Here are a few reasons this would be a huge win:
- Expand to limitless options for authentication. Use Google, Salesforce, Azure, PingFederate, ADFS, etc... all options
- Establish Authorization rules based on Claims - Allow if Department = Accounting. Deny if Member of 'Restricted' Group
- Identity Providers can add authorization rules above, beyond and prior to the Sophos Appliance. Example: Require Multi-Factor Authentication (MFA) or Device must be managed. If a company requires MFA for admin access to manage a firewall - you don't have to build it - plug into their existing infrastructure.
This could be very useful for both Proxy Sever Authentication and also web interface auth.
-Jason