Endpoint Protection
Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data
-
a
this is testing
1 vote -
ARM Processor Support
With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.
277 votes -
Improve FIM Event Logging
If the File Integrity Monitoring (FIM) logs aren't going to be centralized in the administrative console, enhance the existing endpoint FIM logging to the Windows Event Viewer by populating the FIM event details (file name, location, action) in the General tab of the event (instead of only in the Details view). Also, create useful Event IDs, Event Sources, and Task Categories to allow for filtering locally and advanced parsing by SIEM solutions.
4 votes -
Customizable Central Admin Dashboard
Adding a customizable dashboard to Sophos Central Admin would give administrators the option add the widgets that they need for their daily work routine on the first page that they see when logging in. Beside the already available widgets (customizable) additions from the report section would be nice. A Reset to Default functionality should also be provided.
20 votes -
SOPHOS Feature Request
Good Day,
Is it possible that a feature gets added to the update management policy where you can also add & send a message to the user.
Best Regards
5 votes -
Perhipal control SSID management
Many of user can bypass company firewall via personal hotspot of GSM operator. If we can manage SSID and we may define whitelisted SSID will prevent that issue.
Could you please add SSID management under perhipal/device control as a new feature.8 votes -
Isolation UX enhancement
The current design of isolation UI for Windows is to pop up an alert on the notification area, which I assume Sophos utilizes Windows feature, then disappears after a short while. End users who missed this popup will be isolated from the network not knowing why it is happening. Isolation can be initiated by sysadmin in the EDR feature, but can happen unexpectedly if auto-isolation is enabled and an endpoint fails in red status. This unwanted event is occasionally observed mainly due to one of Sophos service failure - Central Device Encryption is the most observed. If the isolation message…
16 votes -
web control
Can you please create the same list of applications list so we will be able to block some websites like :
- Online storage
15 votes -
Reports
Report Regarding: Can you Add more column to the reports
EXP: IP Address, Operating System, and mac address
2 votes -
Implement passive forced Client-restart
We noticed that Sophos Endpoint Protection lacks the function of automatic monitoring of the restart status of clients, combined with a configurable automatic forced restart request on the user's client. The only way as a company to trigger this through Sophos Endpoint is actually via Live Response (Beta), but not automatically and by active monitoring beforehand.
The problem we are observing is that serious security gaps arise in companies because employees do not regularly restart clients and thus the rollout of security updates is delayed (e.g. Windows updates). By implementing a monitoring of the restart status of clients, this circumstance…
2 votes -
Reports
Please add one more New Feature to the custom report like IP Address, hostname, and mac ID
2 votes -
"Scan file with sophos AV" context menu function vs. sophos central exclusion list
We had a strange behavior of Sophos Endpoint Protection which should be solved by changing the behavior of the "Scan with Sophos AV" option in the context menu of windows.
What happened:
A user had an infected word file stored on his desktop. When using the context menu function "scan file with Sophos AV" it doesn't find anything wrong or suspicious.
This was weird because according to Virus Total this file contained Malware which was also detected by Sophos endpoint protection.
When checking the exclusion list on Sophos Central we found an exclusion for C:\users*. This seems to prevent the…6 votes -
DLP: Needs macOS support
It is 2020 and macOS is a common workplace device. We require the ability to prevent file transfers containing PHI and other protective information, as well as create custom rules. This needs to be revisited
11 votes -
Sophos Central: Generate report (current version of Sophos Component) for all endpoint
Generate report from Sophos Central console to get the current version of every endpoint for Sophos components (CoreAgent, Endpoint Advanced & Sophos Intercept X)
1 vote -
SVE - Enable retargetting of Guest Agent
It would be great to be able to instruct a SVE Guest Agent to query a provided IP address and reinitiate its obtaining a list of SVE Appliances (i.e. the list for Guest Migration).
I want to use the same VDI golden image in two server rooms but have a way to re-point the local Agent install to an IP I give it (of a SVE Appliance on a host in the same room) at VM startup. My script would look at the network ID and then pass the Guest Agent an IP it knows is appropriate.
I don't want…
1 vote -
Sophos Endpoint - Device Isolation: Adaptive sensitivity
We are observing that some of our clients go into isolation while or shortly after an update to the Sophos Endpoint client components has been processed.
Support was unable to assist and my best guess is that the mechanism that decides when to isolate a given client is too sensitive - services can take longer than expected to come up on computers with slower hardware or high CPU load during the procedure.
Therefore I'm suggesting to make the self-protection mechanism more lenient during updates and high CPU/IO load scenarios.1 vote -
how about fixing the endpoint protection - website management as it is terrible
this not an idea but I am told by support that I need to raise my issue here where you will, in their exact words, "look into it directly"
the website management section of endpoint protection is rubbish, the list is not sorted at all, there are no filters, no searches and most of the time the entry you are looking for does not appear in the list. This needs fixing !!!1 vote -
DATA LOSS PREVENTION MAC OS
For every Sophos customer, please vote to have the Data Loss Prevention feature for Mac OS. We are a majority mac-house. I am sure there are tons of companies that have Macs in their ecosystem -
Thank you Sophos for valuing your customer's suggestions.
11 votes -
Allow proactive certificate/MD5 safe-listing instead of reactive safe-listing
Currently there is not a way to safe-list files based on certificate or MD5 hash unless Sophos has detected it in the environment and blocked it.
We should be able to upload certificates or files to the Sophos cloud and tell it to make sure not to quarantine those.
This would make things like deployments smoother as well as clients migrating from other solutions where they have already gone through safe-listing exercises smoother.1 vote -
Peripheral Control - Exemption Description
We have many exemptions in the Peripheral Control Policy. It would be nice to be able to add a description as to why the exemption was made.
1 vote
- Don't see your idea?