Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sophos Health Monitor Registry Values explained

    Please provide details on the registry values under:
    HKEYLOCALMACHINE\SOFTWARE\Sophos\Health\Status
    and the 64 bit equivalent.
    This looks like it would be very useful for us to create a Sophos endpoint monitor in our RMM platform - however there appears to be no documentation around the meaning of the values and support have been unable to provide the information.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  2. Sophos Central allows us to create a policy that blocks the use of all web browsers. What we would prefer is to block all Intenet access.

    Sophos Central allows us to create a policy that blocks the use of all web browsers. What we would prefer is to block all Intenet access without having to purchase an additional module that has this capability.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. AMSI Not working with .Net framework 4.8

    AMSI integration Not working with .Net framework 4.8

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  4. Secure LDAP binding

    With Microsoft forcing LDAP binding on SSL (Port 636) in second half of 2020 (https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023#ID0EUGAC) Sophos Enterprise Console needs support for it. According to Sophos devs the current SEC does not support LDAPS.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  5. MTP/PTP separate webcam and mobile control

    On Device Control MTP/PTP devices, we should able to block only mobile devices but not the camera devices. these devices should be separated.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Able to download quarantined files from central

    If there are detection on the endpoints, the file that is moved to the quarantine must be able to download from the central console.
    This can be used as part of EDR incident investigation to be able for the administrator to investigate the detected file and we can also submit the file to SophosLabs for them to create IDE.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  7. Individual (or client) Policy Exceptions

    I would like some functionality added to Sophos Central to accommodate for the need to exempt a specific application on a single server without creating the need for an endless and complicated web of policies as additional application exemption needs are identified.

    An example:

    The company has all servers "enrolled" in the Default Application Control policy. Server A requires all of the same rules as the Default policy but needs PuTTY allowed. No other servers can have PuTTY installed per a strict security policy. To accommodate this need, we, at present, must create Default Application Controls policy clone (w/PuTTY allowed).

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Current feature does not allow the peripherals to be blocked system wise without blocking the peripherals and then whitelisting it.

    It will be of great help if we can have the feature of disabling and allowing of USB drives system wise. Fo example if I need to block a specific USB drive to a specific system only, its not possible without blanket blocking the USB access and then allowing it as exceptions. By this you have to change the statud quo of other systems. This will lead to operational issues one has block all USB access and then allow one by one. So everytime the user has to get IT to allow if the USB device is a fresh one.…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Bletooth blocking on MacOS

    Please enable Bluetooth blocking on MacOS via Peripheral control policy.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. DLP: create a rule using a new extension

    We would like to create a dlp rule using a new extension to block or allow, but in this moment we can select only from a Sophos List. It's not possible to add or import new extension.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Stop Scan Option

    Scan Now option is there but Stop Scan is not. it should be there it's basic feature of Endpoint

    Out many clients are asking for that feature.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  12. Internet Destination File Copy

    Add a way to tell if an 'Internet Destination File Copy' was an upload or a download. Currently you can not tell if a user uploaded a file or downloaded or file. You can see where files go to a users 'Download' folder on Windows but this is not a reliable enough way to determine this.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  13. computer groups

    allow AD sync to import Computer Groups
    This would make policies based on Computer Group membership much more useful and easier to maintain in an enterprise environment.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  14. Generate a report of all peripheral exemptions that have been made.

    Generate a report of all peripheral exemptions that have been made.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sophos Enterprise Console Cloud Primary Update location

    In a highly secure environment, servers in the DMZ are not allowed access to the internal servers (including Sophos management). This hinders the updates, since the primary update server must be configured to the internal management server, and only the secondary server can be configured to update from the Sophos cloud servers directly. In turn, this generates false alerts that download of updates failed due to update server not being reachable.

    My idea is to allows Sophos cloud to be the primary update server for these cases.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
  16. File type filter for removable storage devices

    We want to allow read only access on floppy and optical drives, (secure) removable storage and MTP/PTP devices but restrict it to certain file types. For example: documents (PDF, DOCX, XLSX ...) and image files (JPG, PNG ...) are allowed but opening/copying executable files (EXE, MSI ...) and script files (CMD, BAT, PS1 etc.) are blocked.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Better handling of alerts when a firewall blocks an application

    Currently (7/1/20) in Sophos Central endpoints of ours with certain VPN software also installed will show events that a firewall has blocked application (fill in the blank). There's a couple of things I'd like to see improved. In our case this is normal for our VPN software to do this. These events along with other AV events can make it seem like something worse is happening at the endpoint, and can be misleading.

    -What was the firewall or application that was seen blocking another application? Can the event also contain this information?
    -Ability to ignore or make an exception for…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Data Control: Add Remote Control Applications on Destination Application List

    We would like to Monitor/Block File transfers on specific remote applications like Zoom, Webex, Teamviewer, AnyDesk and alike using the Data Control Policy on SEC. On the current feature, only Skype is listed under the VOIP Application and no other options for Remote Applications.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  19. Vulnerable Software Report

    The Application Control feature allows for blocking of vulnerable versions of browsers, acrobat, etc. There should a reporting feature that will show all current vulnerable versions of popular software based on what version is installed and compared to the CVE Mitre index.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Patch Assessment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Endpoint Monitor Only Mode

    Allow for deployment of the Sophos Endpoint Control in a monitor only mode. This mode should enable all features of Sophos Endpoint Control but only log and not block anything. This would be extremely helpful when protecting endpoints with custom configurations and hardware. The current method of "try and change" where you deploy then constantly tweak and change settings to get the device/software to work is far too time consuming. Having a monitor only mode would allow the device to work while reporting issues/non-compliance which then we can create policies and apply, while still in monitor mode, to determine if…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.