Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Uninstall and Repair Endpoints via Sophos Enterprise Console

    The uninstall and repair options via console would make it easier to manage a large number of machines, mainly because sometimes it is difficult to get access to some of them.

    27 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      5 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
    • Stop alerting when endpoint not updated in 2 days; Or make this configurable.

      We need to be alerted only on important conditions. Being alerted that a laptop has missed two updates (laptops are often off for more than two days) is not helpful and, in fact, may result in the team paying less attention to Sophos alerts. We need to be able to configure this or at minimum, please change the default. Thanks,

      15 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
      • Give the user *some* kind of indication that a restart is required

        I'm getting multiple *Medium* level notifications per week about sophos endpoint clients that are "out of date". I now know, after two weeks of interactions with sophserv tech support that the issue has (and continues to be) that many computer users don't restart their computer because they don't have to, and the endpoint security client sometimes requires it, but doesn't tell them. They would happily do it if they knew it was necessary, but because it's not, I get pounded with multiple *Medium* level notifications per week indicating that their clients are out of date. This is super annoying, and …

        16 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          2 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
        • Sophos Home Beta - "Reboot for Update" Notification - Disable or Mute

          Today I've got an update notification that told me to reboot to complete the update. Although I usually don't mind this, it threw me out of the game I was playing (full screen, DirectX 12 application). I clicked "remind me later" and went back into the game. This happened again after around 30 minutes and I decided to just leave the message there, which fixed the issue of the game being minimized.

          Although a reboot seems to be required for certain updates it would be nice to be able to disable or mute the message - or that it does…

          7 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
          • Be able to classify certain alerts, such as a medium 'Reboot required after software update' as informational.

            Be able to classify certain alerts, such as a medium 'Reboot required after software update' as informational.

            10 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
            • alerts

              We get alot of alerts that state "One or more Sophos services are missing or not running" or "realtime protection has been disabled." We then have to go into Central and look up those machines only to find that 9 out of 10 times the alert has cleared itself. There is an Event Log entry that states "all services are running" or "realtime protection has been enabled." It would be nice to have an alert that is triggered from those resolved entries. That or be able to create an alert from Events contained in the Event Log.

              4 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
              • Device Control - Log All USB Connections

                We need to be able to log and report on all attempted USB device connections, whether successful or not, regardless if policy is being enforced or not. Currently, whenever the box marked 'detect, but do not block' is checked, you have the ability to report on all devices, but if the box is unchecked, and policy is set to allow all devices, you can't report on devices that successfully connected, only the blocked attempts are reportable. This needs addressed.

                6 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                • Policy Migration Tool

                  The migration tool is great, but it would be great to incorporate policy migration as well. Though the policies don't directly link up, for the ones that central can accommodate eg. Scanning exclusions, web control, application control

                  5 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                  • central installer server check

                    Sophos Central Installer checks server availability. Somehow that check was passing during last week's outage when Sophos servers were not able to complete installation and protection. The installer's checks should verify that all resources are available for protection to succeed, so that the installer is not able to uninstall existing protection and *then* fail, leaving endpoints unprotected. Moreover, Sophos needs a switch to flip to force this check to fail the next time they have a catastrophic outage like they did 11-14 July.

                    9 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                    • Sophos for Virtual Environment - Show GVMs in the Sophos Enterprise Console

                      Show GVMs in the SEC and that they are being actively protected. Also, which SVM they are being protected by currently.

                      Only having the SVMs visible doesn't give the same level of confidence as the older fat clients.

                      5 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
                      • AD Sync - Remove Computers No Longer in AD

                        We have a ton of old computers listed that have been retired & removed from AD, but are still listed in sophos. It would be nice if AD sync had an option to automatically clear these up.

                        If it's not in AD and it's not reporting as online (For 2 weeks) -> Purge.

                        14 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
                        • Force Uninstall Utility

                          A support tech told me awhile back that you may be working on a utility to forcefully remove the software and all of its relevant registry keys, folder structure, services, etc. I think this should be made a priority as it seems we are constantly uninstalling and reinstalling only to have the same problems after reinstalling.

                          Your KB article for a manual uninstall is insufficient.

                          3 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                          • Alert / Prompt user for reboot when Intercept X gets updated and reboot is required

                            Whenever the endpoint updates are installed that require a reboot to complete the installation - please prompt the user to reboot their computer at least 1 or 2 times a day. Currently, there will only be a red X on the Sophos Icon on the system tray stating that the update failed. The only way they can see that a reboot is required, is by looking in the update logs. When a reboot is required it should show that to the user and not just show an error. This goes for the console as well. When a reboot is needed…

                            4 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
                            • Option not to capture download events

                              I have notice that pretty much all our downloads as well as uploads are captured as events by the DLP engine when setting policy for web browsers.

                              This can mean the controlled items list becomes huge and the central events log is way to big to get anything meaningful in terms of data leaving via web.

                              All the data loss tools I've used generally only capture outbound events, as this is the nature of Data Loss Prevention.

                              4 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                2 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
                              • SEC Exploit Prevention E-Mail Notification

                                Actual there is no way to be alerted by a Exploit Prevetion Event like the E-Mail Notifications in the AV & HIPS Module. Many of our customers are horrified why that standard function is not implemented!

                                10 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                • InterceptX Root Cause Analysis (RCA) cases do not generate alert email

                                  I have had InterceptX Root Cause Analysis (RCA) cases detected with low, medium, and high priorities -- but none of them generated an alert email.

                                  It is very important that they do so, because RCA cases imply that malicious code has attempted to run on an endpoint, and this requires manual investigation to ascertain the cause.

                                  At the moment it appears that the only way of noticing if you have a new RCA case to deal with is if you manually go Dashboard -> Endpoint Protection -> Root Cause Analysis.

                                  17 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Restrict source IP for Administrator logins

                                    We need to be able to restrict the IPs that are allowed to log in to Central with administrator privileges. For example, we would only want our administrator accounts to be able to log in from our corporate network and not from anywhere outside. That way if the credentials became compromised they still couldn't be used by anyone outside of our corporate LAN. This combined with 2FA (which appears to be coming soon) would greatly improve the security of your product.

                                    4 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Data Control Policy - Add Microsoft Edge as a destination

                                      Currently Microsoft Edge is not included as a destination within the Data Control policy for the on-premise Enterprise Console.

                                      10 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Migration Tool for Mac devices - to Sophos central

                                        Migration Tool for Mac devices:

                                        Currently about to start migrating on-premise Sophos Endpoint Protection server/users to Sophos Central. Problem - migration tool works for Windows only...but not for Mac devices.
                                        We have a large number of Mac devices and the use of the migration tool to assist in mass deployment for Mac devices would have been "invaluable" for this task.
                                        Please can the existing Migration tool be extended to also select Mac devices and migrate.

                                        3 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Add firewall endpoint protection back!

                                          Please add the firewall back into the new sophos central agent. Currently we already have this in place on all our corporate laptops and now we are migrating endpoint protection to sophos central..this is not currently available and has rather been removed...resulting in our endpoints not having no firewall endpoint protection. If we already have this using on premise why on earth would this be removed. Please add this back in ASAP. About to start migratung..but can't.

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 35 36
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.