Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Disable TALPA compilation for mkinstpkg

    Currently, './mkinstpkg --extra-options="--preferFanotify"' sets the preferred engine to fanotify, but still tries to compile TALPA.

    There is no way to skip compiling talpa support, even when FANOTIFY is present in the kernel.

    Please add a --disableTalpa or --fanotifyOnly switch so I can enable on-access scanning without building binaries for all hosts on outdated kernels.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  2. add protection against archive-bombs

    there is current no protection against archive-bombs, we are missing some features like the ability to configure such things as "max nested archives" and "max. compression ratio" and "max. files in archive". Further a action should be configurable when for example the "max compression ratio" is exceeded by an archive

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →

    Hello,

    we do have achive/zip bomb protections (all be it with no configuration)
    If you do get another zip bomb file, pelase send it to support for analysis so we can determine why it was missed.

  3. Improve the documentation, errors and warnings when SAV for Linux is used with Linux containers

    Refer to Sophos Support case [#5609841].
    Apparently, SAV does not provide on-access protection for Linux containers, such as LVM. If on-access protection is enabled on a Linux system using LVM, this error is produced at irregular intervals:

    An error classified as '1/0x80070057: Threat Scan Error' was detected in the file '/dev/sda5 (namespace)' when attempting to mount it as a filesystem at Wed Apr 6 00:20:55 2016 HKT +0800 (2016-04-05 16:20:55 UTC). Access to the file was allowed.

    The description of the error 1/0x80070057 does not mention containers or LVM.


    1. Improve the description of 1/0x80070057 to mention containers and LVM

    2. When…
    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Already Possible  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  4. Silent / Unattended install option for linux client

    Have the ability to do a silent / unattended install with the linux client.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Already Possible  ·  2 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  5. Reducing Spurious warnings from SAV for Linux

    Currently, SAV for Linux sometimes issues warnings like:

    An error classified as '0x3c: Unable to write to talpa socket' was detected in the file '/run/named/session.key' when closing it at Thu Jul 9 00:19:15 2015 HKT +0800 (2015-07-08 16:19:15 UTC). Access to the file was not allowed.

    The files involved are created by standard services for temporary information, eg. : /run/named/session.key /run/named/named.pid /run/ntpd.pid

    Support case [#5279639] has identified this as an interaction with AppArmor, i.e. one security application (SAV) wants to read everything, another security application (AppArmor) wants to restrict reads.

    The advised workaround is to exclude the concerned files from…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →

    We have cleaned up a lot of messages recently. Please contact support if you find other examples

  6. Group Path (GroupPath, -g) support in Linux/Unix

    Allow Group Path assignment on managed Linux/Unix machines, through local config files and installation parameter, much like current Windows and Mac managed clients. (This is an RMS change.)

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Already Possible  ·  1 comment  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.