Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1060 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Mail Protection

Dreamcatcher

Hello Folks,

honestly, I'm pretty disappointed with XG in the matter of its mail protection. The implementation is so rudimentary that I just wonder if we are the only partner on this planet dumb enough to sell mail protection licenses to our customers? Things that really drive me nuts:

Logging

  • I cannot export the log in “Mail logs”
  • I cannot copy status messages in “Mail logs”, because they are just a stupid mouse-hover thing
  • No reason is shown if a mail is dropped by your SMTP policy, it just says "Mail has been dropped by policy <policy name>."
  • In “Log viewer -> Email” you could export the logs, but rejected mails are simply not listed here, so all you can get is an incomplete export or use SSH.
  • Users can't see their own mail logs in User Portal. I can't count how often I had to explain that Sophos is unable to show users what is happening to their mails!

What else?

  • UTM can encrypt and decrypt mails with S/MIME certificates, XG doesn't even bother to offer this very useful feature at all for years.
  • The SPX add-in that is downloadable by users from the user portal is neither the newest available version, nor can it be installed with modern Office versions like Office 365. The newest version manually downloadable from the website installs fine, but does not work. The “Add Internet Header”-Option isn’t working since the “X-Sophos-SPX-Encrypt: yes” header is not added to outgoing mails. The “Set Sensitivity to Confidential”-Option on the other hand works, since the “Sensitivity: company-confidential” header is added properly, but that doesn’t get the mails encrypted by the firewall.
  • Users can’t release mails from the link they get in the Quarantine digest. Instead, they get redirected to a page basically just saying “Log into user portal and release it from there”. It doesn’t even contain a link to the actual user portal, so all users need to know and remember how to reach it by themselves, wow!
  • Mail headers can’t be modified by XG Firewall, so if you used that feature in UTM, go somewhere else.

 

Sophos simply had done nothing to the Mail protection for the past 4 years. To me it seems like they don’t bother to finally start development here. I just want to know if there will be major updates in 2022 or not, because otherwise we will move on to something else (which definitely will not be Sophos central but probably some other cloud provider).

 

Thanks for your time and stay safe.



This thread was automatically locked due to age.
  • 0

    I always recommend to look into Central Email for a full Email protection solution, which is state of the art for further implementations (Potential Migration to Microsoft365, or gmail etc.). 

    Looking into a Gateway product like a Firewall, i am not quite the fan of using the same product to manage other facilities like Emails. A cloud based SaaS Solution can give you more techniques to protect the customer in a more stable way (Uptime, availability etc.).

    Most of your points are actually implemented in Central Email and can be used. 

    From a security perspective, using a product like Exchange on Premise seems not to be the best approach for the future. Latest security reports like ProxyShell, Hafnium etc. shown to be a major problem to begin with. This and other points is driving the Email Market to SaaS. Using a on premise gateway to protect Emails, which are send back to a cloud gateway is a flawed design to begin with.

    But that just my personal opinion. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Sure, you can see it that way, but that doesn't explain why Sophos is selling this faltering "mail protection" on their firewalls at all? It lacks so much usability that Sophos at least should make a clear statement like that:

    "There will be no further development for the mail protection. If you want more features, look at Sophos Central.We likely discontinue the mail protection on Sophos Firewall in the near future.".

    At least that would help customers to look for alternatives, but instead they sell their licenses and leave the whole mail porotection in this desolate state for years. Cut it out or finally start to enhance it!

  • 0 in reply to Dreamcatcher

    Sophos is selling a product in the current state. Customer are purchasing this product with the current implementation. As a Sales Engineer, i am positioning both solutions as they are (with there current capabilities) and present the solution with there features. 

    Some customers simply need a small email security solution or a on premise solution without any secondary implementation and that is fine. But i am always giving them the sell on Central Email, as a far Superior solution compared to both products (UTM/SFOS). 

    Looking at the features coming in Central Email and the past, there is a lot of efforts to get this solution state of the art: https://community.sophos.com/sophos-email/b/blog

    If you feel like you got the wrong solution presented, you should interact with your Sophos Sales rep. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    That still doesn't answer the initial question: will the mail protection on Sophos Firewall get any development this year at all or not? To not develop a sold product for multiple years is pretty much the same as discontinuing it.

    As for your " Customer are purchasing this product with the current implementation": do you even think about companies that switched from UTM to XG years ago, because Sophos obviously isn't capable to offer one solution like before? UTM doesn’t get any development at all, so all new features went into XG, but the "old" features just don't get implemented for many years now. What is your offering to companies that are not willing to move to your cloud service? As far as I understand your answer, nothing, I guess.

  • 0 in reply to Dreamcatcher

    I am not a product manager. I cannot answer this kind of question. You should discuss this with a product manager, which you could potentially reach with Sophos Sales. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Well, you did answer it anyway, thank you.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?