Hello,

we have a UTM with all Subscriptions and now i'll like to remove GData from all Clients and install Sophos Endpoint Protection. I can set Friday 13:00 start scan but i can't shutdown PC if scan complete :(

It would be great to have the ability to disable the On-Access-Scans for a certain amount of time on the client.
E.g. via right click on the systray icon:
"Disable On-Access-Scans..."
"for 1 hour"
"until reboot"

This should, of course, only be possible for admins, perhaps only after entering the tamper protection password!?

I would like the ability to create sub accounts with different permission levels. For example, you can have account 1 able to unblock/whitelist and account 2 can perform updates etc. This would be great as you won't need to give out the admin password and no user will see or do anything they are not supposed to on the webadmin interface.

It is often more efficient to let the user install when it is convenient to them. Particularly when installing for the first time to remote users or using onsite support technicians without UTM access.

Currently the EP's own policy will override the group policy. It has been designed so that if you have one machine within a group that needs tamper protection disabled this can be done easily without having to create a new group and assign it a different policy. However when you need to migrate from UTM endpoints to Cloud endpoints this means you would have to go into each individual one and turn it off - not practical when you have over 1000 EPs.

Allow for having a separate install schedule for servers for when you release a new recommended version, so that that portion of the upgrade can happen off hours instead of whenever you've released it to the update servers and we download it. Every time that happens, it causes quite a bit of havok here.

As you know technology has evolved very quickly, even social media platform such as Facebook, Google+, Linkedin, Twitter and etc. can also know as cyber threats and threats that can be prevented by early detection and containment before an attack towards a company. I would suggest by having a feature; social media intelligence gathering, for detecting, analysing, reviewing. Hope that you could consider this as a feature. Hope to hear from you soon. I hope this idea will favour Sophos in times to come especially if there is BYOD monitoring.

My customer had bought the Sophos Endpoint Protection Standard.
And Data protection function can not block the *.3dm file according to their need.
I have recently opened the session to Sophos support but still not up2date yet.

Now hope you up2date database for Data control on Sophos Endpoint Protection to block the .3dm file.

Please update as soon as possible. My customer are complaining about it!

Thanks in advance,

The Reporting Tool under Web Protection in the UTM does not show results for Google searches. I called technical support and they suggested I put this in on the feature requests. I do not know if this is necessarily a feature that does not exist or if there is an issue with the reporting function.

Don't send the Quarantine Report per single email address but per (domain) user. It's very much better for user with a lot of addresses.
If you are using more than one UTM as MX gateway, a central spam quarantine server was very helpful.

Being able to manage the anti-virus endpoints in order to change the updating options to change proxy settings, schedule etc.

Also being able to start on-demand scans and usual management of AV Endpoints (push installations etc.) present in other management software.

Given that Windows 10 has been exposed as spyware, how about an option to the Sophos software that blocks it? Of course, it's a bit of a long-term project in that, no doubt, Microsoft will be constantly changing the details of how the spyware works in order to defeat the many blocking schemes which will arise from various sources.

Please ....

We need :
- Export and import NAT and DNAT Rules
- Centralize DNAT and SNAT like EMS in TMG :-)

TMG can ...

Thks

Sophos Antivirus supports multiple Linux distributions. I recommend adding this client to the UTM Endpoint list so we can protect, manage and monitor security on our Linux servers and desktops

I want to allow email, especially cloud based email to come in. The advantage/disadvantage is that I do not know where the email server resides. However, I do want to block, ssh, VPN & RDP from specific countries.
Please allow me to pick and choose which services get blocked or allowed.

Patterns/Strings specified in a rule for DLP matching should be matched against all of an email, not only subject/body. Currently only Patterns or strings in the Body or subject line will be matched.
the immediate benefit would be inclusion of definable headers (such as sensitivity or confidentiality headers) that integrate seamless with existing email client infrastructure, such as Outlook, to trigger a dlp match. The trigger-header that exists ( X-Sophos-SPX-Encrypt ) is only reasonbly configurable in certain email Client applications.

in Mail manager you can select email and then in the options below you can delete them but it would be great if you could delete and add to blacklist all in one go.

You should check if new rulesets for SNORT IPS are compatible with your own products BEFORE rolling them out. It happens every now and then, that the UTM IPS blocks Endpoint installations and/or updates.