Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Device Control - USB Devices

    Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

    Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

    26 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
    • The method of managing SAU credential for Mac

      SAV for Mac AutoUpdate username/password are missing even creating disk imaged followed by KBA33050. Autoupdate credentials are stored in the Keychain. This keychain will automatically get dumped and reset if the serial number of the Mac changes. Many educational institution use Netboot to deploy SAV for Mac, they want SAV to keep the AutoUpdate credential information after deploying image to avoid actions in SEC, meaning put them into group and apply policy.

      24 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        2 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • Allow CPU % limiting for Sophos Processes

        Give the ability in Sophos Central to limit CPU usage for Sophos overall. This would apply to scheduled scanning as well as any process that is using high CPU at login. I want these things still happen but be less noticeable to users.

        6 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
        • Customize/Brand block and warining message in Sophos Central

          I would like to be able to customize and/or brand the block and warning messages which are displayed as a result of the Web Policies in Sophos Central

          2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Bulk Policy Changes

            Enable bulk (various) changes across multiple policies in complex environments with a large number of groups and policies. Instead of having to manually change a setting in each policy one by one (for example, deselect bandwidth restrictions, in each updating policy), it would be benifical to have the ability to select multiple policies and apply the change to all of them. Changing a single setting across multiple policies manually is very time consuming and resource intensive, especially if you have a large amount of policies (100+).

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
            • The Data Control feature is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Window

              Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
              • terminal server desktop messaging

                When using Sophos on a terminal server there is a big problem that should really be fixed.
                All the users that are currently working can read all the desktop messages. Users B, C. D etc. can see messages like: "*******.com was blocked for user A".
                We had to stop the system tray icon in order to stop such problematic messages.
                This leads to the very uncomfortable situation to watch for Sophos notifications in admin console each time, a link does not work.
                Please make it possible on terminalservers for every user to see only desktop notifications which concern only this…

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Windows Server  ·  Flag idea as inappropriate…  ·  Admin →
                • Pop up that suggest the election of scan or not scan a USB Device

                  If Sophos can detect and block the USB devices, I think that Sophos can add a Window message to help the users to Scan the USB keys when this is connected to PC. With this manner if the user have selected the option once, for example, when connected the first time to the PC the second or next times he can cancel the process.

                  The Sophos message is "Simplicity" and the idea is provide a "Simple" option to users to scan your USB's or other medias when it's are connected to the Pc's.

                  This was suggested by LINCK in community …

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                  • Block the Executable Files in Device Control

                    To combat the unknow malware (mainly don't detected by Sophos) a new Device Control option as "Block the Executable Files" can help to protect the network without lost the functionality to copy/read/delete other documents from this medias. In the business the users generally uses your USB's to transport documents (word, excel, ppt, txt, etc).

                    This was suggested by LINCK in community https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/155/automatic-scan-of-removable-media#pi2151=1

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                    • Managing right click scan in SEC

                      We need that "right click scan" clean up the malware or PUA when detected but by default this only put it in quarentine and the malware is not removed or cleanup.

                      Is needed to configure right click scan but do it on 500 endpoints is not scalable.

                      The management of "right click scan" in SEC is needed.

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                      • netapp

                        Due to the diffuculty to monitor the NetApps and we should always supervise them through MMC, I suggest to do a powershell script that will send an email if the "Sophos antivirus for NetApp" is not running or the NetApp Scanner has no filer.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Storage Protection  ·  Flag idea as inappropriate…  ·  Admin →
                        • device controll

                          Selection "All" for "Modell-ID" (Problems by bluetooth mouse MX Anywhere 2/changing Modell-ID daly)
                          Select "ALL - Modell-I"D for XY.. -Device-ID.

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                          • Ability to create a standalone installer

                            Under Enterprise Console, you had the ability to create a standalone install package with all IDE files, etc. This was really handy on slower internet connections, as you don't have to tie up all available bandwidth.

                            Would really like this function again, as I am fighting through installing at another site with only a 5MB connection (fibre broken during renos)

                            8 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              1 comment  ·  Incident response  ·  Flag idea as inappropriate…  ·  Admin →
                            • Restriction to Discover Computers

                              Problem:
                              We are using Sophos in a multivendor environment which contains over 200,000 clients. The "Discover Computers" button is available for every Sophos admin, because there is no option to restrict this feature. Regularly somebody who is looking for a client presses the discover computer button. Now every network device which is reachable will be imported into the Sophos Enterprise Console and listed as an "unmanaged device". If we don't restart the SEC, sometimes more than 200,000 “unknown devices” are listed in the default "unassigned" group. We can delete these clients but they will remain in the Sophos database until…

                              24 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Publish a KB on the function and limitations of SOPHOS SafeGuard Enterprise Management Console?

                                We have noticed that we are unable to do a mass export or wildcard search with the Enterprise console.

                                After logging a ticket, the support team has suggested the extraction of information via SQL query instead.

                                A comprehensive user guide for the functionalities and limitations of the UI console would be very helpful.

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                • PUA

                                  I'd like to ask for the ability to finetune the PUA related configuration.
                                  For example I'd like to have the ability to exclude the PUA automatic cleaning on some specific devices, while keeping it working as usual on all the rest of the devices.
                                  Right now I have to add every exception manually, which is fine if we are in a "normal" environment (say: the PUA is a false positive) but it can be time consuming if the client is not "enforceable".
                                  This should be available only on the cloud management, not on the clients.
                                  Thanks for considering this idea.

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Tamper Protection for Sophos Home

                                    I just want Tamper Protection to be implemented into Sophos Home products. I suggest this because I have recently found out that all Sophos home modules can be terminated just by using Task Manager. This tells me that Sophos Home can be easily disabled by anyone, including unwanted attackers and malware.

                                    3 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Force Uninstall Utility

                                      A support tech told me awhile back that you may be working on a utility to forcefully remove the software and all of its relevant registry keys, folder structure, services, etc. I think this should be made a priority as it seems we are constantly uninstalling and reinstalling only to have the same problems after reinstalling.

                                      Your KB article for a manual uninstall is insufficient.

                                      82 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        9 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Enterprise Console REST API

                                        Provide a REST (or other) API into SEC. Basic features such as creating groups, assigning policy, adding/deleting/moving machines would be immensely helpful. Nearly all major software applications now have some form of accessible API that allows common tasks to be automated. This idea was suggested back in early 2015, but sadly was denied.

                                        1 vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Root Cause Analysis - Allow save of layout for Visualize tab

                                          Root Cause Analysis allows for a convenient re-arranging of the items in the Visualize tab, but that layout disappears when you navigate off the tab or page. Need an option on the Visualize tab to save the layout.

                                          4 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 42 43
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.