Hi All,

In order  to improve security and reduce the potential for cross-site scripting (XSS) exploits, Sophos retired support for the HTTP/S bookmarks feature starting with XG Firewall v18. We are now announcing the retirement of this feature in XG Firewall v17.x via hotfix HF062020.1 which was released on June 20, 2020.

Please visit https://community.sophos.com/kb/en-us/133872 for more information.

Regards,

Parents
  • This feature needs to be re-enabled, we used this heavily to provide the needed limited access for IT management and developer/contractor access.

    this was an easy and efficient way to manage and provide that limited access route, if we wanted everyone to connect directly to our network via the VPN client then everyone would have credentials for it, the whole intent was to NOT grant that direct connection and to just give that person the access to the one single resource they need to do their work, whether its a web console or the one intranet site they needed to access.

    this response from sophos is improper and should never have happened, nevermind that the bookmarks feature should never have been up for retirement until a direct replacement had been developed that would provide that same or a comparable limited access method.

Comment
  • This feature needs to be re-enabled, we used this heavily to provide the needed limited access for IT management and developer/contractor access.

    this was an easy and efficient way to manage and provide that limited access route, if we wanted everyone to connect directly to our network via the VPN client then everyone would have credentials for it, the whole intent was to NOT grant that direct connection and to just give that person the access to the one single resource they need to do their work, whether its a web console or the one intranet site they needed to access.

    this response from sophos is improper and should never have happened, nevermind that the bookmarks feature should never have been up for retirement until a direct replacement had been developed that would provide that same or a comparable limited access method.

Children
No Data