Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Global Exclusions listed in SNTPService.log and Policy.xml

    Hello,

    When troubleshooting one of our endpoints I checked SNTPService.log and found out, that all global exclusions configured in Sophos Central appear in this log file.

    Log location:
    C:\ProgramData\Sophos\Sophos Network Threat Protection\Logs\sntpservice.log

    Additionally to the log file, these exclusions are also listed in the following config XML file:
    C:\ProgramData\Sophos\Sophos Network Threat Protection\Config\policy.xml

    To read these log and config files, no admin permissions are needed!
    So, if a client got compromised, an attacker just has to check these files to find out which locations on the file system are not monitored by endpoint security and might shelter e.g. malware without triggering…

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Include Serial numbers in our reports

    Add the Serial Number field to the device report and exported list. Usually the serial number is the only common denominator when running an audit.

    Right now my audit process is quite time consuming because I can't pull a device report with serial number.

    The Computer Report is quite useless without the serial numbers.

    It's kind of ridiculous that I can't create a custom report and pull the fields I require.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. ARM Processor Support

    With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.

    300 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  54 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Implement passive forced Client-restart

    We noticed that Sophos Endpoint Protection lacks the function of automatic monitoring of the restart status of clients, combined with a configurable automatic forced restart request on the user's client. The only way as a company to trigger this through Sophos Endpoint is actually via Live Response (Beta), but not automatically and by active monitoring beforehand.

    The problem we are observing is that serious security gaps arise in companies because employees do not regularly restart clients and thus the rollout of security updates is delayed (e.g. Windows updates). By implementing a monitoring of the restart status of clients, this circumstance…

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Bulk Inactive computer removal

    We really need the ability to remove computers in bulk. Every time we recompose virtual machines it creates a new computer object and leaves behind a duplicate computer name.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Solaris 10 extended support

    Hi,

    Advised to post a question here when reaching out to Sophos Support.

    Solaris 10 is currently listed extended support for Virus Engine and Virus Data Library. Is there a timeline when this extended support will end?

    Thank you :)

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Including Windows OS version in Endpoint protection dashboard

    Including Windows OS version in Endpoint protection dashboard rather than just showing "Windows 10 Pro". This feature is available with MacOS, we can see the "version" such as 11.2 or 11.3 rather than just showing "MacOS big sur".

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. For peripheral exemptions, can you input a section that allows you to name the peripheral so that we can apply this device to multiple polic

    For peripheral exemptions, can you input a section that allows you to name the peripheral so that we can apply this device to multiple policies if we have a lot of usb or want to control the peripheral among many machines/policies without needing to know which random serial number it is.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. More User Account Details from API

    /common/v1/directory/users

    • Only gives basic info, what I would love to be able to see is:

    : Multi-Factor Authentication status (On or Off)
    : Account Type (Admin, super-admin, etc)

    I don't think it would be that difficult to implement these.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  10. false notification on client computers

    The below message is popups on endpoint client computer, which is mislead to users about someone trying to accessing their computer even those user/system not trying to access, which is creating issue to IT department as well as put the question mark Sophos for wrong notification.

    Message pup up "Access request from computer computer name denied because it may be unsafe".
    I understood from support that this happen when if any system health is red. In that scenario, Sophos endpoint is going to take action in backend, not the end user.

    So, I recommend that this type of message should…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  11. Notifications for Required Restarts

    Hello,

    We would like our users to receive a visual notification when an update to Sophos Endpoint requires a restart of their computer. For example, a small pop-up in the bottom right-hand corner of the user's screen. We would like this notification to remain on-screen until the user performs the restart, or manually dismisses the notification. The reason being, we have many devices that go days or even weeks without being restarted after an update is installed, as the user is unaware that a restart is required.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. create

    We'd like the ability to confirm a medium/unhealthy status of a device and not have it populate within the dashboard. (IE: We have a spare laptop, we know that it is not online, but has Sophos installed)

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. Installation Endpoint

    Good morning,
    recently I had big performance problems due to the HP Sure Connect software suite (software installed by HP similar to Sophos Endpoint) which after an update created performance problems on 42 laptops that were almost unusable. In my opinion we should prevent the installation of Sophos applications in the presence of similar applications that could create problems that are difficult to diagnose. Sincerely

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  14. mass promotion of servers / computers to update cache

    We are having more than 600 transaction offices. FOr sake of saving network bandwidth from these locations to Head Quarter, we need to promote some machines at transaction offices to be Update Cache. With the current situation, we must click one by one from GUI to make them done. It is so hard to do this task. I wonder Sophos should have some tools or scripts to support in escalating based on our lists. Thanks so much.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. disable installation of Chrome extensions

    Please also implementing disable installation of Chrome extensions in Sophos

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. Reporting and enforcement of MacOS native firewall

    Could a feature be implemented that allows enforcement of the native MacOS firewall, and also reporting of the MacOS firewall status (enabled or not) in Sophos Endpoint.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. sophos central setup update via time

    I'm requesting for sophos to include an option in central for us to setup sophos updates via time.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. Isolation UX enhancement

    The current design of isolation UI for Windows is to pop up an alert on the notification area, which I assume Sophos utilizes Windows feature, then disappears after a short while. End users who missed this popup will be isolated from the network not knowing why it is happening. Isolation can be initiated by sysadmin in the EDR feature, but can happen unexpectedly if auto-isolation is enabled and an endpoint fails in red status. This unwanted event is occasionally observed mainly due to one of Sophos service failure - Central Device Encryption is the most observed. If the isolation message…

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  19. Sophos Endpoint Agent "Offline Installer"

    The "Sophos Endpoint Agent" should successfully finish the installation process after the successful installation and setup of its own service. The installation of the other Sophos components should not be part of this installation routing.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. "Scan file with sophos AV" context menu function vs. sophos central exclusion list

    We had a strange behavior of Sophos Endpoint Protection which should be solved by changing the behavior of the "Scan with Sophos AV" option in the context menu of windows.

    What happened:
    A user had an infected word file stored on his desktop. When using the context menu function "scan file with Sophos AV" it doesn't find anything wrong or suspicious.
    This was weird because according to Virus Total this file contained Malware which was also detected by Sophos endpoint protection.
    When checking the exclusion list on Sophos Central we found an exclusion for C:\users*. This seems to prevent the…

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 10 11
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.