Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. New applications added to notify the admin

    New applications added to application control policy by Sophos to notify the admin whither he wants to add it to allow or block list. This option will give the admin the ability to review the newly added application and take the decision whether he wanted to block or allow it.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. AppLocker Code Integrity functionality in application control

    Application control in sophos allows for blocking of applications but it doesn't provide a allow list of applications or an easy way to manage the list.
    it should include Applocker style idea where the central admins can provide hashs or accepted digital certificates of which applications are allowed to run and deny anything else.

    applocker requires windows enterprise and while windows defender code integrity supports windows pro it conflicts with sophos application control so one is needed to switch to a different AV product or loose out on this layer of defense.
    uncertain at this time if applocker would conflict…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. Block Windows 10 Apps

    the current Mail App (Windows 1909) has no exe left to start So far it was blocked by SAC. Not anymore. So users can start it.
    ICh used Sophos to block the unnecessary Windows 10 apps. This no longer works.
    Sophos support asks for an exe - I (and no one else) can't provide it.
    Sophos has to adapt / develop here and continue to block these apps as well.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Individual (or client) Policy Exceptions

    I would like some functionality added to Sophos Central to accommodate for the need to exempt a specific application on a single server without creating the need for an endless and complicated web of policies as additional application exemption needs are identified.

    An example:

    The company has all servers "enrolled" in the Default Application Control policy. Server A requires all of the same rules as the Default policy but needs PuTTY allowed. No other servers can have PuTTY installed per a strict security policy. To accommodate this need, we, at present, must create Default Application Controls policy clone (w/PuTTY allowed).

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. Crea

    Hi,

    Is there a possibility to add the ability to export the details of a specific policy into CSV, Excel and PDF? This would be helpful for incorporating the details into internal reports and internal discussion especially for a policy that has so much detail such as Application Control.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. Application Control for Linux

    We have a large number of Linux endpoints and would love to be able to run Application Control on them. Currently we have to run a different product to achieve this goal and it comes with lots of performance and maintenance issues.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Disabling Notifications Individually.

    Is there a way to disable blocked notifications for individual programs? There is one in particular that we don't want to whitelist or uninstall, but it keep popping up as it is a Windows default app. We would only want notifications for this app to be hidden and nothing else.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. , is there a way that we can manage the laptop screensaver lock out setting

    The ability to manage the laptop/desktop screensaver lock out setting?????

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Set email alerts by group of computers

    Set email alerts by group of computers . So we can set who gets alerts for certain computers.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Force policy update

    A button to force policy update on Sophos Central endpoints would be nice.

    34 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Adjust the number of lines shown on the DEVICE listing page.

    In the hopes of speeding up response time from the console would it be possible to lower the number of machines listed when DEVICE is chosen from the OVERVIEW menu?

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Application Control - Event Viewer

    Application Control - Event Viewer- provide to select particular component to set allow or deny policy.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Block creation, moving and deletion of *.EXE files

    Sophos Endpoint policies should allow the blocking of moving, creation and deletion of .exe files on the system (i.e. block a user copying an .exe file from C:\Program Files to their documents share). This is functionality that exists in Symantec Endpoint Protection and works very well in preventing the introduction of malware to an end user device/the network!

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. Application Control - Screen sketch (Windows Ink Workspace)

    Windows Update adds in Windows "Windows Ink Workspace" feature included by default in all Windows computers, Screen sketch allows you to capture screen, assuming a serious security hole.

    Add restriction for Screen sketch (Windows Ink Workspace) to
    Computer Policy / CONTROLLED APPLICATIONS / Screen capture tool

    Thanks!

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Application Control

    Currently users must send a request to Sophos Labs to have a file blocked by Application Control. It would be good if users could create a custom block list to deploy across their environment - for example, block/alert on SHA256 hash, filename, regex, directory path, etc.

    Having the option to alert (not block) would be useful too, so use of applications that are required, but suspicious can be monitored.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. Schedule Disable tamper Protection.

    As you maybe know there are problems with IASO systemstate backups in combination with sophos antivirus.
    https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/95786/freeze-thaw-vss-failures-when-sophos-av-is-utilized/374472

    The workaround is

    1. Disable Tamper Protection on the affected servers
    
    2. Open Services.msc on each server
    3. Stop and Disable the Sophos Health service
    4. Reboot server and test backups

    At Sophos managed central its possible to tamper protection manually for a device.

    Is it possible to schedule the "disable Tamper Protection" at a certain time in Sophos managed central?

    Then we can add a pre backup job to the IASO backup systemstate backup job to disable the sophos healt services and…

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Citrix - allow a user policy override for a Citrix Server

    When logging on to a PC, the PC policy is in effect. When the user logs on the User policy will override the PC policy and take precedence. This is useful for blocking all unnecessary applications, website and perhipherals.

    When logging on to a Citrix server the Citrix server polic is in effect. There is no possibility at present for a User policy to take precendence. At the moment, if you want to allow an application, it is allowed for all user on the same Citrix server (same for websites, perhipherals etc).

    It would be useful to have a user…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Microsoft Remote Desktop store app

    Please allow us to enable/disable Microsoft Remote Desktop from the Microsoft App store. For some reason it's being blocked even though I have all the RDP options unchecked in Application control. I submitted a ticket for this and another application and they said i need to submit a suggestion.

    How is it a suggestion when it doesn't work as designed?

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. Browser extention control

    Allow or block browser extensions/Addons based on a whitelist.

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Application version control

    Additional options in Application Control, especially for browsers.

    Being able to block:

    Versions of Chrome < X (Chrome current version is 62)
    Versions of Firefox < X (Firefox current version is 57)

    Being able to block versions of Chrome < 59 and Firefox < 53 would be a great start in killing off legacy browsers with lots of vulnerabilities from being permitted to browse the Internet.

    17 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.