Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. a

    this is testing

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  APT/zero day detection  ·  Flag idea as inappropriate…  ·  Admin →
  2. wildcard exclusions for exploit mitigation

    The idea is to use wildcards or folder base exclusion to prevent subprocesses from Hitman monitoring. For example if "make" starts many of gcc tasks or any other part of the toolchain. It would be nice to exclude the hole toolchain.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  3. Global Exclusions listed in SNTPService.log and Policy.xml

    Hello,

    When troubleshooting one of our endpoints I checked SNTPService.log and found out, that all global exclusions configured in Sophos Central appear in this log file.

    Log location:
    C:\ProgramData\Sophos\Sophos Network Threat Protection\Logs\sntpservice.log

    Additionally to the log file, these exclusions are also listed in the following config XML file:
    C:\ProgramData\Sophos\Sophos Network Threat Protection\Config\policy.xml

    To read these log and config files, no admin permissions are needed!
    So, if a client got compromised, an attacker just has to check these files to find out which locations on the file system are not monitored by endpoint security and might shelter e.g. malware without triggering…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. About Endpoint/Server's Central Server status

    There is a information about Sophos Central dashboard page status.
    https://centralstatus.sophos.com/

    It is better to show Sophos Server/Endpoint's product server's status page like Central Dashboard does.
    Is it possible to add or create a page like this?

    So that customer can identify if their endpoint/server page has problem or not.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  5. ARM Processor Support

    With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.

    294 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  54 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Bulk Inactive computer removal

    We really need the ability to remove computers in bulk. Every time we recompose virtual machines it creates a new computer object and leaves behind a duplicate computer name.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Tamper Protection Report

    It would be very beneficial to be able to run a report on all devices that have tamper protection on/off.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  8. Implement passive forced Client-restart

    We noticed that Sophos Endpoint Protection lacks the function of automatic monitoring of the restart status of clients, combined with a configurable automatic forced restart request on the user's client. The only way as a company to trigger this through Sophos Endpoint is actually via Live Response (Beta), but not automatically and by active monitoring beforehand.

    The problem we are observing is that serious security gaps arise in companies because employees do not regularly restart clients and thus the rollout of security updates is delayed (e.g. Windows updates). By implementing a monitoring of the restart status of clients, this circumstance…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow Peripherial Reporting to be sorted by Date

    In the reporting section

    https://cloud.sophos.com/manage/reports/protection/peripherals/create/blocked

    Can the Date column be sortable (ascending/descending)

    Whilst it is possible to export to CSV and sort manually, this takes focus away from the product pane of glass and doesn't aid function

    If possible, it would be nice to be able to also "drill into" a blocked device and allow from this pane also.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Update Sophos to allow for SQL automatic exclusions for Windows Server 2019

    Update Sophos to allow for SQL automatic exclusions for Windows Server 2019
    All previous versions of Windows Server software allowed for automatic exclusions.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Windows Server  ·  Flag idea as inappropriate…  ·  Admin →
  11. Sophos Central: Generate report (current version of Sophos Component) for all endpoint

    Generate report from Sophos Central console to get the current version of every endpoint for Sophos components (CoreAgent, Endpoint Advanced & Sophos Intercept X)

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  12. Source IP Blocking

    Allow the endpoint system to monitor inbound ips / ports and allow policy base blocking based on malicious scanning for example nmap discovery.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. false notification on client computers

    The below message is popups on endpoint client computer, which is mislead to users about someone trying to accessing their computer even those user/system not trying to access, which is creating issue to IT department as well as put the question mark Sophos for wrong notification.

    Message pup up "Access request from computer computer name denied because it may be unsafe".
    I understood from support that this happen when if any system health is red. In that scenario, Sophos endpoint is going to take action in backend, not the end user.

    So, I recommend that this type of message should…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  14. Illegal Drugs Category Update

    With the recent legalization in places of marijuana/cannabis, can we separate sites marked as that from the Illegal Drug category for Web Control.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Malicious Network Traffic: Whitelist by IP or Subnet

    For organizations that have scanners looking for known vulnerabilities and unpatched systems, we need the ability to whitelist our scanners. Currently, Sophos only allows exclusions of an IP address combined with a port number.
    As such, when my scanner starts looking for the next threat and uses a new port, my users get blasted with a notification that they don't need to be concerned with.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malicious Traffic Detection (MTD)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Notifications for Required Restarts

    Hello,

    We would like our users to receive a visual notification when an update to Sophos Endpoint requires a restart of their computer. For example, a small pop-up in the bottom right-hand corner of the user's screen. We would like this notification to remain on-screen until the user performs the restart, or manually dismisses the notification. The reason being, we have many devices that go days or even weeks without being restarted after an update is installed, as the user is unaware that a restart is required.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include Serial numbers in our reports

    Add the Serial Number field to the device report and exported list. Usually the serial number is the only common denominator when running an audit.

    Right now my audit process is quite time consuming because I can't pull a device report with serial number.

    The Computer Report is quite useless without the serial numbers.

    It's kind of ridiculous that I can't create a custom report and pull the fields I require.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. Blocking Remote Support Application such as TeamViewer & Any desk

    Need to Block Remote Support Application such as TeamViewer & Any desk File Transfer ability to prevent Data Leakage via them.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Improve FIM Event Logging

    If the File Integrity Monitoring (FIM) logs aren't going to be centralized in the administrative console, enhance the existing endpoint FIM logging to the Windows Event Viewer by populating the FIM event details (file name, location, action) in the General tab of the event (instead of only in the Details view). Also, create useful Event IDs, Event Sources, and Task Categories to allow for filtering locally and advanced parsing by SIEM solutions.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. create

    We'd like the ability to confirm a medium/unhealthy status of a device and not have it populate within the dashboard. (IE: We have a spare laptop, we know that it is not online, but has Sophos installed)

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 67 68
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.