Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Control Retention Time/Size for logs stored on endpoints.

    It would be helpful to be able to specify the length of time or the maximum size of logs stored on endpoints, so that we can plan for storage requirements, rather than them growing indefinitely.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. restart required pop up on endpoint computers

    an option in on prem console to easily allow pops ups on the client endpoints if the system admin allows it needs to be implemented.

    As a 24 hours business there is very little downtime on some pcs so not having the latest protection running because a user or a team has not restarted the pc manually as they have not scheduled is as they dont ever know that there is one pending is ridiculous.

    Admins on the console should have a choice whether or not to deploy that option to their endpoints.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. Option to NOT show recovery key on Mac

    Option to NOT show recovery key on Mac. I don't like how it appears so clearly - what happens if my laptop is stolen?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Endpoint added in multiple groups for applying device based policies for update and protection

    Endpoint added in multiple groups, so in case will apply update management policy don't use caches for the endpoints, those are already a part of different group or groups for protection, web and application control policy.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Ability to cancel manual scan initiated on client.

    A simple feature provided by other leading vendors is the ability to cancel a long-running manual scan. This is a basic User Interface feature. The alternative is for the user to reboot which is very counterproductive. It could be controlled via a policy if that is not desired by all customers.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Sophos compatible with Airwhatch product

    Hello Team,

    I have a customer that have suggested that Sophos be compatible with Airwhatch .

    Any ideas if that can happened in the future?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow disabling the "No threats found" message

    Although I've disabled Desktop Messaging across the board in Sophos Central, endpoint users are still getting "No threats found" notifications.

    Sophos support has confirmed that there's no way to disable that message without editing the endpoint computer's registry to completely disable balloon notifications.

    Please add the ability to easily disable the "No threats found" message, as well as any other messages that aren't covered by Desktop Messaging.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. Sending out authenticated Emails from Endpoint

    Endpoints send email alerts only through email server which accept emails without authentication. Such an "open relay" is a "no go". Sophos claims to be an "Gartner Endpoint Leader" in todays newsletter...

    But what about the simple security things?

    Im waiting for that function now for more then 10 years!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. PureMessage Quarantine Web access: enable over HTTPS

    Please enable HTTPS web access to the PureMessage Quarantine store - this would enable us to allow access to it externally, very useful for people working remotely and using OWA and Exchange Mobile.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  10. Delay Endpoint "Updating Failed" Toast Notifications

    Current, if a endpoint managed device has not been used for a period of time, the next user who powers this one and logs in will get a notification stating that the "Updating has failed". At this point the software has / is in the process of downloading (or shortly will do) updates to the device as normal.

    This present increased admin and support overheads when users log tickets.

    Suggestion to have the ability to either disable this notification or have logic which enables this to be delayed in displaying to the end user until either a set time after…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  11. allow local and policy based exclusions to play nice

    Allow localized exclusions per machine/client to play nice with global policies from the management portal.
    Currently it appears that policy based exclusions prevent the ability to add additional exclusions at an agent or client level.
    It would be ideal to have the policy enforced when pushed out but still allow subordinate exclusions to be configured for end user networks and devices.

    For example:
    I have global policies that apply well to all clients but not all and as a result certain several clients have had to be purposefully removed from the policy target group. Having to reconfigure common exclusions for…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. New report type : USB allowed/blocked

    We are using the device control feature to block USB drives in most PCs and created sub-groups to allow certain PCs to have USB Access.
    Currently there is no reporting on how many computers have USB access allowed and how many have it denied, so kindly let us know about this feature

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. Intercept X - SDU Tool - Troubleshooting Files Excluded

    While working with Support we provided the SDU logs for investigation. Sophos Support came back and requested some additional files not captured as part of the SDU tool. Please add an option in the SDU to include these sources.

    To obtain these files we needed to disable Tamper Protection, and copy the files ourselves.

    From Sophos Support:
    To further progress, we will also require you to copy, zip, and upload the following directories to our FTP. The reason we require these folders is because they contain the snapshots of the event in a .tgz format which our SDU tool does…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  14. When Threat Case is not created revert to Pre-Intercept X behavior

    After upgrading to Intercept X with EDR in situations where are Threat Case is not created revert to the pre-Intercept X behavior of publishing the Detection Event as an Alert.

    "Note: Threat cases are only created for malicious detections; this does not include detections for PUAs, Application Control, Device Control, Web Control. Additionally if Sophos isn't able to automatically confirm a root cause, a Threat Case may not be generated."
    https://community.sophos.com/kb/en-us/125120

    We've gotten a number of malicious Events which haven't created corresponding Threat Cases for hosts assigned to the Intercept X with EDR policy. Sophos Support mentioned a Threat Case…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sophos Home Premium Authentication Required for Management Console

    Dear Support Team,

    I have observed that whenever you open the Sophos Home Premium agent on the Endpoint (client computer), it has a settings tab located on it. I have observed that by clicking this settings tab automatically takes you to the Sophos Home Premium Cloud Management Console, without even asking or prompting for the username or password on the website, which is quite insecure I would say.

    That way anyone using the home computer can change the policies and security settings. I want to enforce certain restriction on the Laptops used by the kids. Since the settings tab does…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. User-created policy can be disabled by settings, but remain enforced?

    In Sophos central, for some policy categories it is possible to set a user-created policy to enforced, but "disable" it from its settings.

    For example, suppose that in the Web Control section there is the base policy at the bottom and the user-created one above it. If the user-created policy is opened for editing, the very first setting is:
    Web Control: Enforce/Ignore the settings in this section of the policy

    This setting is different from the Enforce/Ignore policy on the far right tab. Hence, it may be the case that there is an "ignored" policy, which retains "enforced" status, thus…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. Uninstaller

    When there is problem with Endpoint, and reinstall is needed, after uninstall, there is lot of registry keys, and files left on the system. On some cases, i have to grab 3rd party tool to remove registry keys. It would be really helpful for us (aspecially in large enviroments), to have complete uninstaller. Something, that get rid of everything, all files, all registry keys, so i can do clean installation.
    Thanks in advance for your feedback.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. file type

    Sophos real-time does not provide protection against all archive formats.

    My testing showed that rar, tar, 7z files are not scanned. Ticket/Case opened and confirmed with support 8554747.

    Would like to see more control over what file types/archives are scanned

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add name of namedscan to reporting for the "Threat detected" email

    Add name of namedscan to reporting for the "Threat detected" email.

    It currently says:

    "A threat was detected during an on-demand scan. Details follow:" ...

    this suggestion is to add the name of the scan to the email. The reason is to allow the admin to respond to the alert my referring to the specific scan on the host with the discovered issue.

    in addition I would suggest the option for a scan run an no issues found but "X files scanned" and "Y errors occured" during the scan " $$ named scan name".

    0 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. new

    Even though folder exclusions recommended by Microsoft for Exchange Server 2016 are added to the Automatic exclusion list added to the servers, the recommended Exchange Server 2016 processes are not being added by Sophos Central. Would suggest to add those and the file extensions also.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.