Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG / XGS ongoing issues list

Hi there,

I've been hesitant with moving from SG to XGS. I did dip my toe into the XG pool by setting up one location with an XG Firewall, however the experience was poor. So I'm currently planning a hardware refresh with SG for the next 3 years as I still think XGS is half-baked. I'm aware that XG is old, and XGS is a newer version and might be better, than XG, however...

Issue #1 - I have had many issues with our XG router not renewing it's WAN IP when the ISP changes it. I hear this is still an issue in XGS.

Issue #2 - There is no release/renew for any interfaces. I hear this is still an issue in XGS. And yes, a workaround is to assign a static IP, and then remove it... but if SOPHOS can't correct something simple like this for years... I can only imagine what other issues that I don't know about are also still un-fixed. 

Issue #3 - I use one of our SG devices as an internal relay for our Copiers. I have a consultant that deals with SOPHOS across many client businesses, and they've told me that they gave up on using the mail relay on XGS as it has been unreliable. They moved their clients to a paid mail-relay-service because of how poorly it works. 

These are some of the issues I recall off the top of my head. I'd be interested in feedback on these issues.

Also if anyone knows of other problems like these, that I may not be aware of, please add them to this list.

Thanks 



This thread was automatically locked due to age.
  • It is about the question, what to implement first and what is actually not that important in the long run. Such features like disabling Static routes could be potentially some point in the future, but there are certain other features, which are more important like securing the customer. 

    The full focus of Sophos is to implement security features in the long run. In the current state of threat landscapes, it is important to focus on security first. 

    The list of features to implement is rather long and the development resources are limited. Therefore you have to decide, what is important and what can be in the backlog or the future. 

    Focus are security first, features second. And features could be something, which is potentially wanted by everybody and then scale down to rarely used features. Disabling static routes in the times of dynamic routing (OSPFv3 and BGP) and SD-WAN routing seems to be a dead end for the long run. 

    __________________________________________________________________________________________________________________