Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Subnet/site based update cache detection

    The current mechanism which client devices use to detect their local cache server has been deemed 'not appropriate' for our organisation, which has one main HQ office, but several dozen smaller satellite offices around the country with low speed internet links.

    The concept of our 2000+ HQ PC's attempting to perform of http request to each satellite cache server will introduce high levels of excess bandwidth on an already stressed link.

    Could sophos consider the Microsoft AD sites/subnets mechanism where we can define our site office subnets, allowing a client to choose its cache server based on its own IP.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  2. Expand MODEL and ID field in Peripheral Control Exemptions to show full length Device ID & Model

    In the 'Add Peripheral Exemptions' section, there should be an ability to re-size and make bigger (both the actual window and also each column) to ensure that we can see the exact models that we will be allowing. We have multiple pieces of hardware that have very similar Model and ID numbers but some are allowed and some are blocked for certain groups, and currently because the columns are so narrow, it is difficult to determine which is which.

    27 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  3. Create an option to clear the Policy Violations Blocked Report detail

    Configure a way to acknowledge and or clear the Policy Violations Blocked Report detail, so that it no longer shows as a Violation.

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sophos Central SIEM integration - additional fields in logmessages

    We are working on integrating Sophos Central logging with our SIEM platform.
    Within a SIEM environment events are correlated based upon two important fields:
    - The username
    - The ip address of the workstation.

    In the current log message these two fields are not available.
    We currently get the workstation name but not its (internal or public) ip address.

    The full name of the user is present in the current log message but not the username and associated "AD domain".

    In order to be able to use the full potential of the SIEM integration we need these two fields to…

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  5. Restrict source IP for Administrator logins

    We need to be able to restrict the IPs that are allowed to log in to Central with administrator privileges. For example, we would only want our administrator accounts to be able to log in from our corporate network and not from anywhere outside. That way if the credentials became compromised they still couldn't be used by anyone outside of our corporate LAN. This combined with 2FA (which appears to be coming soon) would greatly improve the security of your product.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  6. I wish Sophos cloud would send notiication if one of the Sophos related services is not running.

    I wish Sophos would send notifications if one of the Sophos related services were not running on a particular endpoint. I'm using Sophos Cloud and in this example, a computer had been running for a few days without the Hitman Pro service ransomware protection running and I was not notified. The rest of the Sophos Endpoint services are running. Please advise. Why you don't have these alerts enabled and when I can expect to have this feature.? Thanks

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  7. Email Notification

    Please allow SuperAdmins email notifications regarding AntiVirus or Malware regardless of whether it has been cleaned or not. When you allow the infection to be cleaned automatically this does not alert the super admin user of the infection. Having to search within the client console is inefficient and a bit of a tedious task. Real Time email alerting is very useful in larger networks and allows us to manage our staff.

    This will allow IT Admins to monitor and identify trends of User behavior and provide non technical people with awareness of guidelines to avoid any infection.

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow Azure AD Sync for All Products in Sophos Central

    You have added Azure AD Sync for Sophos Email only, but this would be very helpful for all Sophos products.

    If I could sync Azure AD for use with Endpoint Protection, it would be a much better solution to get a user list.

    11 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  9. Sub-estate in Sophos Central (Cloud)

    Would like to have the feature to create sub-estates in the Sophos Central Cloud Console

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  10. Drill down / pivot in event or alert reports

    Alerts: Please add ability to click somewhere on the Alert line to drill down or pivot to the details of the alert. In the popup/window, for file related alerts like PUA, please provide the file name and path, hash, and date metadata.

    Events: In the reports like Web Stats, thanks for the ability to click from the Summary into a list of events. However, the list is still only a summary for that user/computer. Please allow further drill down/pivot such that when we click on a line/event, it actually shows the sites visited which would aid in categorization correction or…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  11. 3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  12. Report for SOC2 Showing Virus Definition

    I need a report in Sophos Central that shows the current virus definition level and antivirus version number for each client machine (server and workstation). This can be in two reports (workstation/server) or in a single report.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. status

    Include the status of the Sophos Central platform in the login to your instance of Sophos Central. Alternatively, when there is an outage affecting the region you are connecting to, throw up some type of notification upon login so that way you don't start trying to install endpoints only to have them fail.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  14. 12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  15. RCA

    Retention of Root Cause analysis for historical and investigatory purposes. Currently, all RCA instances are only available for 90 days. There is no way to export or save all the information, or the ability to say, Flag for future analysis

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  16. force scan

    We would love to have the ability to force a full scan on selected and all devices which currently is not available from the Sophos Central. We would also like the ability to force/push updates to selected and all devices. Having to select each device individually to perform this task is not favorable with a large deployment.

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  17. Control Updates Sophos Central

    Can we get some actual information on the control updates page? "Newest" and "Oldest" are terms that mean nothing to me or the rest of my team. The control updates page should give actual information on what version computers are currently on and what is available to update to. This feels like a half-baked feature at best.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  18. Can't change "The Sophos Central software on this computer has missed two updates." setting . This is overloading my ticket system

    Can't change "The Sophos Central software on this computer has missed two updates." setting . This is overloading my ticket system . If someone is offline it sends emails every 2 times it misses an update. compared to the amount of updates vs the amount of tickets overwhelming my helpdesk . Customers should have the right to adjust all alerting

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add back the boxes that indicates the number of High Medium and Low alerts.

    Add back the boxes that indicates the number of High Medium and Low alerts. Before 8/16/17 on the dash board you had the Alert Boxes the High Medium and Low. We liked this options felt that it gave a quick indications of what was going on.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  20. sys

    We would like Sophos Central to be able to "send" SysLog information to our SIEM from all of our sub-estates.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.