Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Block single peripheral, whilst allowing all by default

    In Sophos Central, you can block all peripherals by default - and then have an allow list

    You can't do it the opposite way round, where you allow all devices and just have a block list.

    When trying to create a Peripheral Exemption to Block a device, with the default being Allow, it says that "Exemptions cannot be stricter than global settings."

    This mean that for a particular customer, we have to Allow around 300 USB devices just to block a singular device which a user brought in with malicious content on.

    It would be good to just block a…

    30 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
    • Device Control - USB Devices

      Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

      Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

      30 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        3 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
      • smb V2 enabled

        Following the security problems of SMB v1 operated by some ransonware some companies have decided to disable the smb v1 protocol. It would be interesting to be able to enable SMBv2 or SMBv3 for shares of Sophos Security VM or simply propose a procedure to activate SMB V2 or SMB V3

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          2 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
        • DLP Support for Mac OS

          Apparently Mac OS is not currently supported by Sophos Endpoint DLP. We have a decent number of Mac laptops in use in our environments and have a need to protect PII. Please consider building out the DLP module to support the Mac OS.

          5 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
          • File Integrity Monitoring on Linux Server Protection

            Enterprises need File Integrity Monitoring on their Linux system files. This is a requirement for all systems requiring Continuous Monitoring (NIKST 800-137) which are all defense contractors, Government contractors, government agencies, and soon, all HIPAA covered entities.

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
            • Option to delete files when it can't be cleaned by Sophos

              We have several site all around the world but Sophos is centraly managed which means that we cannot always physically go to client computers or remotely connect to them (because of time zone, bad internet connectivity, etc...).

              So when an alert for files like those is raised in the console:
              Manual malware cleanup required: 'Mal/VMProtBad-A' at 'G:\PortableApps\Sid Meier's Civilization V + DLC\CivilizationV_DX11.exe'
              Manual malware cleanup required: 'Mal/Sality-D' at 'E:\hasna .scr'
              Manual malware cleanup required: 'Mal/VB-OL' at 'E:\Data Dell.exe'

              I would like to be able to select "Delete" and not just wait that something happen. Currently the only option is "Marked…

              10 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
              • Change DB Port during installation

                If you install the SEC, you can only use the default DB port. But in an environment with high security rules, it is not possible to use the default DB port. About that, it will be very important to change the DB port in the setup. Without this, an installation is not possible.

                4 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                • Allow Tagged Internal sites to bypass default Web Control Policy.

                  We need to allow our users to download .exe files from internal sites. We have added the sites on our safelist, but continue to receive the Sophos Warning. Users can download the file if they click continue on the Warning.

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                  • Remove third-párty endpoint

                    I have some project and I need install SOphos Endpoint from Enterprise Console remotely, but the CRT cannot remove the OfficeScan 11 and XG automatically.
                    So I sugest that CRT remove Trend Micro OfficeScan 11 and XG automatically when install from Enterprise Console.

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                    • website management

                      When a website tagged in Global Settings > Website Management is blocked due to a web control policy, the block page should inform the user which tag(s) caused the page to be blocked.

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                      • whitelist

                        I've certain sites "old style" that need to download a windows executable in the browser cache, basically without user intervention. To be clearer, I mean in a "hidden" way. I would like to let user to download THIS executable from THIS site without showing any warning from antivirus. The problem is that user can't see the sophos warning that "organization discourage executable download" because the download is hidden, and so the app fail. It's a feature that is in some way similar to that already existing in sophos that let execution of executable if located in a specifical folder. See…

                        2 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                        • Scan ALL

                          Scan ALL Computers from Central

                          3 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                          • dynamic groups based on OS

                            since ad sync for sophos central isn't getting much love & support for syncing computers (and groups containing computers) - will it ever?
                            i suggest that we have dynamic groups in central that auto-populate based on OS
                            e.g. we could then have these groups: win7, win8, win10, osx1010
                            which auto-populate with computers that run windows 7, windows 8, windows 10, OSX 10.10 respectively.

                            this would then allow us to easily sort computers & assign policy, based on os

                            2 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • Data control add mtp/ptp device

                              When customer to setting data control policy , only can setting removable device.
                              But mobile can't set in the policy.
                              So we want to add mtp/ptp device to control.

                              4 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Indication on the Sophos Icon by the time if a computer requires a reboot to complete update

                                When Sophos requires a restart of the computer to complete an update it would be really good if the sophos icon by the time changed to a yellow exclamation mark or something so the end user would know to notifiy system administrator that Sophos needed attention. Or they could just restart the computer.

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
                                • The method of managing SAU credential for Mac

                                  SAV for Mac AutoUpdate username/password are missing even creating disk imaged followed by KBA33050. Autoupdate credentials are stored in the Keychain. This keychain will automatically get dumped and reset if the serial number of the Mac changes. Many educational institution use Netboot to deploy SAV for Mac, they want SAV to keep the AutoUpdate credential information after deploying image to avoid actions in SEC, meaning put them into group and apply policy.

                                  24 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Definition updating

                                    Currently there is no alert / status change for an endpoint who's definition files are out of date, meaning, let's say you have a fully protected client, but, sophos update (not engine as that alerts if it fails) but rather JUST the definitions fail to update.

                                    we would like the ability to be able to either configure a threshold for alerting, or be able to simply enable/disabled alerting for definitions not updated.

                                    we have many endpoints that will fail to update for days, and the result is a system that while there are no alerts, is potentially not protected.

                                    my…

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • More switches for setup.exe - show install status but disable buttons

                                      The setup exe allows --quiet to be passed that does a full hands free install. The problem is the status dialog is hidden, so the end user sees no progress bar.

                                      If an additional switch was added (normally this is --passive in msiexec installs) the user sees that something is happening as the install runs, but it stops them cancelling the install.

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Disable Tamper Protection through Command Line

                                        Hi,

                                        Somethimes, managing 1000+ or even 5000+ machine its difficult, even more if we don't have built-in features in the console to remediate/uninstall corrupt/broken installations.

                                        But, the main problem is not that. The problem is that we CANNOT disable Tamper Protection remotely to reinstall/remove Sophos AV, in the following cases:

                                        1) Console was erased/failed and there's no cert/db/registry backup (all Endpoint with Tamper enabled)
                                        2) Broken installations dont apply Tamper Policies (to disable it)
                                        3) Migrated console (don't have the old one).

                                        All this would be solved by having the chance to disable Tamper through Command Line. Example

                                        Case A:…

                                        11 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • DLP logs should include USB transfers in Sophos Admin Reporting, not just end user client

                                          I created a USB DLP policy to allow, but track all USB transfers. Transfers are tracked locally on the end point, but the log data is not transferred to reporting in the sophos admin console. It would be incredibly useful to see the same information that is tracked in the local log in the admin console as well. Other DLP policy matches make it there, why can't these?

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 46 47
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.