This is a feeble effort over the last month to document a few of the many concerns with the XG V16 GUI and functionality. I should have done a better job, but the bottom line the GUI is very slow, inefficient in use of screen real estate, inefficient in steps need to complete basic functions, etc. General Feedback After completing a new entry, it doesn’t continue with allowing more entries in the same screen, but kicks you back to the hosts screen. Would be real nice to filter on custom hosts and services and not see all the built-in ones. Filters don’t “stick” anywhere, for example firewall rules or log view. If I filter LAN-to-WAN firewall rules, then open a rule, the exit, it goes back to all rules – filter gone. If I’m bouncing around between logs, and I’ve got a filter to trap a host, for instance, I’ve got to set it for each log, which is sort of okay and understandable, but if I’m switching back and forth between IPS, firewall, malware, etc., I have to redefine the filter when I go back to one I’ve just looked at, like firewall. Related to no choices sticking, every time I bring up System Graphs it defaults to all graphs. If I reduce the excessive and redundant graphs (ie. with one WAN link, WAN zone traffic and Port 2 are redundant, or ports I'm not using), go to any other screen, and come back, I get all the graphs again, which take quite a number of seconds to draw and I'm sure a lot of resources to keep updating. Sometimes the graphs refuse to appear at all or in part. Takes a inordinately long time to save changes on most screens. Many screens, like adding a host, the Save or Apply button is way below the final field entered, making for a lot more cursor movement. This just another example of inefficient screen function. No advanced DHCP server settings, like defining custom entries such as TFTP servers, so I can’t replace other vendor’s firewalls without moving the DHCP functionality elsewhere. No apparent recording of DHCP address assignments to flash to survive reboot. Could the whole NAT setup be any more disjointed than it is? Is this a bad joke? You have to spell out NAT in each firewall rule? Have any of the developers looked at a good firewall like a Sonicwall? There is no place I can see to just look at all your NATs at a glance. Cannot edit NAT names or many other entry names either. Have to create new objects for NAT. Why can’t we just use the existing address objects? There are many things you can’t see at a glance. With the graphics style, you can only see a small part of your rules on screen at a time. How about one line per rule, with an option to expand, so you can fit 20+ rules on a screen? This applies to all sorts of listings. Borrow a Sonicwall to see this or I can send screen shots. The Application List is 55 pages long. You cannot jump to a page or search. You have to scroll to the bottom of a page, click the arrow, scroll to the bottom of the page, click arrow, repeat endlessly! This is a more extreme example of a problem in many places. Lots of information in the nice graphs isn’t particularly useful. By this I mean that traffic of various types (web categories, applications, etc.) is reported in total volume, in and out. Without knowing how much is in (which is typically the biggest concern for congestion) and how much out, many graphs are wasting screen space and CPU cycles. Firewall Rules Slow & klutzy, where you have to click Add New Item under each box instead of just accepting the clicked items. Too much scrolling required. Wasteful of screen real estate. You should be able to add anything typically needed without any scrolling. See how competitors do it. Saving firewalls rules way too slow. Have to de-select certain things, like Services defaulted to Any, which is a needless click many times over. Can’t clear firewall or other traffic counters. VPN Status of a tunnel can be very slow to respond, leading to incorrectly thinking a tunnel is down or up when it’s not. No way I know of to see how much traffic is actually flowing in both directions on a tunnel. Ran into certain changes for an IPSec tunnel (not the profiles) dropped other IPSec tunnels. Hosts Even on a screen with 1200 vertical resolution the arrows to advance to the next screen require a scroll down each screen, slow & klutzy. Should be some dynamic screen scaling or something, or just include less hosts per screen, more compact display, etc. Bugs? When the XG was experiencing congestion I could get into any tab but Administration. Clicking Administration will cause a logout of the GUI This happened repeatedly. I’ve changed options in firewall rules and web category scanning exceptions, saved, worked for a couple of days, then mysteriously changed back!

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Feedback List

This is a feeble effort over the last month to document a few of the many concerns with the XG V16 GUI and functionality. I should have done a better job, but the bottom line the GUI is very slow, inefficient in use of screen real estate, inefficient in steps need to complete basic functions, etc.

General Feedback

After completing a new entry, it doesn’t continue with allowing more entries in the same screen, but kicks you back to the hosts screen.
Would be real nice to filter on custom hosts and services and not see all the built-in ones.
Filters don’t “stick” anywhere, for example firewall rules or log view. If I filter LAN-to-WAN firewall rules, then open a rule, the exit, it goes back to all rules – filter gone. If I’m bouncing around between logs, and I’ve got a filter to trap a host, for instance, I’ve got to set it for each log, which is sort of okay and understandable, but if I’m switching back and forth between IPS, firewall, malware, etc., I have to redefine the filter when I go back to one I’ve just looked at, like firewall.
Related to no choices sticking, every time I bring up System Graphs it defaults to all graphs. If I reduce the excessive and redundant graphs (ie. with one WAN link, WAN zone traffic and Port 2 are redundant, or ports I'm not using), go to any other screen, and come back, I get all the graphs again, which take quite a number of seconds to draw and I'm sure a lot of resources to keep updating. Sometimes the graphs refuse to appear at all or in part.
Takes a inordinately long time to save changes on most screens.
Many screens, like adding a host, the Save or Apply button is way below the final field entered, making for a lot more cursor movement. This just another example of inefficient screen function.
No advanced DHCP server settings, like defining custom entries such as TFTP servers, so I can’t replace other vendor’s firewalls without moving the DHCP functionality elsewhere.
No apparent recording of DHCP address assignments to flash to survive reboot.
Could the whole NAT setup be any more disjointed than it is? Is this a bad joke? You have to spell out NAT in each firewall rule? Have any of the developers looked at a good firewall like a Sonicwall?
There is no place I can see to just look at all your NATs at a glance.
Cannot edit NAT names or many other entry names either.
Have to create new objects for NAT. Why can’t we just use the existing address objects?
There are many things you can’t see at a glance. With the graphics style, you can only see a small part of your rules on screen at a time. How about one line per rule, with an option to expand, so you can fit 20+ rules on a screen? This applies to all sorts of listings. Borrow a Sonicwall to see this or I can send screen shots.
The Application List is 55 pages long. You cannot jump to a page or search. You have to scroll to the bottom of a page, click the arrow, scroll to the bottom of the page, click arrow, repeat endlessly! This is a more extreme example of a problem in many places.
Lots of information in the nice graphs isn’t particularly useful. By this I mean that traffic of various types (web categories, applications, etc.) is reported in total volume, in and out. Without knowing how much is in (which is typically the biggest concern for congestion) and how much out, many graphs are wasting screen space and CPU cycles.

Firewall Rules

Slow & klutzy, where you have to click Add New Item under each box instead of just accepting the clicked items.
Too much scrolling required. Wasteful of screen real estate. You should be able to add anything typically needed without any scrolling. See how competitors do it.
Saving firewalls rules way too slow. Have to de-select certain things, like Services defaulted to Any, which is a needless click many times over.
Can’t clear firewall or other traffic counters.

VPN

Status of a tunnel can be very slow to respond, leading to incorrectly thinking a tunnel is down or up when it’s not.
No way I know of to see how much traffic is actually flowing in both directions on a tunnel.
Ran into certain changes for an IPSec tunnel (not the profiles) dropped other IPSec tunnels.

Hosts

Even on a screen with 1200 vertical resolution the arrows to advance to the next screen require a scroll down each screen, slow & klutzy. Should be some dynamic screen scaling or something, or just include less hosts per screen, more compact display, etc.

Bugs?

When the XG was experiencing congestion I could get into any tab but Administration. Clicking Administration will cause a logout of the GUI This happened repeatedly.
I’ve changed options in firewall rules and web category scanning exceptions, saved, worked for a couple of days, then mysteriously changed back!

This thread was automatically locked due to age.

0 lferrara over 8 years ago

David,

I like your thread and also your point of view (a part the Sonicwall UI which is not so nice and intuitive like UTM9, but this is my point of view). I hope that in Sophos they will fix most of the problems you mentioned here.

UI is still slow and even the resolution, I do not understand why you need to scroll the bar.

We expect to see more improvements on v17. Only when the XG will be easy like UTM9 and will have the same UI concept like UTM9, XG will succeed! Anyway I have to say good work for what they have done between v15 and v16 but it is still not enough to become a really alternative to competitions.

Regards,
Cancel
Vote Up 0 Vote Down

Cancel