Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
For all the good it will do, sure, here or there they will likely never be implemented anyway. Sophos really needs to clean up the ideas.sophos.com site and update anything that has been implemented, won't be implemented, or have simply been marked as "being considered" for over two years when the reality is it will probably never happen. I think they should implement a bug tracking style site for ideas so each "considered for a future release" idea actually gets a log that is kept up to date as to the progress of implementation. The ideas website is a great thing but only useful if it is kept up to date, otherwise it is just another forum. We may as well be posting our ideas on Reddit, they would get just about as much attention. I mean come on, when your top idea has 630 votes and was set as "Under Review" and "Under Consideration for a future release" over TWO AND A HALF YEARS ago it doesn't give people much hope.
NTP Server is a small package and UTM9 has it. In some small organization, having a central NTP server is a nice feature. Can you add it into future release?
This feature is under consideration for a future release, though a target version or timeframe is not yet set.
I do however agree that we should stop posting "ideas" here on this forum as this was meant to be a place to discuss bugs and other issues related to V18, not request improvements or new features although it feels like a good place for such requests.
here is a brief overview of the 7' TOP required functions, please check the list below. For me, this is not an encouraging overview at all. However, I think the state of these requirements is sufficient to tell us how Sophos looks at community requirements in the development of SFOS.
I think we all agree that these 7 features would benefit SFOS very much.
XG as NTP Server term implication is unknownLet's Encrypt Integration term implication is unknownScheduled Installation of the AV Updates and Firmware Installation term implication is unknownlive Bandwidth speeds for Interfaces planned for v18.5 (supposedly)Improve Logging planned for v18.5 (supposedly)Enable/Disable Interface planned for v18.5 (supposedly) Rename/Comment Physical Interface objects already implemented, but incomplete
I like that last one, implemented, but incomplete, seems to be par for the course.
There are 2 main problems:
Improve logging is something I opened in 2015
Most of you do not even know v15. Logging is still open after 4 years and the result of logging is just bad. So when and how.
The ideas area was carried over from old days when a major new release actually implemented major new features. I am not going to bash sophos as the beta forums are back to being somewhat normal and not censored. Overall I am satisfied with the new XG if we take away the hype and look at it for what it is.
Luk, you mentioned logging since v15, (for people that are not that old, think of v18 without the logviewer and the logs disappeared if you rebooted your appliance) So they did implement/improve logging since then, we are just not satisfied with the results. Sometimes I think we are in the minority. Most small shops don't have the budget for a sysadmin. And lets be honest, how many are really looking at any logs.
Reporting is the same way. Why can't we have fqdn in reports instead of IP addresses. Same with live connections under current activities. Why do we have refresh timings in the gui? Why isn't everything dynamically updated with a pause button. And don't get me started on the old mrtg 1990s system graphs. How/why don't we have live bandwidth on every interface/every user so we know whats going on at a glance?
Why do we have to create separate QoS rules for web/application/user that can't be edited completely later on instead of one rule and apply it wherever we need.
All these things have been rehashed over and over. To be honest, I used v18 after using another brand for over an year. After I switched off IPS due to bad throughput, XG is fairly nice. Ofcourse I don't get any of the new DPI features but I am happy with the old proxy. My main problem after not using the product for a year was GUI, the menus do not make any sense. But the product has a lot of potential and offers a lot of flexibility. The flexibility is hidden in many menus all over the place.
All the problems above can only be presented during a beta and sometimes we get feedback from the devs. So I do agree we need some kind of organized method of presenting our ideas/needs. Betas provide a unique opportunity for sophos to get our feedback not only on the bugs but what we as end users want the product to look like in the future. What they implement is up to them.
thanks for your input but...depends on where you are using XG. At home, XG does its job but not in an Enterprise. Do not forget that Sophos XG is evaluated as "enterprise" product.
Logging? Put the XG into an enterprise environment and when the system admins are looking for issue, tell them to use cli or advanced shell (some are happy) but tell them that "maybe" logs are in some files .log.
Following the documentation and KB, it is helpful but not all the time, as some logs are moved from one log file to another between each MR release and not documented anywhere.
Anyway. Let's keep the thread clean.
I am not defending the logging, I don't have any excuses on why it is the way it is after years of development even if you use the product at home. I was trying to be nice [:'(]
In any case you are right. I think we need a proper system like bug reports where atleast during betas where we get some kind of official recognition and a reference number from sophos that lets us track the progress.
Stop crying! [:D]
Althoug Sophos is allowing us to reply and keep our answers, Sophos is not in the community as it should be. We need answer, we need clarification, we need feedback as they need our feedbacks.
Look at MR9 where you do not understand exim fixes...A single reply can avoid Sophos Support worldwide to be flooded for the same information request! We are in a new era, and they should invest and hire people that care the community, not only answering technical questions, but reporting information, collect data from here and be active.
This is the things that I do not understand. FloSupport is one of the guys that is here and listen and interact. I like the Michael Dunn approach but they are only few of them.
Think about: if you have a problem now, what do you do? You google it!
I don't want to get too side tracked here but I do have an exchange server set up in my lab that gets a decent amount of traffic. I never even tested it with XG... why? logging...