Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. MAC Address

    Would like to see the MAC Address listed on the Devices tab as well as to be able to export to a CSV file. This would be extremely helpful to those of us managing networks of 4000+ devices. I believe this information must be captured in the Sophos servers so I can't imagine it would be that hard to include in the Device information.

    18 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
    • Block single peripheral, whilst allowing all by default

      In Sophos Central, you can block all peripherals by default - and then have an allow list

      You can't do it the opposite way round, where you allow all devices and just have a block list.

      When trying to create a Peripheral Exemption to Block a device, with the default being Allow, it says that "Exemptions cannot be stricter than global settings."

      This mean that for a particular customer, we have to Allow around 300 USB devices just to block a singular device which a user brought in with malicious content on.

      It would be good to just block a…

      39 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
      • Option to delete files when it can't be cleaned by Sophos

        We have several site all around the world but Sophos is centraly managed which means that we cannot always physically go to client computers or remotely connect to them (because of time zone, bad internet connectivity, etc...).

        So when an alert for files like those is raised in the console:
        Manual malware cleanup required: 'Mal/VMProtBad-A' at 'G:\PortableApps\Sid Meier's Civilization V + DLC\CivilizationV_DX11.exe'
        Manual malware cleanup required: 'Mal/Sality-D' at 'E:\hasna .scr'
        Manual malware cleanup required: 'Mal/VB-OL' at 'E:\Data Dell.exe'

        I would like to be able to select "Delete" and not just wait that something happen. Currently the only option is "Marked…

        20 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
        • Fix the Running malware in quarantine or cleanup failure indicator in Sophos Central

          We're constantly having hosts that have a status of red because Sophos is falsely reporting that "Running malware in quarantine or cleanup failure" Can we fix this or have an automated process to delete the events.db?

          6 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
          • Sophos Central Send Reports to Cloud (Sharepoint\Dropbox\Box\AWS...)

            Currently, Event Reports only do 6 months of reports and gets sent via email.
            I would love to generate .pfd's of all my reports but our attachment limit via email is 10MB

            Could you not allow or link a URL to a Sharepoint\Dropbox\Box\AWS cloud storage share?
            Sign in verify the user login then collect reports there.

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
            • lockdown

              would be nice to be able to see more lockdown events than 24 hours and also to be able to search/filter by date range. Also, why cant we get email alerts when lockdowns happen?

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
              • clear multiple alerts

                From Cloud Console, Status Tab, Alerts section, it would be great to have an option to select multiple alerts and clear them/acknowledge them all at once. If I'm addressing an endpoint with multiple actions, I have to go through one by one and Mark as Resolved. At the very least they could be grouped so that I don't have to confirm multiple instances of the same persistent file being cleaned up because another infected computer on the network is dropping a file on it and Sophos is deleting it. If this happens after hours I could have 20 of the…

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                • Display status of client from taskbar icon

                  When a PC has the Endpoint Protection Client deployed via Sophos Cloud, if the client has issue or is out of date, there is no visual prompt on the Sophos shield icon in the notification area. You have to open the client and then click about, to see when a client last updated.

                  When we used to use Sophos Enterprise Console, the Sophos icon in the notification area would have a red cross overlaying the icon, notifying the user of a problem

                  3 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                  • Stop alerting when endpoint not updated in 2 days; Or make this configurable.

                    We need to be alerted only on important conditions. Being alerted that a laptop has missed two updates (laptops are often off for more than two days) is not helpful and, in fact, may result in the team paying less attention to Sophos alerts. We need to be able to configure this or at minimum, please change the default. Thanks,

                    66 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                    • Tamper Protection Report

                      Currently the only way to tell if Tamper Protection has been disabled for a device is Sophos Central is to view the Summary page of each device. My suggestion is to add a column to the existing "Servers" and "Computers" reports (under Logs & Reports -> Endpoint & Server Protection) that indicates whether or not Tamper Protection is enabled.

                      28 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        5 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                      • SAML login support for cloud console

                        This is a must have for many organisations web based tools. Also helps with SSO and multi factor logon requests which can usually be configured at the identity provider.

                        56 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          14 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                        • Create a way to uninstall Hitman Pro from servers using the Sophos Central console.

                          Since Hitman Pro was part of an update to sophos server protection, we have had issues with utilization being high on the servers. Would like to be able to uninstall Hitman Pro without affecting the other server protections provided by sophos central.

                          8 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                          • Central/Cloud Exclusions - Export-Import

                            Please add the functionality to export personalized exclusions for servers and users/clients and then the ability to re-import them on a different server (group) or users.
                            In order to facilitate batch export-import of long exclusion lists.

                            27 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              10 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                            • Expand MODEL and ID field in Peripheral Control Exemptions to show full length Device ID & Model

                              In the 'Add Peripheral Exemptions' section, there should be an ability to re-size and make bigger (both the actual window and also each column) to ensure that we can see the exact models that we will be allowing. We have multiple pieces of hardware that have very similar Model and ID numbers but some are allowed and some are blocked for certain groups, and currently because the columns are so narrow, it is difficult to determine which is which.

                              19 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                              • 10 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                • Automatically logoff Sophos Central

                                  The active login time at Sophos Central Portal is very short and it's not adjustable so you constantly need to login again.

                                  61 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Deleted Computers List / Re-Add Deleted Computer option

                                    Currently if a PC is accidentally deleted from the console then Sophos must be re-installed.

                                    This is very time consuming as Tamper Protection must be disabled by booting into Safe mode, and then un-installing all of the Sophos services before re-installing again.

                                    If it was moved to a deleted computers list with the option of undeleting it, this would save hours and hours of work.

                                    9 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Tamper Protection prompt when deleting endpoint for Central

                                      When removing devices from the Central dashboard, there should be a prompt to warn users about turning off Tamper Protection if it's enabled. This will stop users from having to bypass Tamper Protection via the registry.

                                      7 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Customisation of reporting sensitivity - don't email low priority issues

                                        currently we are bombarded by irrelevant warnings telling us that devices are out of date... but they're turned off. Other systems allow us to tune when we get alerts, threshholds etc. currently it's unusable for us as an MSP because every 5 minutes we're getting a notification that doesn't need attention.

                                        42 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Sophos Central Device Control Policy

                                          Device Control Policy: add a input field for excluded devices for comments or description like in the on-premise SEC.
                                          This enhances usability and makes it easier to recap why devices have been exempted. Often this filed is used to add ticket IDs or similar .

                                          19 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 9 10
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.