Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Block single peripheral, whilst allowing all by default

    In Sophos Central, you can block all peripherals by default - and then have an allow list

    You can't do it the opposite way round, where you allow all devices and just have a block list.

    When trying to create a Peripheral Exemption to Block a device, with the default being Allow, it says that "Exemptions cannot be stricter than global settings."

    This mean that for a particular customer, we have to Allow around 300 USB devices just to block a singular device which a user brought in with malicious content on.

    It would be good to just block a…

    26 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
    • Device Control - USB Devices

      Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

      Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

      28 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        3 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
      • The method of managing SAU credential for Mac

        SAV for Mac AutoUpdate username/password are missing even creating disk imaged followed by KBA33050. Autoupdate credentials are stored in the Keychain. This keychain will automatically get dumped and reset if the serial number of the Mac changes. Many educational institution use Netboot to deploy SAV for Mac, they want SAV to keep the AutoUpdate credential information after deploying image to avoid actions in SEC, meaning put them into group and apply policy.

        24 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          2 comments  ·  Flag idea as inappropriate…  ·  Admin →
        • Easy way to move endpoint devices to a new client

          Dealing with a company split. The only way to move devices to the new client site is uninstall/reinstall. Most other products I've dealt with have an easy way to move endpoints to a new site. The current process is to disable tamper protection, wait, script an uninstall, then a script a reinstall. It's way more work than it should be. In the console, there should be an option "Move to a different client". With that, there should also be an easy way to add/remove components to match the new client site.

          6 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Option to delete files when it can't be cleaned by Sophos

            We have several site all around the world but Sophos is centraly managed which means that we cannot always physically go to client computers or remotely connect to them (because of time zone, bad internet connectivity, etc...).

            So when an alert for files like those is raised in the console:
            Manual malware cleanup required: 'Mal/VMProtBad-A' at 'G:\PortableApps\Sid Meier's Civilization V + DLC\CivilizationV_DX11.exe'
            Manual malware cleanup required: 'Mal/Sality-D' at 'E:\hasna .scr'
            Manual malware cleanup required: 'Mal/VB-OL' at 'E:\Data Dell.exe'

            I would like to be able to select "Delete" and not just wait that something happen. Currently the only option is "Marked…

            4 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
            • Disable Tamper Protection through Command Line

              Hi,

              Somethimes, managing 1000+ or even 5000+ machine its difficult, even more if we don't have built-in features in the console to remediate/uninstall corrupt/broken installations.

              But, the main problem is not that. The problem is that we CANNOT disable Tamper Protection remotely to reinstall/remove Sophos AV, in the following cases:

              1) Console was erased/failed and there's no cert/db/registry backup (all Endpoint with Tamper enabled)
              2) Broken installations dont apply Tamper Policies (to disable it)
              3) Migrated console (don't have the old one).

              All this would be solved by having the chance to disable Tamper through Command Line. Example

              Case A:…

              6 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
              • Allow CPU % limiting for Sophos Processes

                Give the ability in Sophos Central to limit CPU usage for Sophos overall. This would apply to scheduled scanning as well as any process that is using high CPU at login. I want these things still happen but be less noticeable to users.

                15 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                • Add Time Stamp to Suggested Ideas

                  As I look thru the list of ideas there is no time stamp as to when the idea was added or when some comments.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                  • Sophos for Virtual Environments - SVM command line installation parameters

                    When installing the SVM, it would be beneficial to support command line arguments to automate the installation. Especially in large environments.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
                    • Bring back the GUI for your Linux AV.

                      I just started webcasting. I'm creating a tutorial series aimed at inviting computer illerate people into the linux ecosystem. I'm looking for the most powerfull free GUI enabled AV that I can find for Linux. I hope that I will be able to feature your products in the near future.

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
                      • Give Dave Malarkey Action Figures more Action

                        Give the Dave Malarkey v2.0 action figures "pigeon throwing grip" akin to the old school action figure's "kung fu grip".

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                        • Schedule Disable tamper Protection.

                          As you maybe know there are problems with IASO systemstate backups in combination with sophos antivirus.
                          https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/95786/freeze-thaw-vss-failures-when-sophos-av-is-utilized/374472

                          The workaround is

                          1. Disable Tamper Protection on the affected servers
                          2. Open Services.msc on each server
                          3. Stop and Disable the Sophos Health service
                          4. Reboot server and test backups

                          At Sophos managed central its possible to tamper protection manually for a device.

                          Is it possible to schedule the "disable Tamper Protection" at a certain time in Sophos managed central?

                          Then we can add a pre backup job to the IASO backup systemstate backup job to disable the sophos healt services and…

                          3 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                          • Customize/Brand block and warining message in Sophos Central

                            I would like to be able to customize and/or brand the block and warning messages which are displayed as a result of the Web Policies in Sophos Central

                            4 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • new

                              Sophos Client Firewall (SCF) version 3.0 and higher: Checksum control:-

                              The firewall can detect and report that the check sum of an application has changed (e.g. after an update) and log it in the log file.

                              Why can it not display the old checksum + date and new checksum + date for user acceptance as it was done previously prior to version 2.9 of the firewall.

                              After acceptance by the user the next execution instance of the application it will be allowed by the firewall.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                              • Search feature for Scanning Exclusions - Detected Exploits

                                Have you ever tried to add a Global Scanning Exclusion from detected exploits only to have to scroll for an hour trying to find it? If you have, then you are screaming for a search feature to allow you to find that detected exploit.

                                Please add a search feature under "Global scanning exclusion" -> "Add exclusion" -> "Exclusion type: Detected Exploits"

                                If you have a huge organization and are trying to find a specific exploit to exclude, this will allow you to do something else that day. :)

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                • Prevent loading of Finder Extension in Mac OS

                                  Sophos installs a Finder Extension in Mac OS, which provides icon overlays amongst other things. This kills the icon overlays in Dropbox Smart Sync and makes that product unusable. It would be helpful (essential for many customers) for the Sophos Cloud console to let us choose not to have this extension (or to have it, but for it not to set icon overlays so that Dropbox becomes useful). We have developed a solution but it's quite a pain to deploy on Sierra, or requires MDM on High Sierra, which many customers will not have.

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Disable Sophos automatically resetting windows security settings (e.g. UAC)

                                    Disable Sophos automatically resetting windows security settings (e.g. UAC)

                                    This is causing an issue whereby when Sophos identifies a problem, it resets windows security settings and turns UAC back on. The environment requires UAC be turned off.

                                    You can currently turn this off via per-pc registry key, see:
                                    https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/90238/window-security-options-being-reset-during-remediation

                                    This would be ideally managable from the enterprise console

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                                    • uefi / efi packet scanner

                                      scan and block uefi bootkit / rootkit level 2 downloading by blocking known packets with efi network filter driver

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • uefi partition scanner

                                        scan EFI boot partition for malware modules *.efi

                                        1 vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Execution of Deep Scan On Demand from the client

                                          we are sophos partners and, for business with clients, we have need to show that our antivirus client has running deep scan.

                                          we wish that clients show the register that "Deep scan successful finished" and show the time and dathe of the scan.

                                          thanks.

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 44 45
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.