Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. sophos clean upload

    Please disable automatic uploading of suspicious files from Sophos Clean by default. It is enabled by default and it can only be disabled per PC on the Sophos Clean software console. At least the Sophos Central console should have control over this to disable in bulk. This is a huge HIPAA violation concern.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Throttle virus scan

    I would like to suggest the addition of a feature to set the prioritization of a scheduled AV scan. Having the ability to throttle the amount of CPU the scan can use, or enable a low power scan, if the laptop is on battery.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. You don't block youtube

    That you please, don't block youtube.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. SCF removal from the console

    It would be useful to have the ability to remove the SCF from an endpoint using the Enterprise console.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Improve compatibility checks for Central Windows installer

    The Sophos Central endpoint installer performs a number of compatibility checks when it is run, but there two conditions I regularly encounter that cause the installation to fail:

    * If there is another user logged on to the system
    * If the user running the installer is not a member of the SophosAdministrators security group, then it will not be able to uninstall an existing SAV installation.

    If the compatibility checks looked for these conditions it would make the installation process easier!

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Local signatures

    It would be nice to be able to add local signatures (with MD5, SHA1, etc), in order to quickly react to 0-day threats, while waiting your Labs would provide ufficial signatures.
    Happens quite often that I notice via VirusTotal a threat isn't recognized by Sophos, while other competitors already recognize it hours before Sophos.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Feature Request - Bluetooth Audio in endpoint control

    Feature Request - Bluetooth Audio in endpoint control

    Assuming it's not currently possible to allow audio-only bluetooth within endpoint control policy, could this be added as a feature, please?

    Enabling a blanket ban on bluetooth prevents the use of headphones and other peripherals, which can be inconvenient.

    Thanks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. Time Windows Based Policies

    I believe it would be greatly beneficial to not just have the option to set a time for a policy to expire, but to have policies that come into effect during certain scheduled time windows.
    For example, to have the option to apply a policy between 12PM-2PM Monday - Friday.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make Sophos AV compatible with Microsoft Sysmon.

    Make Sophos AV compatible with Microsoft Sysmon. Currently Sophos AV goes into deadlocks when Microsoft Sysmon is used with with image load option. Provide a fix that will not cause a deadlock, many other AV products do not have this issue.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  10. Archive scanning behavior

    Scanning of archives seems very inconsistent when the contents are encrypted. We see two behaviors in the e-mail sent "SAV message from: SYSTEM" for weekly scans:

    1. We get scores of e-mail's. Are guess is one for each directory traversed since it there are files in the archive than e-mail's sent.

    2. We get only just a few even though the archive contains multiple directories and files.

    Are first idea is to not send multiple e-mail's about encrypted archive, especially if the contents are just the some repeated line (25 times),

    Scanning "C:\...\FILE.zip" returned SAV Interface error 0xa0040212: The file…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  11. Firewall for standalone users:

    More intuitive settings and direction to find additional application checksums, and where these are located. Maybe a pop-up to assist with adding these as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. Installer removes previous Sophos versions without deleting offline deployment content

    For Sophos Endpoint deployment, there's a useful option to include all the files the Sophos installer would normally download to "prevent a large initial update from the Internet" as detailed in this KB article https://community.sophos.com/kb/en-us/121318.
    The files for offline deployment are stored in %ProgramData%\Sophos\AutoUpdate\data\warehouse.
    This folder should not be deleted when customers who are using Sophos Endpoint Security and Control run 'SophosInstall.exe -tps remove' (remove third-party software parameter).
    Currently, the %ProgramData%\Sophos\... folders are removed while uninstalling the Endpoint Security and Control products, which deletes the offline install content, forcing SophosInstall.exe to download the content again and effectively punishing any…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. Setup Default Language for Endpoint clients

    Define the default language for the Sophos Endpoint client via Registry Setting (under HKLM) or config-file (ini-file) instead of using the Regional Settings set up by the Windows OS!

    It's annoying to fix this issue currently via replacing of the not needed language by the english ones!

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  14. Puremessage - store scanning - add possibility to Quarine on Infection WITHOUT replacing with text

    Puremessage - Exchange store scanning (Exchange 2010 - PM 3.1.4) - add possibility to Quarantine on Infection WITHOUT replacing with text. So I have the possibility to restore a full mail with attachment if it was a false positive.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. The ability to add/remove individual endpoint components.

    With the Sophos on premise solution I had the ability to add or remove an individual component of the endpoint package. This was very useful in trouble-shooting a failed install. I currently have endpoint agents with partial installs and I am unable to trouble-shoot other the removing the complete endpoint suite and trying to re-install the full client once again. Even after several attempts some components remain uninstalled. Multiple re-install attempts fail to fix the issue.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. Visible display of "on insert" virus scan

    Sophos tech-support advise that the Central Endpoint product does perform a virus scan when removable media is inserted. HOWEVER, there is NO visual display that the scan is taking place. We suggest that a dialogue box opens and visually displays the progress of the on-insert virus scan.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. Don't show excluded volumes in scan items

    Sophos Endpoint Security for Mac scheduled scan logs list excluded volumes under the "Scan items" section. This is confusing, as it both indicates the scanner included and excluded the volume(s). Removing excluded volumes from the scan items list would provide more clarity regarding Sophos' scan history.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  19. Client Activity

    Request to be able to monitor client activity through the Sophos Enterprise Console.
    An example is Sophos Endpoint was blocking certain ports that Bloomberg needed to connect using but this was only discovered via client logs and was not visible through the Enterprise Console

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. Log output option (SAV.txt etc..)

    a) There was a request from a customer that they wanted to be able to choice the character code output for the following log files.
    *These log is output in "Little-endian text labelled with UTF-16 with a BOM", but they need "without BOM".

    1 TamperProtection.txt
    2 SAV.txt

    b) Customer wants to output contents of TamperProtection.txt and SAV.txt to event log and syslog.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.