Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. ARM Processor Support

    With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.

    275 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  39 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Isolation UX enhancement

    The current design of isolation UI for Windows is to pop up an alert on the notification area, which I assume Sophos utilizes Windows feature, then disappears after a short while. End users who missed this popup will be isolated from the network not knowing why it is happening. Isolation can be initiated by sysadmin in the EDR feature, but can happen unexpectedly if auto-isolation is enabled and an endpoint fails in red status. This unwanted event is occasionally observed mainly due to one of Sophos service failure - Central Device Encryption is the most observed. If the isolation message…

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. "Scan file with sophos AV" context menu function vs. sophos central exclusion list

    We had a strange behavior of Sophos Endpoint Protection which should be solved by changing the behavior of the "Scan with Sophos AV" option in the context menu of windows.

    What happened:
    A user had an infected word file stored on his desktop. When using the context menu function "scan file with Sophos AV" it doesn't find anything wrong or suspicious.
    This was weird because according to Virus Total this file contained Malware which was also detected by Sophos endpoint protection.
    When checking the exclusion list on Sophos Central we found an exclusion for C:\users*. This seems to prevent the…

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Endpoint & Server License Overlap Alerts

    When a customer has a termed license which is due to expire, a license expiry notification is sent to the end user, stating that their licenses have expired. This notification is fine if their licenses have not been renewed and have expired.

    However if their licenses have been renewed and there is a new termed contract in place.
    Please do not email customers that their licenses have expired. As a result we end up with complaints from the end user that we have not renewed their licenses. Then have to explain it is Sophos fault for an automated service sending…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Sophos Endpoint Agent "Offline Installer"

    The "Sophos Endpoint Agent" should successfully finish the installation process after the successful installation and setup of its own service. The installation of the other Sophos components should not be part of this installation routing.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Implement passive forced Client-restart

    We noticed that Sophos Endpoint Protection lacks the function of automatic monitoring of the restart status of clients, combined with a configurable automatic forced restart request on the user's client. The only way as a company to trigger this through Sophos Endpoint is actually via Live Response (Beta), but not automatically and by active monitoring beforehand.

    The problem we are observing is that serious security gaps arise in companies because employees do not regularly restart clients and thus the rollout of security updates is delayed (e.g. Windows updates). By implementing a monitoring of the restart status of clients, this circumstance…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. vipre

    The Sophos installer should be able to remove Vipre branded A/V products on installation.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. global exclusion authorisations detail

    When you authorise a PUA from the Alerts are in Central it adds a global exclusion with a name that does not mean much and enters no detail about why it was created and by who. If it could add some of the detail found in the audit log to the exclusion it would help admins verify the exclusions and ensure they are needed.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. How to activate FOX News on Roku?

    First, you need to get the FOX News app on the Roku device from the channel store. You can get this app under the News and Weather section. Once completing the installation process., you can access the app and get the activation code. Take a note of this code and open a web browser. Visit foxnews com activate and in there choose the device that you are using. Next, key in code and select the pay-TV provider. At last, click Activate to initiate the activation process.
    VISIT - https://www.go-roku.net/foxnews-com-activate-roku

    Want to know how to activate Fox News via foxnews com…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  10. Applications Blocked by EndPoint Not vissible on Endpoint or Central Management

    Applications Blocked by EndPoint Not vissible on Endpoint or Central Management. Please add blocked applications to the detections on the endpoint and Central Management, so these detections/blocks are noticed directly.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  11. MAC address

    Sophos Central should show MAC addresses for connected devices.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. Block Google Quic on Sophos Central Endpoint Protection

    Allow us to block Google Quic protocol on Endpoint level since we can do it from the Firewall. This would allow us to block it from the agent instead of having to manually disable it on Chrome or setup a Windows Firewall rule to block 443 or 80 on UDP.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. USB Block with pass

    Hello. We have a suggestion for the Endpoint. The suggestion is to lock the USB devices and allow the function to release with a password. It would be an additional option within the existing "block", "allow" and "read-only" actions.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add a way to filter out the device type/device category in reports (laptop, workstation, server)

    I need to report on the number of workstation, laptops and servers using Sophos licences which I can't as I can't separate laptops from fixed computers.
    I would also need to run a report and ensure that all laptops have the device encryption enabled (where it is less critical if not enabled on a fixed workstation) and this is also something which you can't do because you can't find out about specific device category like 'laptop'.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. IPS on Endpoint - Heartbeat XG IPS offloading

    Having now IPS on Endpoint, means that behind an XG FW with its own IPS activated there's a certain overlap (double check) of certain IPS patterns.
    Proposal: use the heartbeat (synch security) to check whether or not the endpoint is sitting behind an XG FW with IPS enabled. If so, the endpoint doesn't have to check them again and can save some resources.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. Excluding cryptoguard-detections

    Cryptoguard has detected a false positive detection of a client "attacking" a server. Fortunately it is a false positive, but there's no option to exclude the thumbprint of the client attacking a server, so Cryptoguard always recognizes this as an attack. There should be an exclusion for a client false-positively "attacking" a server.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. System Configuration

    I'm requesting to enable or develop the option to get System Configuration In console. It will very helpful for us. Like : RAM, Hard disk, processor.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. Exploit Mitigations & Global Template

    Add possibility in Global Template to create exclusion for 'Exploit Mitigations'

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  19. List machines with tamper protection disabled

    There is no way to run a report or search for any devices that have had tamper protection disabled and it has not been re-enabled.

    25 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. Skip remote scan when alread scanned locally (during copy from local to remote)

    A new exclusion-option "On remote location, when already scanned locally” would be great.

    We need to exclude those items for software developers with a low bandwidth-connection (VPN with ~50 MBit/s).

    When they publish a new version, they compile the software locally and copy it to a remote-location (Network-Share). All Elements to be copied to the remote location have already been scanned locally, before.

    When they copy the package, SAV scans them again on the remote-location. This takes about 10 Minutes per file (with 5 MiB filesize). It takes around 45 Minutes to publish the whole package for our main-application. When…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 9 10
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.