First impression and feedback

Hi All,

in my personal opinion i will change:

- NAT and WAF Rules on different pages. Firewall ACL is another security concept

- on Dashboard no Health status about Power redundancy

- on Dashboard no Health status about disk, or mirror disk. Only one way to discover problems is to go on DataCenter room and listen to the alarm...

- on Dashboard on Web Hits, we would see the number of HTTPS connections and HTTP

- We need a full log export, in case on Deep analysis on Forensic analysis. Reports are goods for Executive and for POC but you partner need to be able to answer who did what,when, wich protocol and wich port where used.

- IPS Engine/Policy. If you need to exclude a single signatures only for a restricted number of users/pc you need to create two rules and play with priority: ok, but if you are on middle market customer how many rule you need to do to secure the customer? This is the same for Application policy

- About metrics, decide to Use Kbit (kb)or KByte (KB), but with the right Sintax.....If you play whit BWM too many misunderstanding on the GUI and Documentation

- Help us with O365 creating an Hidden Feed RSS to automate the download and the population of O365 IP/FQDN service to exclude from Proxy. Too many errors and problems about it.

Thanks

I have always complained about the static gui. It shows very limited information and most of it is not important as a snapshot. Also completely agree with kilobit and kilobyte problem. It is really not that difficult... ALL live traffic including QoS rules should be in kilobit/mbit since we get the traffic from our ISP in kilobits/megabits and our network cards are also in megabits/gigabits etc. However the aggreagate traffic, like how much traffic did TOM use or the total amount of traffic should always be in kilobytes/megabytes etc. Maybe v18...

Edit: On a side note, I have a different bug report about the firewall passing all traffic as soon as it is connected to the network. Did you guys know about this behavior? It has been there since v16[:#] https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/sfos-v170-beta/f/sfos-v170-beta-issues-bugs/96108/bug-firewall-starts-passing-all-traffic-before-running-the-wizard 

Hello luk,

you are right, the number of participants v16 vs. v17 can be easily traced, see here  https://community.sophos.com/products/xg-firewall/sophos-xg-beta-programs/  or below is result.

It is a devastating result.

Regards

alda

SFOS v16 Beta Read Only Last Activity: 17 hours ago 1313 members 

SFOS v17.0 Beta Last Activity: 1 month ago 584 members

My view may be quite different from normal users and partners.  I have no idea what material was presented to you guys.  From my perspective every feature that we planned to do at the start of v17 development was completed.  I know this is true for my team, and I suspect it is true for most teams.  So when I hear that there are "unfulfilled promises" I wonder - what were those promises?

If partners are "I am constantly forced to promise our customers that their required features will be finally implemented and they are still not implemented yet" then that is not Sophos promising and failing to deliver on that promise.  That is a partner hoping, and Sophos not meeting that hope.  Its a bit different.

If Sophos asks for feedback or feature requests, then says "We will take your input into our plans for the next version" I don't think people should take that as a promise.

"I've heard and seen so many great promises that I do not believe them anymore."  Please give examples.

I fully expect and understand criticism over the fact that there are features people want and we don't have them.
But I take issue with criticism that we promising features that we are not delivering.  To my knowledge we are not doing that.


1) Customers ask for features
2) Managers plan what features will be in next release
3) development starts with expected feature list
Six months pass...
4) development ends with 95-100% of feature list complete
5) Customers complain that promises are not fulfilled

From my perspective from 2-4 everything (or at least almost everything - I cannot speak for all teams) is done as per plan.  So when I hear that there are promises unfulfilled I think the issue is in 1-2.  Customers need to know that just because ask for something in (1) it is not a promise, and Sophos need to decide what/how (and if) to communicate (2) back to customers.

I see both sides of this honestly.  I don't know that Sophos "failed to deliver" on anything explicitly promised, but at the same time features that may seem to minor to Sophos or anybody else are major when you need it and they are missing.  There is also a certain amount of truth to the criticism that it is now nearly 2018 and some basic features are still missing from what is supposed to be a NGFW (anti-port scan, IPv6 DHCP-PD, just to name a couple off the top of my head).  I think people expect(ed) small missing features like these to be addressed in this major release.

Maybe it would be beneficial to start a thread somewhere and hash all this out.  Clearly there seems to be a gap here between some of your biggest power users and Sophos and it would be unfortunate if it does not get resolved.  I have my own theory as to what is behind the angst. 

I should note for the record that I'm happy with XG in general, v17 in specific, and the direction and development of the product.  I'm not a partner or a reseller, just an end user.

I’d personally like to see development of v17 continue on longer then work with major releases on a 12 month cycle.

Maybe an 18 mo cycle will allow more features being developed over its version lifecycle. And also have teams work in parallel as well on the last 6 months as some work on a major release and back fill small features, security and big fixes, etc...

Michael, this discussion is pointless as people that like XG are the ones that mostly jumped on after v16. alda and others that have been using SG/UTM for a long time have legitimate complaints. No reason to point fingers as sophos has a goal and direction on what it can deliver and what is needs to deliver, however there are many instances where from the beginning, things were over promised that never got delivered due to different reasons. 

This is just a forum and people are expressing their views, its fine for sophos/sophos employees not to agree with their views but please don't say promises were never made that haven't been delivered. I am not a reseller, I do this for fun (I know my wife wants to kill me during a beta) but we have all seen documents and presentations that promised big at v15 with feature parity and other stuff with UTM just around the corner. It never materialized. 

I have learned to live with XG as another offering from sophos. But initially, it wasn't presented as such and even until recently, everyone was given an impression that XG was next gen and hence somehow better than SG/UTM. Who was promising and not delivering? I am not going to point fingers as whatever I say against XG is with a hope that someone at sophos will take that as constructive criticism that would result in a better product.

I will leave this old chart by sophos that many resellers took to heart and sold many XGs on the assumption that XG will not only provide everything available in UTM, it will improve it tremendously in a short period of time. 

Michael,

we are complaining about missing features and what Sophos did in these 2 years. VLAN on Bridge, country blocking broken, rename interface, even having menu in alphabetic order is a dream on XG.

Logging? Finally we have a log monitoring (but even here menu are not in order, web url log takes too much width in the log viewer). XG is lacking in quality, guys!

I DO NOT UNDERSTAND WHY YOU DID NOT START FROM SCRATCH....just a waste of time!

Where is the order? Look at the console commands: show options are inside show menu and system.

Not a quite nice and well ordered when a customer look at XG.

Do I speak Martian?

Hello Michael,

this is very simple, I give you two cases that I remember:

- configurable SSL VPN port
- migration tool for migrating configuration from UTM9 to XG

I think others can add many cases of features that were promised in v17 and that have not been implemented yet.

Regards

alda

 P.S. I think we're just wasting time together, maybe it's time to say goodbye

alda said:

maybe it's time to say goodbye

I'm using the Sophos XG 16 Home license on bring my own hardware. I am appreciative for the free license provided by Sophos for home users.

I'm going to rebuild from scratch (long story) once XG 17 is GA.  

I am open to another option, a different product since I will be rebuilding anyway.  I know my way around XG now and it has worked just fine for me. That said, if there is something better out there then I am open to it. Please let me know what options there are and where people jump ship to I do not wish to purchase an official hardware appliance since I already have my own hardware so I would be looking for software only.

thank you!

ch5525: did you try the sophos utm? you'll find a nice, polished and mature firewall product with UTM features. The only problem here is that parts have been neglected for a while, but overwall its still sellable and a great home product.

I did look at UTM originally but I remember there was some limitation on the number of devices I could have. I was already close at that time and now have way more devices to control (IoT etc).

Thanks for the suggestion.

I did look at UTM originally but I remember there was some limitation on the number of devices I could have. I was already close at that time and now have way more devices to control (IoT etc).

Thanks for the suggestion.