Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Make Sophos AV compatible with Microsoft Sysmon.

    Make Sophos AV compatible with Microsoft Sysmon. Currently Sophos AV goes into deadlocks when Microsoft Sysmon is used with with image load option. Provide a fix that will not cause a deadlock, many other AV products do not have this issue.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Archive scanning behavior

    Scanning of archives seems very inconsistent when the contents are encrypted. We see two behaviors in the e-mail sent "SAV message from: SYSTEM" for weekly scans:

    1. We get scores of e-mail's. Are guess is one for each directory traversed since it there are files in the archive than e-mail's sent.

    2. We get only just a few even though the archive contains multiple directories and files.

    Are first idea is to not send multiple e-mail's about encrypted archive, especially if the contents are just the some repeated line (25 times),

    Scanning "C:\...\FILE.zip" returned SAV Interface error 0xa0040212: The file…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. Firewall for standalone users:

    More intuitive settings and direction to find additional application checksums, and where these are located. Maybe a pop-up to assist with adding these as well.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Installer removes previous Sophos versions without deleting offline deployment content

    For Sophos Endpoint deployment, there's a useful option to include all the files the Sophos installer would normally download to "prevent a large initial update from the Internet" as detailed in this KB article https://community.sophos.com/kb/en-us/121318.
    The files for offline deployment are stored in %ProgramData%\Sophos\AutoUpdate\data\warehouse.
    This folder should not be deleted when customers who are using Sophos Endpoint Security and Control run 'SophosInstall.exe -tps remove' (remove third-party software parameter).
    Currently, the %ProgramData%\Sophos\... folders are removed while uninstalling the Endpoint Security and Control products, which deletes the offline install content, forcing SophosInstall.exe to download the content again and effectively punishing any…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Setup Default Language for Endpoint clients

    Define the default language for the Sophos Endpoint client via Registry Setting (under HKLM) or config-file (ini-file) instead of using the Regional Settings set up by the Windows OS!

    It's annoying to fix this issue currently via replacing of the not needed language by the english ones!

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Puremessage - store scanning - add possibility to Quarine on Infection WITHOUT replacing with text

    Puremessage - Exchange store scanning (Exchange 2010 - PM 3.1.4) - add possibility to Quarantine on Infection WITHOUT replacing with text. So I have the possibility to restore a full mail with attachment if it was a false positive.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. Log output option (SAV.txt etc..)

    a) There was a request from a customer that they wanted to be able to choice the character code output for the following log files.
    *These log is output in "Little-endian text labelled with UTF-16 with a BOM", but they need "without BOM".

    1 TamperProtection.txt
    2 SAV.txt

    b) Customer wants to output contents of TamperProtection.txt and SAV.txt to event log and syslog.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. Update Now on Central Endpoint

    Why is the "Update Now" feature only available through selecting "About" (Bottom-Right-Corner), as opposed to being available on the front page.

    This isn’t in an obvious place, there should be an action menu at the top with the this in along with all the other missing actions that really should be on the endpoint.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  10. Sophos HOME EP protection - Tamper Protection & scheduled scans.

    I currently run a Sophos UTM system (home installation) that includes EP licences. As I'm thinking of moving to the Sophos XG firewall I've installed Sophos HOME EP on two of my PC's.
    It would be really nice if this included;
    1) Tamper Protection (to prevent unauthorised product removal / tampering).
    2) Scheduled scans - it may do this already but I can't see where.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  11. Use a signed XML file to use an LAN server cache to complete an install

    I want the bootstrap installer to be able to use a signed XML file provided in the command line silent install to trigger a LAN source based install without requiring connectivity to the cloud to complete the install.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. Cloud endpoint Web Filter notification

    When a website is blocked by the cloud endpoint product, windows 10 throws a notification on the screen stating that the web filter blocked a site. This is problematic when blocking web ad as the block notifications are constantly appearing on the screen. I suggest that all web filter notifications be turned off on Windows 10 machines as the block message already appears in the browser when something is blocked.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. events description on local installation

    The whole informations, especially "Zugriff auf Verzeichnis translate.xxxxxxxxxx wurde gespert für..." on the events page on local installations cannot get read directly on the local client, because of one of this reasons:
    - window is to small
    - no popup on mouseover
    - more information at choose one of the events
    We are using 11.5.2 at the moment

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  14. ClamWin

    Sophos home real-time protection blocks right-click function "Scan with ClamWin free antivirus" silently.
    (sorry for my english, i'm french)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add macro files to suspicious file type downloads

    Add office macro files to the list of suspicious file types for download.

    Office macro files (docm, xlsm, dotm, xltm, pptm, potm, sldm, ppsm, etc)

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. SAV installer support for double-byte character

    As explained in the KBA http://sophtrac.green.sophos/default.aspx?articleid=67504, if logon user name contains double-byte character, installation process fails with no error.

    This is because AutoUpdate cannot recognize the path with double-byte character contained.

    However, it will be more likely that young generation who have accustomed to use touch-screen base devices (e.g. smartphones and tablets) than personal computer like to use human-friendly format (in this case double-byte character for user account).

    We've seen some cases arising in Japan typically from educational institute (e.g. colleges) where many youngster start using personal computer and define their user account with double-byte characters.

    If we could…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make the Sophos Outlook Add-In available in the preview pane in Outlook

    Make the Sophos Outlook Add-In available in the preview pane so that users don't have to fully open the mail to be able to encrypt emails

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. Export Firewall Rules for Windows Firewall

    have the ability to export the firewall rules from Sophos Endpoint and/or Console and have them in a format that can be imported into Windows Firewall.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  19. email alert for any level of malware and runtime detection

    Kindly do the needful for get email alert for any level of malware and runtime detection so that we can do proactive steps to avoid such incident in future. This is helpful for us and we need to track such incident on daily basis and require in monthly review.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. Scanning options for .arc and .warc in SAV for Linux

    Currently, using the sweep -vv command we can see that warc and arc are not on the list of container formats to be scanned. Can these be added to the list?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.