Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

SAV for Mac AutoUpdate username/password are missing even creating disk imaged followed by KBA33050. Autoupdate credentials are stored in the Keychain. This keychain will automatically get dumped and reset if the serial number of the Mac changes. Many educational institution use Netboot to deploy SAV for Mac, they want SAV to keep the AutoUpdate credential information after deploying image to avoid actions in SEC, meaning put them into group and apply policy.

Dealing with a company split. The only way to move devices to the new client site is uninstall/reinstall. Most other products I've dealt with have an easy way to move endpoints to a new site. The current process is to disable tamper protection, wait, script an uninstall, then a script a reinstall. It's way more work than it should be. In the console, there should be an option "Move to a different client". With that, there should also be an easy way to add/remove components to match the new client site.

Give the ability in Sophos Central to limit CPU usage for Sophos overall. This would apply to scheduled scanning as well as any process that is using high CPU at login. I want these things still happen but be less noticeable to users.

As I look thru the list of ideas there is no time stamp as to when the idea was added or when some comments.

When installing the SVM, it would be beneficial to support command line arguments to automate the installation. Especially in large environments.

I just started webcasting. I'm creating a tutorial series aimed at inviting computer illerate people into the linux ecosystem. I'm looking for the most powerfull free GUI enabled AV that I can find for Linux. I hope that I will be able to feature your products in the near future.

Give the Dave Malarkey v2.0 action figures "pigeon throwing grip" akin to the old school action figure's "kung fu grip".

I would like to be able to customize and/or brand the block and warning messages which are displayed as a result of the Web Policies in Sophos Central

Sophos Client Firewall (SCF) version 3.0 and higher: Checksum control:-

The firewall can detect and report that the check sum of an application has changed (e.g. after an update) and log it in the log file.

Why can it not display the old checksum + date and new checksum + date for user acceptance as it was done previously prior to version 2.9 of the firewall.

After acceptance by the user the next execution instance of the application it will be allowed by the firewall.

Have you ever tried to add a Global Scanning Exclusion from detected exploits only to have to scroll for an hour trying to find it? If you have, then you are screaming for a search feature to allow you to find that detected exploit.

Please add a search feature under "Global scanning exclusion" -> "Add exclusion" -> "Exclusion type: Detected Exploits"

If you have a huge organization and are trying to find a specific exploit to exclude, this will allow you to do something else that day. :)

Sophos installs a Finder Extension in Mac OS, which provides icon overlays amongst other things. This kills the icon overlays in Dropbox Smart Sync and makes that product unusable. It would be helpful (essential for many customers) for the Sophos Cloud console to let us choose not to have this extension (or to have it, but for it not to set icon overlays so that Dropbox becomes useful). We have developed a solution but it's quite a pain to deploy on Sierra, or requires MDM on High Sierra, which many customers will not have.

Disable Sophos automatically resetting windows security settings (e.g. UAC)

This is causing an issue whereby when Sophos identifies a problem, it resets windows security settings and turns UAC back on. The environment requires UAC be turned off.

You can currently turn this off via per-pc registry key, see:
https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/90238/window-security-options-being-reset-during-remediation

This would be ideally managable from the enterprise console

scan and block uefi bootkit / rootkit level 2 downloading by blocking known packets with efi network filter driver

scan EFI boot partition for malware modules *.efi

we are sophos partners and, for business with clients, we have need to show that our antivirus client has running deep scan.

we wish that clients show the register that "Deep scan successful finished" and show the time and dathe of the scan.

thanks.