Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. uninstall and reinstall option

    for troubleshooting can be very useful uninstall or reinstall endpoint on multiple client remotely from management interface

    62 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Clear the local endpoint's quarantine.xml from the SEC server

    1. Please provide a way to clear the local Sophos quarantine through a managed Sophos update site for endpoints.
    1. Using this solution a customer can change the update policy within the managed console to the update site which would clear quarantine.
    2. Once quarantine is cleared the Sophos console would show it is cleared. (This is because clearing quarantine locally does report this status to the console.)
    3. Then the computers update path could be moved to another update location that does not clear the Sophos quarantine.
    4. Providing managed customers with a way to clear up the issues…

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  3. SEC import/export policies

    Allow export/import of all policies in Sophos Enterprise Console

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Restriction to Discover Computers

    Problem:
    We are using Sophos in a multivendor environment which contains over 200,000 clients. The "Discover Computers" button is available for every Sophos admin, because there is no option to restrict this feature. Regularly somebody who is looking for a client presses the discover computer button. Now every network device which is reachable will be imported into the Sophos Enterprise Console and listed as an "unmanaged device". If we don't restart the SEC, sometimes more than 200,000 “unknown devices” are listed in the default "unassigned" group. We can delete these clients but they will remain in the Sophos database until…

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Re-implementation of “Per process” exclusions for Anti-Virus scanning in Server 2012

    Sophos Product Information
    Sophos Product: Sophos Endpoint Protection (antivirus client)
    Version in Production: 10.3

    Feature Request Summary
    Re-implementation of “Per process” exclusions for Anti-Virus scanning.

    It appears that this hidden function of the endpoint client no longer operates in Windows 2012 (see the support case that gave rise to this request #5147863).

    It would in fact be useful to formalise and document the functionality, as well as provide easier access to it.

    How will this new feature address your business requirements?:

    We would use this feature to avoid impact on backup speed where on-Read scanning is enabled on systems.

    On-read…

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  6. https AutoUpdate

    In order to add extra security to our company’s Sophos Endpoint (Anti Virus) Update proceedings I was going to change Primary update source to URL like described in the following link.

    https://www.sophos.com/en-us/support/knowledgebase/38238.aspx

    Nevertheless according to these two posts from Forum it seems not to be possible to call Update URL using HTTPS

    https://community.sophos.com/products/endpoint-security-control/f/16/t/4332
    https://community.sophos.com/products/endpoint-security-control/f/16/t/2630

    Sending Credentials / Password without encryption is no option for us at all.

    Thus it would be really helpful to have UpdateManagement working well with https.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remove self signed certificates and allow IT admins to install internal CA Cert

    We are a PCI shop and the self signed certificates that Sophos AntiVirus generates are a pain in the posterior. They show up as vulnerabilities using Nessus which requires us justifying the risk to our clients. This seems rather unnecessary to me as most PCI shops have their own CAs in-house. If Sophos would give us the capability of importing our own certificates, life would be much better!

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Native support for Syslog

    The Sophos Enterprise Console needs the native capability to generate Syslog messages in response to system events and security incidents.

    Many IT organizations rely on Syslog in order to transmit event messages to other applications for further processing such as: Centralized log storage, Forensic log analysis, IT help desk, Incident Response, Audit, etc.

    When integrating Syslog events with a SIEM or Log Management tool, the tool receiving the events usually needs to normalize the data into their expected format. When creating a Syslog capability, it would be helpful if all of the events IDs were documented so that customers could…

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Disable Tamper Protection through Command Line

    Hi,

    Somethimes, managing 1000+ or even 5000+ machine its difficult, even more if we don't have built-in features in the console to remediate/uninstall corrupt/broken installations.

    But, the main problem is not that. The problem is that we CANNOT disable Tamper Protection remotely to reinstall/remove Sophos AV, in the following cases:

    1) Console was erased/failed and there's no cert/db/registry backup (all Endpoint with Tamper enabled)
    2) Broken installations dont apply Tamper Policies (to disable it)
    3) Migrated console (don't have the old one).

    All this would be solved by having the chance to disable Tamper through Command Line. Example

    Case A:…

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  10. AD Sync For Deleted Machines

    I would be really nice to have AD sync to update when machines are deleted out of AD. As it stands right now, the AD administrator must inform the SEC administrator that machines have been deleted.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  11. active directory Group

    Active Directory synchronisation is very limited, particularly in large environments. Proper Active Directory integration should include the ability to filter policies to specific Active Directory groups and even Active Directory sites (for update servers). Take the following example, based on my environment, here is the OU structure:
    - Laptops
    ----- Finance
    ----- Agriculture
    ----- Education
    - Workstations
    ----- Finance
    ----- Agriculture
    ----- Education

    If we sync this with Sophos we lose the ability to give individual groups within each area different policies. So for example IT users in Agriculture need a different Device Control policy, so now we need an…

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Improve Wildcard Criteria

    Improve the Wildcard criteria for File Exclusions, inline with MS KB article KB822158.

    So that *.* or say Edb*.log can be excluded rather than having to open up the entire folder or a blanket exclusion on all files with the extension.log etc

    Thereby improving granularity and allowing exclusions to be very specific to named O/s files.

    Examples being:

    FileIDTable_*

    Ntfrs*.*

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Microsoft Exclusion Templates (e.g. SQL, Exchange, AD,...) 3rd Party Backup

    I would really like the option to enable exclusions based on Microsoft Recommendations. Once a year I manually go through the published recommended exclusions for Microsoft and other software (e.g. backup) and ensure I have those in my exclusions. It would be great (and save me a lot of time) if I had the option to check which exclusions I wanted.
    This seems to already be partially implemented in Sophos Cloud Server.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  14. SEC Exploit Prevention E-Mail Notification

    Actual there is no way to be alerted by a Exploit Prevetion Event like the E-Mail Notifications in the AV & HIPS Module. Many of our customers are horrified why that standard function is not implemented!

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Separate Policy for Alerting

    When working in large environments with several sub-estates it would very useful having a separate policy for the alerting via E-Mail or SNMP

    Typically components of the AV+HIPS policy (e.g. Exclusions) can be reused in the sub-estates but in scenarios where have to alert different groups of administrators it would improve the usability when we could provide a separate alerting policies.

    So we would have a much smaller count of AV+HIPS policies and only one alerting policy per sub-estate.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  16. SEC endpoint computer health check

    Feature to allow an admin to check if a computer is online and its current status directly from the console

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Exclude Process in on-access-scans in Enterprise Console

    Under Antivirus and HIPS, On-Access-Scans its not possible to exclude processes. The Client configuration allowed that.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Sophos Tamper Protection - Possibility to deactivate on single client

    In the actually Version of Sophos, it is not possible to uninstall spüjps because of active tamper protection. Earlier you could stop sophos Services and uninstall/reinstall product. But we have active Directory Synchronisation active, and i couldn't deactivate tamper protection for 1 Client, because this Computer is in synchronised Folder. I could also not move this Client to another Folder, because of active Synchronisation. Another solution is to restart Client in save mode, Change registry keys and restart Client to uninstall sophos, but this is very unfriendly. Or move Computer in active Directory but normal Support user have no rights…

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Alert email

    Client wants that as an administrator, they are receiving the Alert email for Out -of-Date Computers Or with other Alerts setting email but this email doesn't contain the list of related endpoints and their description, which Admin wants to quickly look from the email rather than go and jump to console.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Createa an exclusion template for Microsoft recommended exclusions for AD

    Microsoft has a set of exclusions that it recommends for AD. As a starting point from which users could add/remove further exclusions, how about a template of exclusions to import into Sophos for Domain Controllers.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 8 9
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.