Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. complete file path

    I am on Mac and I have several events showing in Sophos Endpoint. One the file shown as being malware is shown with ... in the middle of the file name as the file name is too long to fit in window, I currently see no way to display the whole file path. The only way to get the information is to have one of our system admins send us the info. They are tired of providing this info when a tool should be able to provide this information. Is there some way I can get this information without asking…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add Hex Editors to Application Control List

    "Hex editors" can be used to embed data into files for data exfiltration. Therefore, common editors should be added to the Application Control list of applications.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. Virus email notification

    move virus email notification from the workstations to the SEC. Most workstations have smtp disabled for security so if a virus hits it admins are unaware until the nightly summary report. by moving it to the SEC admins are notified in a more timely manner

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Mail for Sophos Antivirus Release Management for SESC – Recommended and Preview Version

    Before an update of SAV Version, would help administrators, if Sophos informs a few days in advance per mail.
    Currently, preview and recommended version as of May 2019 are on the same ver-sion. Which is probably not the idea of the system. So clients can’t be tested with a preview test group.
    The information at https://community.sophos.com/kb/en-us/120189 is as often in-correct.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Uninstall and Repair from onprem console

    Sophos Admins need a way to force uninstall remotely from the console.
    This is a standard features across other AV products i have used.

    we have a deployment of over 260 machines across 1km long distance. It is not always feasible to walk to the pc or log in remotely if the user is using the pc.

    Why has this basic admin feature not been implemented?

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Option to delete files when it can't be cleaned by Sophos

    We have several site all around the world but Sophos is centraly managed which means that we cannot always physically go to client computers or remotely connect to them (because of time zone, bad internet connectivity, etc...).

    So when an alert for files like those is raised in the console:
    Manual malware cleanup required: 'Mal/VMProtBad-A' at 'G:\PortableApps\Sid Meier's Civilization V + DLC\CivilizationV_DX11.exe'
    Manual malware cleanup required: 'Mal/Sality-D' at 'E:\hasna .scr'
    Manual malware cleanup required: 'Mal/VB-OL' at 'E:\Data Dell.exe'

    I would like to be able to select "Delete" and not just wait that something happen. Currently the only option is "Marked…

    24 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  7. When will there be Sophos Endpoint Security compatibility with Windows security center

    When will there be full compatibility Sophos Endpoint Security with Windows security center?

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  8. Block 3D application related file types

    I am using your Endpoint protection trial version for the past few days. We work on 3D animation. It would be very helpful if you can block these file types. These file types are related to our 3D applications. I want these file types to be blocked from uploading . Can you do it?

    1 .3ds
    2 .abc
    3 .mb
    4 binary.fbx
    5 .ms3d
    6 .c4d

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Labtech integration

    As an MSP we utilize Labtech to manage all endpoints. We NEED to be able to reliably see that not only Sophos endpoints are detected, but that they are actually updated properly with definitions. Please work with Labtech like all the other major AV vendors to provide us with an efficient and reliable method of being able to manage the endpoints.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add a option for notification/Alert if Sophos update manger failed to update

    Add a option for notification/Alert if Sophos update manger failed to update

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Mac OS X DLP + App Control

    As customers increasingly add MacOS X to their estate, it is increasingly important to be able to control the Apps running on them as well as the DLP rules to protect data being moved from them.

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Put a PAUSE button on the scans!

    Put a PAUSE button on the scans! When it is scanning it makes using the computer next to impossible--all apps are slow to respond, if at all. Sometimes need to use the computer during a scheduled scan--no choice now but to Cancel the scan. Other antivirus and anti-malware apps have PAUSE buttons, why not Sophos?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Already Possible  ·  7 comments  ·  Malware prevention  ·  Flag idea as inappropriate…  ·  Admin →
  13. Disable TALPA compilation for mkinstpkg

    Currently, './mkinstpkg --extra-options="--preferFanotify"' sets the preferred engine to fanotify, but still tries to compile TALPA.

    There is no way to skip compiling talpa support, even when FANOTIFY is present in the kernel.

    Please add a --disableTalpa or --fanotifyOnly switch so I can enable on-access scanning without building binaries for all hosts on outdated kernels.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  14. add protection against archive-bombs

    there is current no protection against archive-bombs, we are missing some features like the ability to configure such things as "max nested archives" and "max. compression ratio" and "max. files in archive". Further a action should be configurable when for example the "max compression ratio" is exceeded by an archive

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    we do have achive/zip bomb protections (all be it with no configuration)
    If you do get another zip bomb file, pelase send it to support for analysis so we can determine why it was missed.

  15. Add MTD to On-Premise eXploit Prevention

    please add MTD Funktionality also in the On-Premise version of "eXploit Prevention" not only Central Intercept X

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malicious Traffic Detection (MTD)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Randomise Scheduled Scans

    Hi ,

    A Platinum customer would like to see a feature which would enable them to randomise scheduled scan for Linux/Unix systems. If this can be set centrally via this would be great, if not any other way of doing this would be great.

    It's particularly useful to do have this as it would help minimise issues when scanning multiple virtual machines all at the same time.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Notify users of PUA, MalWare, Virus cleanup actions

    User notification (real-time and / or email) of events on their systems should be configurable. This will allow users to self-manage clean-up of their devices and reduce Administration overhead currently required to notify users of issues with their devices.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  18. Improve the documentation, errors and warnings when SAV for Linux is used with Linux containers

    Refer to Sophos Support case [#5609841].
    Apparently, SAV does not provide on-access protection for Linux containers, such as LVM. If on-access protection is enabled on a Linux system using LVM, this error is produced at irregular intervals:

    An error classified as '1/0x80070057: Threat Scan Error' was detected in the file '/dev/sda5 (namespace)' when attempting to mount it as a filesystem at Wed Apr 6 00:20:55 2016 HKT +0800 (2016-04-05 16:20:55 UTC). Access to the file was allowed.

    The description of the error 1/0x80070057 does not mention containers or LVM.


    1. Improve the description of 1/0x80070057 to mention containers and LVM

    2. When…
    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Already Possible  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  19. adware/pua details

    Customer Columbia University wants to make sure that they can view date/time of detected Adware/PUA/Viruses within the endpoint Security and Control Quarantine

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  20. Scanned with on-rename and block access to file

    Client scanned file with on-rename set and after it is detected user is still able to access file. Would like access to be denied if someone tried to open it before we cleaned it up

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.