Endpoint Protection
Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data
-
a
this is testing
1 vote -
ARM Processor Support
With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.
275 votes -
Improve FIM Event Logging
If the File Integrity Monitoring (FIM) logs aren't going to be centralized in the administrative console, enhance the existing endpoint FIM logging to the Windows Event Viewer by populating the FIM event details (file name, location, action) in the General tab of the event (instead of only in the Details view). Also, create useful Event IDs, Event Sources, and Task Categories to allow for filtering locally and advanced parsing by SIEM solutions.
4 votes -
SOPHOS Feature Request
Good Day,
Is it possible that a feature gets added to the update management policy where you can also add & send a message to the user.
Best Regards
5 votes -
Customizable Central Admin Dashboard
Adding a customizable dashboard to Sophos Central Admin would give administrators the option add the widgets that they need for their daily work routine on the first page that they see when logging in. Beside the already available widgets (customizable) additions from the report section would be nice. A Reset to Default functionality should also be provided.
19 votes -
Perhipal control SSID management
Many of user can bypass company firewall via personal hotspot of GSM operator. If we can manage SSID and we may define whitelisted SSID will prevent that issue.
Could you please add SSID management under perhipal/device control as a new feature.7 votes -
Isolation UX enhancement
The current design of isolation UI for Windows is to pop up an alert on the notification area, which I assume Sophos utilizes Windows feature, then disappears after a short while. End users who missed this popup will be isolated from the network not knowing why it is happening. Isolation can be initiated by sysadmin in the EDR feature, but can happen unexpectedly if auto-isolation is enabled and an endpoint fails in red status. This unwanted event is occasionally observed mainly due to one of Sophos service failure - Central Device Encryption is the most observed. If the isolation message…
15 votes -
web control
Can you please create the same list of applications list so we will be able to block some websites like :
- Online storage
15 votes -
Reports
Report Regarding: Can you Add more column to the reports
EXP: IP Address, Operating System, and mac address
2 votes -
Reports
Please add one more New Feature to the custom report like IP Address, hostname, and mac ID
2 votes -
"Scan file with sophos AV" context menu function vs. sophos central exclusion list
We had a strange behavior of Sophos Endpoint Protection which should be solved by changing the behavior of the "Scan with Sophos AV" option in the context menu of windows.
What happened:
A user had an infected word file stored on his desktop. When using the context menu function "scan file with Sophos AV" it doesn't find anything wrong or suspicious.
This was weird because according to Virus Total this file contained Malware which was also detected by Sophos endpoint protection.
When checking the exclusion list on Sophos Central we found an exclusion for C:\users*. This seems to prevent the…6 votes -
DLP: Needs macOS support
It is 2020 and macOS is a common workplace device. We require the ability to prevent file transfers containing PHI and other protective information, as well as create custom rules. This needs to be revisited
11 votes -
DATA LOSS PREVENTION MAC OS
For every Sophos customer, please vote to have the Data Loss Prevention feature for Mac OS. We are a majority mac-house. I am sure there are tons of companies that have Macs in their ecosystem -
Thank you Sophos for valuing your customer's suggestions.
11 votes -
Peripheral Control - Exemption Description
We have many exemptions in the Peripheral Control Policy. It would be nice to be able to add a description as to why the exemption was made.
1 vote -
Details of "Update succeeded" in the event log
We would like to be displayed it so that we can see what has been updated in Central.
8 votes -
Surface pro X
Please give an update for the upcoming Surface Pro X
The upcoming Surface Pro X that will run on an ARM processor will not be supported by Endpoint (I do apologize for the earlier confusion).The issue is with ARM processor and how it emulates 64 bit applications. Particularly, applications that originally were coded for 32 bit applications like Endpoint.
35 votes -
Endpoint & Server License Overlap Alerts
When a customer has a termed license which is due to expire, a license expiry notification is sent to the end user, stating that their licenses have expired. This notification is fine if their licenses have not been renewed and have expired.
However if their licenses have been renewed and there is a new termed contract in place.
Please do not email customers that their licenses have expired. As a result we end up with complaints from the end user that we have not renewed their licenses. Then have to explain it is Sophos fault for an automated service sending…1 vote -
Ability to whitelist a specific threat
Here is a use case. One of our computers is used for demo purposes, and the demo includes uploading a file that knowingly contains a malware and demonstrating that the malware is detected.
We use a specific type of malware: OF97/EicarDrp-A, and we attempted to create a dedicated policy just for this computer that excludes this type of malware. However, this turned out to be impossible. Using a "Potentially Unwanted Application" exclusion type and setting it to "OF97/EicarDrp-A" didn't work. The support engineer advised to use "File or folder" exclusion type (case number 03580697), which is quite insecure (the user…
1 vote -
XG rule notifications
I had to recently create a new drop rule with internal Zone any to wan zone to IP list, this was after repeated ATP alerts from a Linux host attempting Botnet detected host ip connections, I know ATP will block anyway but to be sure I decided to create this top-level Drop rule with the IP list for which I will add Detected IP addresses into so it applies to all internal traffic attempting communication to the same detected ip addresses. It then made me think it would be handy if it were possible to include firewall rules in the…
1 vote -
Application isolation
Please implement application isolation for the well-known apps like Office, Adobe reader, browsers.
Users can open files from unsafe locations in a secure container on the client to prevent threats.regards
1 vote
- Don't see your idea?