Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Offline Installation

    It would be nice for Sophos to have an offline installation. A number of remote sites in my case have very poor internet connectivity and having the installation files download during the installation process is tedious and unsuccessful in some cases.

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. File Integrity Monitoring on Linux Server Protection

    Enterprises need File Integrity Monitoring on their Linux system files. This is a requirement for all systems requiring Continuous Monitoring (NIKST 800-137) which are all defense contractors, Government contractors, government agencies, and soon, all HIPAA covered entities.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  3. Sophos for Virtual Environments - Load Balancing Capability

    Sophos for Virtual Environments v1.2.0 introduced GVM Migration functionality providing High Availability/Fail-Over. This is great, but I am seeing an issue where the GVMs aren't distributed nicely across the SVMs I have created.

    I have setup 19 SVMs and included all IPs in the additional_svms.txt on each. What I have found when using a gold image to deploy the GVM Agent to multiple virtual pools is that one SVM is favored above all others (600+ on one SVM)

    This results in performance issues... these are evident when running loadavg and nproc commands.

    So my request is, can SVE be updated…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  4. Exclusion rules should allow folder wildcards

    ClamAV on a Linux Server uses /var/tmp/*.tmp/*.tmp to store email contents while scanning them, and the number of alerts from dubious contents can be high. As the *.tmp names are randomly generated, but start with ClamAV-*, it would be nice to exclude them and let ClamAV do it's work, then check the contents of the emails when they land in their final destination instead.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  5. Configure Alerting Thresholds in Cloud Console

    Allow administrator to configure thresholds for alerts in cloud console. Currently I receive many alerts for non-actionable items such as when a machine reports "Real-time protection has been disabled on a computer." Even though the computer is protected, a shut down or update causes this alert and a few moments later, the protection is OK. I need to be able to adjust this trigger threshold and the same on other items such as out-of date machines, missing updates, PUA detected, etc.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  6. centrally manage quarantine

    Allow actions of device quarantine from cloud console. Currently I have users with PUA in quarantine. I cannot perform any action from console. Each machine has to be touched

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  7. uninstall and reinstall option

    for troubleshooting can be very useful uninstall or reinstall endpoint on multiple client remotely from management interface

    56 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  8. scheduled scan: control priority / niceness of jobs

    scheduled scans are still quite limited, as we can see here: https://www.sophos.com/en-us/support/knowledgebase/117346.aspx

    One of the options we would like to see is being able to give the scheduled scan some reduced system priority / i.e. niceness, to limit the performance impact of scans: scheduled scans normally need not run at high priorities.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  9. allow grouping of devices.

    It would be great to be able to group devices by site, dept or location. instead of having one big list of devices and trolling through to find specific ones, to be able to group the devices would be very user friendly.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  10. need to disable pop-ups for application control ,device,antivirus,web control from sophos endpoint cloud console

    we need to disable the pop-ups which we receive on endpoint system for antivirus,device,application,web control from sophos oncloud console , so request you to kindly do the needful.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  11. Create Limited Administrators

    We would like to be able to create limited Administrators. It would be very useful to give access to the Cloud Console to all our members, but limiting the user and devices that they can manage. And of course, not allowing them to modify global settings, such as the Base Policy. These limits could be configured at a "Group" level, for example.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →

    This is being investigated with the intent of implementing restricted admin roles as we work towards full Role Based Administration.

  12. scheduled scan: option to abort a running scheduled scan

    scheduled scans are still quite limited, as we can see here: https://www.sophos.com/en-us/support/knowledgebase/117346.aspx

    One of the options we would like to see is being able to abort a running scheduled scan.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add option that forces full system scans after scheduled start is missed

    Hi,

    we've Sophos Endpoint Security and Control 10.3 running in a very large and distributed environment (3000+ machines). Not all of our computers do run at the time we configured a scheduled scan - as there are people that e.g. work only 4 days a week. Sophos AV currently don't care - so we've a lot of machines that does not meet our compliance requirements.

    Would it be possible to add an administrative option like 'Run task after scheduled start is missed'?

    BTW: Such an option even exists Windows Task Scheduler - so it cant be hard to create and…

    63 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  9 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  14. Microsoft Exclusion Templates (e.g. SQL, Exchange, AD,...) 3rd Party Backup

    I would really like the option to enable exclusions based on Microsoft Recommendations. Once a year I manually go through the published recommended exclusions for Microsoft and other software (e.g. backup) and ensure I have those in my exclusions. It would be great (and save me a lot of time) if I had the option to check which exclusions I wanted.
    This seems to already be partially implemented in Sophos Cloud Server.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  15. PuremessageContent filter exceptions

    Currently in puremessage it is only possible to put a rule in for the recipient in the content filter however this isn't that useful for us.

    For example.....macro virus are making a comeback and therefore we want to restrict (or possibly just delete) any emails containing those attachments. however some genuine customers will send attachments with macros and we want to allow those users to get through the content filter.

    The only thing we can do without any program changes are to either allow macros and give users the choice to run or not (very bad idea) or block them…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Improve Wildcard Criteria

    Improve the Wildcard criteria for File Exclusions, inline with MS KB article KB822158.

    So that *.* or say Edb*.log can be excluded rather than having to open up the entire folder or a blanket exclusion on all files with the extension.log etc

    Thereby improving granularity and allowing exclusions to be very specific to named O/s files.

    Examples being:

    FileIDTable_*

    Ntfrs*.*

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  17. SAVDI reload on sav update

    Please notify a running savdi about the performed pattern update by the savupdate process.
    This is more a bug than a feature-request and should be implemented very easily, because the savdi daemon writes a pid-file and has already implemented a signal for this (kill -HUP <savdi pid>).
    The implementation could be done in a few lines of code...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  18. SEC import/export policies

    Allow export/import of all policies in Sophos Enterprise Console

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Mac OS X HTTP/2 support

    Add the ability to scan and filter HTTP/2 hosted web content

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Windows HTTP/2 support

    Add the ability to scan and filter HTTP/2 hosted web content

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.