Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Offline Installation

    It would be nice for Sophos to have an offline installation. A number of remote sites in my case have very poor internet connectivity and having the installation files download during the installation process is tedious and unsuccessful in some cases.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Website/IP exclusions for Linux

    Allow us to add exclusions, especially to MTD, for websites/IP addresses in Linux. We have VMs in a cloud environment that are constantly talking to a monitoring host. Without those exclusions CPU usage is really high.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  3. File Integrity Monitoring on Linux Server Protection

    Enterprises need File Integrity Monitoring on their Linux system files. This is a requirement for all systems requiring Continuous Monitoring (NIKST 800-137) which are all defense contractors, Government contractors, government agencies, and soon, all HIPAA covered entities.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  4. Sophos for Virtual Environments - Show GVM Count on Servers Page in Sophos Central

    I am aware that the number of GVMs protected by any one SVM is visible from the SVM Summary page in Sophos Central, but is there any chance the UI can be updated to show this on the main Servers list to save having to keep going in and out of each SVM to see the count against each?

    Basically an additional column on the Servers page in Sophos Central to show the amount of GVMs protected by each SVM

    Thanks

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
    Under Review  ·  Mark Toshack responded

    Hello

    Thank you for your suggestion I have logged this case with the relevant team to triage when it comes to the next available maintenance stream.

  5. Sophos for Virtual Environments - Load Balancing Capability

    Sophos for Virtual Environments v1.2.0 introduced GVM Migration functionality providing High Availability/Fail-Over. This is great, but I am seeing an issue where the GVMs aren't distributed nicely across the SVMs I have created.

    I have setup 19 SVMs and included all IPs in the additional_svms.txt on each. What I have found when using a gold image to deploy the GVM Agent to multiple virtual pools is that one SVM is favored above all others (600+ on one SVM)

    This results in performance issues... these are evident when running loadavg and nproc commands.

    So my request is, can SVE be updated…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  6. linux move infected to quarantine

    Instead of locking access to infected file, an option to move to quarantine would be beneficial for real-time scanning of some 3rd party product queue directories

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sophos for Virtual Environment - message by malware

    If malware is detected on the guest VM, the user get a only a message, that the operation is not possible ("you can't write to ..." or "you neet rights to ..."). I would prefer a message that point the user to malware for instance "sophos protection has denied access because detection ...."

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  8. Make mkinstpkg support HTTPS locations

    When preparing a Linux installation package on SAV for Linux 9.12.3, attempting to specify an update URL in the form "https://server.example.com/sophos" results in the message "The update source address must be a website or an absolute directory path." Keeping the same URL but removing the S, i.e. "http://server.example.com/sophos" works as expected.

    Please enhance the tool to allow HTTPS locations so authentication passwords aren't sent in the clear.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  9. Exclusion rules should allow folder wildcards

    ClamAV on a Linux Server uses /var/tmp/*.tmp/*.tmp to store email contents while scanning them, and the number of alerts from dubious contents can be high. As the *.tmp names are randomly generated, but start with ClamAV-*, it would be nice to exclude them and let ClamAV do it's work, then check the contents of the emails when they land in their final destination instead.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  10. Only high alerts by mail

    Good morning

    Is it possible to receive only to high alerts by email?
    And the rest of the alerts in the portal

    Thanks and regards
    Titus Davidheimann Beek

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  11. Show alert date in Sophos Enterprise Console

    In the table list containing "computers with alerts" there is no column showing the date and time of occurence. This should be shown directly in the table, not only in the host / alert details.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  12. need to disable pop-ups for application control ,device,antivirus,web control from sophos endpoint cloud console

    we need to disable the pop-ups which we receive on endpoint system for antivirus,device,application,web control from sophos oncloud console , so request you to kindly do the needful.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. Alerts in Sophos Central should group together

    Alerts in Sophos Central should group together like they did in the Dashboard in the old Sophos Cloud UI. I can view the alerts in the Reports, but I cannot action them from there.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  14. scheduled scan: implement quoting in exclusion definitions

    One of the options we would like to see is that the exclusions specified with the exclude keyword can include quotes like "\ " to specify a space in a path / file specification. Currently, we have to workaround by putting asterisks at those character positions.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  15. allow grouping of devices.

    It would be great to be able to group devices by site, dept or location. instead of having one big list of devices and trolling through to find specific ones, to be able to group the devices would be very user friendly.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  16. scheduled scan: option to abort a running scheduled scan

    scheduled scans are still quite limited, as we can see here: https://www.sophos.com/en-us/support/knowledgebase/117346.aspx

    One of the options we would like to see is being able to abort a running scheduled scan.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  17. scheduled scan: control priority / niceness of jobs

    scheduled scans are still quite limited, as we can see here: https://www.sophos.com/en-us/support/knowledgebase/117346.aspx

    One of the options we would like to see is being able to give the scheduled scan some reduced system priority / i.e. niceness, to limit the performance impact of scans: scheduled scans normally need not run at high priorities.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  3 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  18. scheduled scan: implement controlling Default extensions

    scheduled scans are still quite limited, as we can see here: https://www.sophos.com/en-us/support/knowledgebase/117346.aspx

    One of the options we would like to see is that we would like to control the list of Default extensions that is implicitely active: there is only a parameter called "excludeExtension"

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  19. Configure Alerting Thresholds in Cloud Console

    Allow administrator to configure thresholds for alerts in cloud console. Currently I receive many alerts for non-actionable items such as when a machine reports "Real-time protection has been disabled on a computer." Even though the computer is protected, a shut down or update causes this alert and a few moments later, the protection is OK. I need to be able to adjust this trigger threshold and the same on other items such as out-of date machines, missing updates, PUA detected, etc.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  20. centrally manage quarantine

    Allow actions of device quarantine from cloud console. Currently I have users with PUA in quarantine. I cannot perform any action from console. Each machine has to be touched

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.