Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Block Windows 10 Apps

    the current Mail App (Windows 1909) has no exe left to start So far it was blocked by SAC. Not anymore. So users can start it.
    ICh used Sophos to block the unnecessary Windows 10 apps. This no longer works.
    Sophos support asks for an exe - I (and no one else) can't provide it.
    Sophos has to adapt / develop here and continue to block these apps as well.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. Individual (or client) Policy Exceptions

    I would like some functionality added to Sophos Central to accommodate for the need to exempt a specific application on a single server without creating the need for an endless and complicated web of policies as additional application exemption needs are identified.

    An example:

    The company has all servers "enrolled" in the Default Application Control policy. Server A requires all of the same rules as the Default policy but needs PuTTY allowed. No other servers can have PuTTY installed per a strict security policy. To accommodate this need, we, at present, must create Default Application Controls policy clone (w/PuTTY allowed).

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. Crea

    Hi,

    Is there a possibility to add the ability to export the details of a specific policy into CSV, Excel and PDF? This would be helpful for incorporating the details into internal reports and internal discussion especially for a policy that has so much detail such as Application Control.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Application Control for Linux

    We have a large number of Linux endpoints and would love to be able to run Application Control on them. Currently we have to run a different product to achieve this goal and it comes with lots of performance and maintenance issues.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. Disabling Notifications Individually.

    Is there a way to disable blocked notifications for individual programs? There is one in particular that we don't want to whitelist or uninstall, but it keep popping up as it is a Windows default app. We would only want notifications for this app to be hidden and nothing else.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. , is there a way that we can manage the laptop screensaver lock out setting

    The ability to manage the laptop/desktop screensaver lock out setting?????

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Spectrum Roadrunner Email Settings

    Here i am to post some ideas that will help you in your Email. if you encountered a issue in Roadrunner Email then you just have to go Spectrum Roadrunner Email Settings and click this link for more details: https://www.roadrunneremail-login.com/blog/roadrunner-email-pop-server-settings/

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Set email alerts by group of computers

    Set email alerts by group of computers . So we can set who gets alerts for certain computers.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Force policy update

    A button to force policy update on Sophos Central endpoints would be nice.

    22 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Adjust the number of lines shown on the DEVICE listing page.

    In the hopes of speeding up response time from the console would it be possible to lower the number of machines listed when DEVICE is chosen from the OVERVIEW menu?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Application Control - Event Viewer

    Application Control - Event Viewer- provide to select particular component to set allow or deny policy.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Block creation, moving and deletion of *.EXE files

    Sophos Endpoint policies should allow the blocking of moving, creation and deletion of .exe files on the system (i.e. block a user copying an .exe file from C:\Program Files to their documents share). This is functionality that exists in Symantec Endpoint Protection and works very well in preventing the introduction of malware to an end user device/the network!

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Application Control

    Currently users must send a request to Sophos Labs to have a file blocked by Application Control. It would be good if users could create a custom block list to deploy across their environment - for example, block/alert on SHA256 hash, filename, regex, directory path, etc.

    Having the option to alert (not block) would be useful too, so use of applications that are required, but suspicious can be monitored.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. Application Control - Screen sketch (Windows Ink Workspace)

    Windows Update adds in Windows "Windows Ink Workspace" feature included by default in all Windows computers, Screen sketch allows you to capture screen, assuming a serious security hole.

    Add restriction for Screen sketch (Windows Ink Workspace) to
    Computer Policy / CONTROLLED APPLICATIONS / Screen capture tool

    Thanks!

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Schedule Disable tamper Protection.

    As you maybe know there are problems with IASO systemstate backups in combination with sophos antivirus.
    https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/95786/freeze-thaw-vss-failures-when-sophos-av-is-utilized/374472

    The workaround is

    1. Disable Tamper Protection on the affected servers
    
    2. Open Services.msc on each server
    3. Stop and Disable the Sophos Health service
    4. Reboot server and test backups

    At Sophos managed central its possible to tamper protection manually for a device.

    Is it possible to schedule the "disable Tamper Protection" at a certain time in Sophos managed central?

    Then we can add a pre backup job to the IASO backup systemstate backup job to disable the sophos healt services and…

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. Citrix - allow a user policy override for a Citrix Server

    When logging on to a PC, the PC policy is in effect. When the user logs on the User policy will override the PC policy and take precedence. This is useful for blocking all unnecessary applications, website and perhipherals.

    When logging on to a Citrix server the Citrix server polic is in effect. There is no possibility at present for a User policy to take precendence. At the moment, if you want to allow an application, it is allowed for all user on the same Citrix server (same for websites, perhipherals etc).

    It would be useful to have a user…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Microsoft Remote Desktop store app

    Please allow us to enable/disable Microsoft Remote Desktop from the Microsoft App store. For some reason it's being blocked even though I have all the RDP options unchecked in Application control. I submitted a ticket for this and another application and they said i need to submit a suggestion.

    How is it a suggestion when it doesn't work as designed?

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Application version control

    Additional options in Application Control, especially for browsers.

    Being able to block:

    Versions of Chrome < X (Chrome current version is 62)
    Versions of Firefox < X (Firefox current version is 57)

    Being able to block versions of Chrome < 59 and Firefox < 53 would be a great start in killing off legacy browsers with lots of vulnerabilities from being permitted to browse the Internet.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. Browser extention control

    Allow or block browser extensions/Addons based on a whitelist.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Block Grammarly

    Grammarly can be installed without admin rights into a user's profile, but requires an admin to... fail to remove it. I ended up torching the folder containing it, but it's left a mess on that PC. Since Grammarly is effectively a keylogger that sends to the cloud, it doesn't meet our security policies.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.