Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. File type filter for removable storage devices

    We want to allow read only access on floppy and optical drives, (secure) removable storage and MTP/PTP devices but restrict it to certain file types. For example: documents (PDF, DOCX, XLSX ...) and image files (JPG, PNG ...) are allowed but opening/copying executable files (EXE, MSI ...) and script files (CMD, BAT, PS1 etc.) are blocked.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. Bletooth blocking on MacOS

    Please enable Bluetooth blocking on MacOS via Peripheral control policy.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add option to transfer Mail Queue to another appliance in the Cluster in the Email Appliance

    We would like to have a button under Mail queue search where we would be able to re-send the emails but also to transfer these emails to another appliance from the Cluster in case one of the appliance is blacklisted or for load balance.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. Peripheral Control.

    Hello we want to use Peripheral Control.
    Unfortunately it takes a long time until the directive is enforced on the devices.
    It would be better if the policy is enforced when the user logs in. Policy for the user is retrieved. Additionally you should be able to push the policy from Central. This would have the advantage that administrators, for example, if they connect a USB stick, do not have to wait more than 30 minutes until they can do something.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. Group per policy

    Hi

    I want to be able to apply an allowed group to users for specifically DVD drives and Mobile devices.

    I have ended up creating 3 separate policies because you can only assign 1 group to a user.

    Can you not make it a feature so if we want to create a dvd allow policy we can just add dvd to the policy for that group without having to block everything else?

    thanks

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Device Control - Can define which USB Devices

    Central Endpoint: Can define which USB ID as full ID name because currently show same model and Vendor, can't define which USB when client detected

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Recognize Bitlocker Encryption in Peripheral Control

    I would like to be able allow and/or add device exceptions based on whether the removable storage device is encrypted with Bitlocker. These should be considered by Sophos as "Secure removable storage".

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. add feature to restart endpoint force

    add feature to restart endpoint force like other vendors

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Peripheral Control Policy in Sophos Central

    When the Peripheral Control Policy is set to Control access by peripheral type and add exemptions, categories for devices that are set to Allowed should continue to log as events for those computers to know what is still being connected to them, just like it did when Monitor but do not block (all peripherals will be allowed) was defined. When the policy is set to Control, it only logs events for blocked devices which isn't helpful to audit what else might be getting connected to the computer that is being allowed and may want to be blocked after review.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. wireless

    Sophos is still does not disable bridging i.e. disabling the Wifi NIC when the LAN NIC is plugged in and the opposite - enabling Wifi when the NIC cable is removed.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Combine different USB device control exeption lists (policy) / Export-Import

    We need the option to combine the exceptions from two oder more different USB device exception lists (Policy).

    Or simply export the exception list of a policy and import (add) the list to another policy.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Sizable Device Control exception Windows

    Make the Device Control "Add Peripheral Exemptions" window sizable to see the ID, username and other valubles in full length. Its really hard to compare a ID with a mouse over.

    Also add filters or search fields to search for a MODEL or ID or a specific username.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. USB Device file lock

    Ability to block certain file types running from a USB device like .bat or .exe files.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. 3rd Party Application installation and Patch Management. Location awareness with device and web policy

    This is a mandatory requirement that has come up for us consider 4000 nodes of our endpoints switching from Kaspersky. The present end point provides us a facility create automatic update task for all Microsoft and 3rd party updates which are critical or approved by administrator so that we can fix vulnerabilities. Also we can deploy 3rd party software using same to client machines.
    Also it also has a feature to enable multiple policies like "In Office Policy", "Out of Office Policy", etc so that we can have multiple web and device control policies which are critical to our business.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. [Device Control] - possibility to block usb-to-ethernet adapter

    Currently you cannot block usb-to-ethernet adapter.
    There are several usb-key attack-scenarios which use the ethernet emulation to sniff ntlm-hashes from a windows PC. Is there also a possibiliry to an option to block media devices like usb keyboards, usb mouse and/or cameras? Or an option to create your own device classes.

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow USB Device by ID AND per User

    Central Endpoint: Is it possible to add a "layout" to except USB Devices by ID combined with a Person? So the Basic Policy could block any USB Device and Exceptions are made by Person instead of a Policy which allows the Device for many Computers or Users. So the exceptions is one by one (Device ID & User).

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Block Mobile Hotspot on Win 10

    Sophos Can block Wireless, But cannot block Mobile Hotspot running on WIN 10. This is a great feature to have.

    Thanks!

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. Enable Fast user switching on Safeguard

    Enable Fast user switching on Safeguard, so that administrator users can access the computer without closing the current user's session

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Disable Sophos automatically resetting windows security settings (e.g. UAC)

    Disable Sophos automatically resetting windows security settings (e.g. UAC)

    This is causing an issue whereby when Sophos identifies a problem, it resets windows security settings and turns UAC back on. The environment requires UAC be turned off.

    You can currently turn this off via per-pc registry key, see:
    https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/90238/window-security-options-being-reset-during-remediation

    This would be ideally managable from the enterprise console

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.