Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Schedule for Policies

    Create a possibility to have schedule for endpoint protection policies. Similar to how "During scheduled time" works in Sophos XG Firewall Rule.

    Eg.:
    Be able to block gaming apps during work hours, but allow them after work hours.
    Or allow Facebook after 7pm.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. We need the ability to force the reboot of a computers from the enterprise console.

    more than half the tickets I get from our enterprise console are the need for reboots, please reconsider adding this feature and/or read the comments from other frustrated users of your software. Or even offer the ability to force a reboot after 1 week. Something besides sticking your head in the sand.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  3. delayed scan on write/move (prevents inconsistent files when saving in word/excel/powerpoint)

    I like the scan-on-read feature. But I want the scan-on-write-feature to start with a small delay.

    Rationale:
    Most programs I use first save files in a temp folder, then move them to their real destination. Advantage: If the program crashes or power is lost during saving there still is the old file.
    Disadantage: The move fails if Sophos still scans => Save sails, often without me being noticed.

    Even worse: Some tools produce loads of files on saving that are moved to an AutoRecovery folder and then and renamed to something ending in.docx, .pptx etc.. Compilers produce (and then move)…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Exclude files / folders from Ransomware detection

    When some programs running on workstations genuinely encrypt files on a file server (as Lacerte tax program does), CryptoGuard catches the activity as a ransomware attack.

    Currently there is no mechanism to exclude files or folders from Ransomware scanning, so it is impossible to have CryptoGuard enabled on those servers.

    While workstations are also running CryptoGuard and could catch ransomware at that level, having the server unprotected is not really a solution as other workstations with no Sophos installed could potentially encrypt server files.

    Excluding specific folders and letting CryptoGuard continue to protect the server for all other folders would…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Schedule definition updates

    Sophos is applying defitiion updates during the day and for some reason this is impacting our production workloads. It would be great to have the ability to schedule this, or define windows for acceptable update times.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. USB

    Add user-based policy in Sophos Enterprise Console to block and allow USB access.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Anti theft / Lost Device mode

    Flag a stolen or lost device in Sophos Endpoint.

    Device can be locked down, possibly remote wiped or operation system disabled.

    Notification sent to Sophos Central Admin when device reports in on internet connection.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. MTP/PTP device controls is too broad

    Suggestion: Split MTP/PTP out into multiple categories (webcams/printers/scanners/mobile devices), or keep it as is, but create an "advanced configuration" section where each type of device is listed with it's own Allow/Block option.

    For example:

    If I allow MTP/PTP, I allow access to the storage on mobile devices. This is obviously a security concern for companies with DLP requirements.

    If I block MTP/PTP, I block mobile phone storage, but also printers, scanners, cameras and possibly more I'm unaware of. So now I have to manually add these devices to the exemption policy on a per device basis, creating a LOT of…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Schedule Device Control Access

    Schedule Device Control Access

    We want to grant some of our employees temporarily access to usb-devices.
    We don't want to manually move the computer from one policy to another.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. application control

    Add Custom Applications:

    Create a "Custom List" where specific exe's can be created and added to the blocked list when required. Ones of interest for us are;

    SPDESIGN.exe
    INFOPATH.exe

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Possibility to install own (monitoring) software on Sophos for Virtual Environments VM

    Currently the sophos user does not have enough permissions to install any additional software of packages.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Declined  ·  0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  12. GPS location of Endpoint user

    Our users are getting more mobile than ever and it's good to know where they were geographically last time Sophos Endpoint checked in. It would allow us to know if they were connected to the corporate network or not if they got infected with a threat, for instance.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. Manual Alert Acknowledgement

    Hey All,

    I would like to suggest the idea of providing a check box / option that forces manual acknowledgement of alerts. We are a financial organization, and have very strict security policies surrounding our systems. One of these policies involves have any PC that has a malicious detection pulled from the network and fully scanned with multiple utilities to ensure no trace of the threat is present.

    Here is where the suggestion comes in. With Sophos, if it detects the initial threat and cleans it, it automatically clears the alert from the Console. We (InfoSec) receive an e-mail alert,…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malware prevention  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add applications to application control Policy

    I need to ability to block my own applications. I have PC's downloading and running exe files that I dont want them too.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. DLP Support for Mac OS

    Apparently Mac OS is not currently supported by Sophos Endpoint DLP. We have a decent number of Mac laptops in use in our environments and have a need to protect PII. Please consider building out the DLP module to support the Mac OS.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  16. support mac os

    Sophos AV no longer supports 10.9.x, 10.10.x & 10.11.x this seems curious as Windows 7 and older versions of Windows server are still supported. I would really like to see these older version of macosx client supported but was told that Sophos AV does not provide support because Apple no longer provides security updates and therefore will not support the older versions Mac OS X. This reasoning is poor. After all these older versions were initially covered by our license, but now we lose out. Note, there have been many times in the past where applications where developed to fill…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
  17. On-Demand Scan from the Enterprise Console

    I'd like to be able to scan a client remotely from the Enterprise Console and watch the scan in real time or at least get the progress of the scan with the result when it finishes.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  18. scheduled policy updates via enterprise console

    Add scheduled policy updates via enterprise console. Given the limitations of Tamper Protection to prevent end users from making changes and the support risks of Advanced Tamper Protection, the ability to schedule policy checks to periodically force policy compliance on the endpoints would be a good future enhancement.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  19. statistic

    It would be a good idea to have a more detailed statistc about the amount of Virus alerts per endpoint, so that we are able to see which workstations or servers are detecting the most ones. Then we can enforce user training to these special users or improve the av-settings an special Network Servers.
    We were told that such statistics are only availiable by using some external tools like CrystalReports or so. We would prefer a solution whithin SEC itself!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow CPU % limiting for Sophos Processes

    Give the ability in Sophos Central to limit CPU usage for Sophos overall. This would apply to scheduled scanning as well as any process that is using high CPU at login. I want these things still happen but be less noticeable to users.

    25 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.