy test?
Hi All,
in my personal opinion i will change:
- NAT and WAF Rules on different pages. Firewall ACL is another security concept
- on Dashboard no Health status about Power redundancy
- on Dashboard no Health status about disk, or mirror disk. Only one way to discover problems is to go on DataCenter room and listen to the alarm...
- on Dashboard on Web Hits, we would see the number of HTTPS connections and HTTP
- We need a full log export, in case on Deep analysis on Forensic analysis. Reports are goods for Executive and for POC but you partner need to be able to answer who did what,when, wich protocol and wich port where used.
- IPS Engine/Policy. If you need to exclude a single signatures only for a restricted number of users/pc you need to create two rules and play with priority: ok, but if you are on middle market customer how many rule you need to do to secure the customer? This is the same for Application policy
- About metrics, decide to Use Kbit (kb)or KByte (KB), but with the right Sintax.....If you play whit BWM too many misunderstanding on the GUI and Documentation
- Help us with O365 creating an Hidden Feed RSS to automate the download and the population of O365 IP/FQDN service to exclude from Proxy. Too many errors and problems about it.
Thanks
I have always complained about the static gui. It shows very limited information and most of it is not important as a snapshot. Also completely agree with kilobit and kilobyte problem. It is really not that difficult... ALL live traffic including QoS rules should be in kilobit/mbit since we get the traffic from our ISP in kilobits/megabits and our network cards are also in megabits/gigabits etc. However the aggreagate traffic, like how much traffic did TOM use or the total amount of traffic should always be in kilobytes/megabytes etc. Maybe v18...
Edit: On a side note, I have a different bug report about the firewall passing all traffic as soon as it is connected to the network. Did you guys know about this behavior? It has been there since v16[:#] https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-issues-bugs/96108/bug-firewall-starts-passing-all-traffic-before-running-the-wizard
Hello Alan,
in your post you mention v17.1, v17.2 and v17.3. but you did not mention what features and functions do you plan to implement in these versions, and especially when we can expect these versions. This is for us as your long-years partner the most important thing. I am constantly forced to promise our customers that their required features will be finally implemented and they are still not implemented yet. I've heard and seen so many great promises that I do not believe them anymore.
I really appreciate a specific list of features and dates when they will be implanted. And I can understand that in a few cases some features will not be implemented. But I'm really tired of more than two years of endless promises when and what will be done.
Your marketing is really devastating and under its influence users expect the presented features to be implemented, but they are not, and in this situation we have been living for more than two years.
It's really tiring and frustrating.
alda
I feel like you, Alda and many other users and partners I know. Sophos will see a nice bad trend in their sales soon, because many Users and Partners I know around the World will not renew the XG license and will move to something else.
Sophos sales did a great job on contacting partners and telling them: "I have a nice offer if you buy a couple of XG, with Full License per 3 years. Can I use the XG as I do for UTM? Yes, it is the next generation".
It is not a blame of the Production Team but this is how the market and Organizations work. People like AlanT and Michael Dunn are pressed and they need to work hard and quick to produce more, so quality goes into the bin.
Check how many users joined the beta v17 compared to v16. This is the truth!
I am not disappointed......more than disappointed. At this time, UTM was at version 10 with many more features. In another post, I red that the WAF module will support RDS 2016 not before 2019....Unbeliavable!
They did a big mistake to continue to develop and improve Cyberoam OS instead of really starting from scratch! They could even take 3 years, because UTM is still there and it is still sellable!
I am not a Sales man but 1+1= 2. The math is not an opinion!
ya UTM 10 would have been cool, lots of potential wasted.
Who needs a good product when you got a great marketing. The reality will catch up in sales and resubs.
We keep getting E-Mails about awards that XG is winning, its kind of sad if you think about it. But their marketing works.
---
Sophos UTM 9.3 Certified Engineer
Hello luk,
you are right, the number of participants v16 vs. v17 can be easily traced, see here https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/ or below is result.
It is a devastating result.
Regards
alda
SFOS v16 Beta Read Only Last Activity: 17 hours ago 1313 members
SFOS v17.0 Beta Last Activity: 1 month ago 584 members
My view may be quite different from normal users and partners. I have no idea what material was presented to you guys. From my perspective every feature that we planned to do at the start of v17 development was completed. I know this is true for my team, and I suspect it is true for most teams. So when I hear that there are "unfulfilled promises" I wonder - what were those promises?
If partners are "I am constantly forced to promise our customers that their required features will be finally implemented and they are still not implemented yet" then that is not Sophos promising and failing to deliver on that promise. That is a partner hoping, and Sophos not meeting that hope. Its a bit different.
If Sophos asks for feedback or feature requests, then says "We will take your input into our plans for the next version" I don't think people should take that as a promise.
"I've heard and seen so many great promises that I do not believe them anymore." Please give examples.
I fully expect and understand criticism over the fact that there are features people want and we don't have them.
But I take issue with criticism that we promising features that we are not delivering. To my knowledge we are not doing that.
1) Customers ask for features
2) Managers plan what features will be in next release
3) development starts with expected feature list
Six months pass...
4) development ends with 95-100% of feature list complete
5) Customers complain that promises are not fulfilled
From my perspective from 2-4 everything (or at least almost everything - I cannot speak for all teams) is done as per plan. So when I hear that there are promises unfulfilled I think the issue is in 1-2. Customers need to know that just because ask for something in (1) it is not a promise, and Sophos need to decide what/how (and if) to communicate (2) back to customers.
I see both sides of this honestly. I don't know that Sophos "failed to deliver" on anything explicitly promised, but at the same time features that may seem to minor to Sophos or anybody else are major when you need it and they are missing. There is also a certain amount of truth to the criticism that it is now nearly 2018 and some basic features are still missing from what is supposed to be a NGFW (anti-port scan, IPv6 DHCP-PD, just to name a couple off the top of my head). I think people expect(ed) small missing features like these to be addressed in this major release.
Maybe it would be beneficial to start a thread somewhere and hash all this out. Clearly there seems to be a gap here between some of your biggest power users and Sophos and it would be unfortunate if it does not get resolved. I have my own theory as to what is behind the angst.
I should note for the record that I'm happy with XG in general, v17 in specific, and the direction and development of the product. I'm not a partner or a reseller, just an end user.
I’d personally like to see development of v17 continue on longer then work with major releases on a 12 month cycle.
Maybe an 18 mo cycle will allow more features being developed over its version lifecycle. And also have teams work in parallel as well on the last 6 months as some work on a major release and back fill small features, security and big fixes, etc...
Michael, this discussion is pointless as people that like XG are the ones that mostly jumped on after v16. alda and others that have been using SG/UTM for a long time have legitimate complaints. No reason to point fingers as sophos has a goal and direction on what it can deliver and what is needs to deliver, however there are many instances where from the beginning, things were over promised that never got delivered due to different reasons.
This is just a forum and people are expressing their views, its fine for sophos/sophos employees not to agree with their views but please don't say promises were never made that haven't been delivered. I am not a reseller, I do this for fun (I know my wife wants to kill me during a beta) but we have all seen documents and presentations that promised big at v15 with feature parity and other stuff with UTM just around the corner. It never materialized.
I have learned to live with XG as another offering from sophos. But initially, it wasn't presented as such and even until recently, everyone was given an impression that XG was next gen and hence somehow better than SG/UTM. Who was promising and not delivering? I am not going to point fingers as whatever I say against XG is with a hope that someone at sophos will take that as constructive criticism that would result in a better product.
I will leave this old chart by sophos that many resellers took to heart and sold many XGs on the assumption that XG will not only provide everything available in UTM, it will improve it tremendously in a short period of time.
Michael,
we are complaining about missing features and what Sophos did in these 2 years. VLAN on Bridge, country blocking broken, rename interface, even having menu in alphabetic order is a dream on XG.
Logging? Finally we have a log monitoring (but even here menu are not in order, web url log takes too much width in the log viewer). XG is lacking in quality, guys!
I DO NOT UNDERSTAND WHY YOU DID NOT START FROM SCRATCH....just a waste of time!
Where is the order? Look at the console commands: show options are inside show menu and system.
Not a quite nice and well ordered when a customer look at XG.
Do I speak Martian?
Hello Michael,
this is very simple, I give you two cases that I remember:
- configurable SSL VPN port
- migration tool for migrating configuration from UTM9 to XG
I think others can add many cases of features that were promised in v17 and that have not been implemented yet.
Regards
alda
P.S. I think we're just wasting time together, maybe it's time to say goodbye
Hello Michael,
this is very simple, I give you two cases that I remember:
- configurable SSL VPN port
- migration tool for migrating configuration from UTM9 to XG
I think others can add many cases of features that were promised in v17 and that have not been implemented yet.
Regards
alda
P.S. I think we're just wasting time together, maybe it's time to say goodbye
alda said:maybe it's time to say goodbye
I'm using the Sophos XG 16 Home license on bring my own hardware. I am appreciative for the free license provided by Sophos for home users.
I'm going to rebuild from scratch (long story) once XG 17 is GA.
I am open to another option, a different product since I will be rebuilding anyway. I know my way around XG now and it has worked just fine for me. That said, if there is something better out there then I am open to it. Please let me know what options there are and where people jump ship to I do not wish to purchase an official hardware appliance since I already have my own hardware so I would be looking for software only.
thank you!
ch5525: did you try the sophos utm? you'll find a nice, polished and mature firewall product with UTM features. The only problem here is that parts have been neglected for a while, but overwall its still sellable and a great home product.
---
Sophos UTM 9.3 Certified Engineer
Ben,
A large portion of home users more than likely jumped to XG due to only having a CPU/MEM limit and not an IP address limit. Couple that with the popularity of IPv6 was an extra push to go to XG. I have been using UTM(SG) for quite some time with the 50 IP address limit and in doing so I have had to refrain from enabling IPv6 among a few other things. Keep in mind under UTM one IPv4 address plus one IPv6 address counts as two IP addresses against the home license. In todays home network the 50 IP limit can be exhausted rather quickly.
Home User running UTM active
Home User Following XG with a VM for testing and praying.
-Ron
[:D][:D][:D][:'(]rrosson said:Home User running UTM active
Home User Following XG with a VM for testing and praying.
For home users, sophos has great offerings and the clear winners are sophos UTM and sophos XG. Resellers are having trouble because they were given an impression that SG was going to be EOL when copernicus/XG was first introduced. They sold the newer XG firewalls because that made more sense and users demanded XG due to aggressive marketing. Its mostly water under the bridge but some of those resellers look like complete liars now two years after initially deploying XG.
I agree with Billybob.
XG and UTM can be used at home with no big missing features. Here the discussion and the moods are about XG that is not an Enterprise Ready Product even if it received several awards. Benchmarks use fixed tools and technique to test appliances but the real feedback is the field, the customer and threats.
lferrara If you are a home user, a geek, and/or someone who works in the cyber security field this can go either way. In my case I am all three. :) I am not a huge fan of the cloud based e-mail systems, the free or low cost hosting providers so I host my own internet presence behind my UTM to protect my assets. So the things I still see lacking in XG in no specific order are:
The above are just to name a few that I have on my laundry list of what i am watching for in XG before migrating from my trusty UTM. My biggest driver as a home user is the UTM license of only 50 IP addresses. Both UTM and XG have issues dealing with how Comcast hands out its IPv6 addresses for both a home and business class internet connections.
-Ron
Ron,
I am a Security Specialist. In my case, I follow different brand because when you perform auditing, you need to deal with different brands. I am on the community when I have free time, during the night to give my feedbacks, impressions from what I learn from the IT field. XG can work as home SOHO appliance but not in certain environment where the basic features are obvious....
XG is still far away from this approach and for well-organized OS.
