Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Anti Virus Schedule Weekly or Monthly

    Add an option to scan (besides daily at certain time) weekly of monthly. Some scans on large drives take a whole day and don't need to be scanned weekly but rather 2 weekly or monthly.

    95 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add option that forces full system scans after scheduled start is missed

    Hi,

    we've Sophos Endpoint Security and Control 10.3 running in a very large and distributed environment (3000+ machines). Not all of our computers do run at the time we configured a scheduled scan - as there are people that e.g. work only 4 days a week. Sophos AV currently don't care - so we've a lot of machines that does not meet our compliance requirements.

    Would it be possible to add an administrative option like 'Run task after scheduled start is missed'?

    BTW: Such an option even exists Windows Task Scheduler - so it cant be hard to create and…

    63 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  9 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  3. uninstall and reinstall option

    for troubleshooting can be very useful uninstall or reinstall endpoint on multiple client remotely from management interface

    59 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Block single peripheral, whilst allowing all by default

    In Sophos Central, you can block all peripherals by default - and then have an allow list

    You can't do it the opposite way round, where you allow all devices and just have a block list.

    When trying to create a Peripheral Exemption to Block a device, with the default being Allow, it says that "Exemptions cannot be stricter than global settings."

    This mean that for a particular customer, we have to Allow around 300 USB devices just to block a singular device which a user brought in with malicious content on.

    It would be good to just block a…

    55 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  5. USB drives scanning automatically.

    We need an option that allows USB drives to be automatically scanned upon insertion.

    50 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  6. May we set custom messages for the warning or blocking of file downloads as regulated in Web Control?

    May we set custom messages for the warning or blocking of file downloads as regulated in Web Control? I have a customer who would like to customize the message given with the warning for downloading PDF files. I know I can simply allow the file, but we would prefer to remain vigilant. The only way I can find to do this is through customizing a firewall's warning, but nothing within Sophos Central. Any ideas?

    The firewall article is here: https://community.sophos.com/kb/en-us/123361

    Original KB post here: https://community.sophos.com/products/sophos-cloud/f/sophos-central/91631/may-we-set-custom-messages-for-the-warning-or-blocking-of-file-downloads-as-regulated-in-web-control

    49 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Device Control - USB Devices

    Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

    Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

    47 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Application Control - Selective detect/block aplications on the same policy

    On the Application Control, allow, on the same policy, to block some applications while keeping others as detect only.

    36 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
    Under Review  ·  Karl responded

    We discussed this when developing the application control policy for Sophos Central managed endpoints. At the time we decided to maintain feature parity with on-premise managed endpoints (SEC). While this capability is not available it is on our short list but does not appear on any planned delivery timelines at the moment. We evaluate and prioritize enhancements for the product multiple times per year.

  9. Automatic external drive scanning option

    Hi Team,
    I am working in the resller company. Every customers are concerning about this automatic USB scanning feature (If we insert the pendrive, then it should scan automatically all the files (or) the wizard should ask for the scan.
    So this would be good, if we had this feature.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Malware prevention  ·  Flag idea as inappropriate…  ·  Admin →
  10. Clear the local endpoint's quarantine.xml from the SEC server

    1. Please provide a way to clear the local Sophos quarantine through a managed Sophos update site for endpoints.
    1. Using this solution a customer can change the update policy within the managed console to the update site which would clear quarantine.
    2. Once quarantine is cleared the Sophos console would show it is cleared. (This is because clearing quarantine locally does report this status to the console.)
    3. Then the computers update path could be moved to another update location that does not clear the Sophos quarantine.
    4. Providing managed customers with a way to clear up the issues…

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Offline Installation

    It would be nice for Sophos to have an offline installation. A number of remote sites in my case have very poor internet connectivity and having the installation files download during the installation process is tedious and unsuccessful in some cases.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Uninstaller

    When there is problem with Endpoint, and reinstall is needed, after uninstall, there is lot of registry keys, and files left on the system. On some cases, i have to grab 3rd party tool to remove registry keys. It would be really helpful for us (aspecially in large enviroments), to have complete uninstaller. Something, that get rid of everything, all files, all registry keys, so i can do clean installation.
    Thanks in advance for your feedback.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. SEC import/export policies

    Allow export/import of all policies in Sophos Enterprise Console

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Restriction to Discover Computers

    Problem:
    We are using Sophos in a multivendor environment which contains over 200,000 clients. The "Discover Computers" button is available for every Sophos admin, because there is no option to restrict this feature. Regularly somebody who is looking for a client presses the discover computer button. Now every network device which is reachable will be imported into the Sophos Enterprise Console and listed as an "unmanaged device". If we don't restart the SEC, sometimes more than 200,000 “unknown devices” are listed in the default "unassigned" group. We can delete these clients but they will remain in the Sophos database until…

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Configure Alerting Thresholds in Cloud Console

    Allow administrator to configure thresholds for alerts in cloud console. Currently I receive many alerts for non-actionable items such as when a machine reports "Real-time protection has been disabled on a computer." Even though the computer is protected, a shut down or update causes this alert and a few moments later, the protection is OK. I need to be able to adjust this trigger threshold and the same on other items such as out-of date machines, missing updates, PUA detected, etc.

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  16. centrally manage quarantine

    Allow actions of device quarantine from cloud console. Currently I have users with PUA in quarantine. I cannot perform any action from console. Each machine has to be touched

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  17. Re-implementation of “Per process” exclusions for Anti-Virus scanning in Server 2012

    Sophos Product Information
    Sophos Product: Sophos Endpoint Protection (antivirus client)
    Version in Production: 10.3

    Feature Request Summary
    Re-implementation of “Per process” exclusions for Anti-Virus scanning.

    It appears that this hidden function of the endpoint client no longer operates in Windows 2012 (see the support case that gave rise to this request #5147863).

    It would in fact be useful to formalise and document the functionality, as well as provide easier access to it.

    How will this new feature address your business requirements?:

    We would use this feature to avoid impact on backup speed where on-Read scanning is enabled on systems.

    On-read…

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Fix the Running malware in quarantine or cleanup failure indicator in Sophos Central

    We're constantly having hosts that have a status of red because Sophos is falsely reporting that "Running malware in quarantine or cleanup failure" Can we fix this or have an automated process to delete the events.db?

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  19. uninstalling endpoint protection windows

    Need a reliable procedure for uninstalling the endpoint agent, or ideally, a proper product uninstallation utility, which Support have told us does not exist.

    We need to be able to uninstall the endpoint agent completely in order to test suspected incompatibilities with some of our LOB software. Anyone also needs to be able to completely uninstall a product when they are trialling it and then decide not to proceed.

    The gui and cli-based procedure outlined in KB122126 is error-prone and often fails either completely or part-way. Removing then the remnants using MSFix individually does work but leaves behind several registry…

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. The method of managing SAU credential for Mac

    SAV for Mac AutoUpdate username/password are missing even creating disk imaged followed by KBA33050. Autoupdate credentials are stored in the Keychain. This keychain will automatically get dumped and reset if the serial number of the Mac changes. Many educational institution use Netboot to deploy SAV for Mac, they want SAV to keep the AutoUpdate credential information after deploying image to avoid actions in SEC, meaning put them into group and apply policy.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 53 54
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.