Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. application control

    Add Custom Applications:

    Create a "Custom List" where specific exe's can be created and added to the blocked list when required. Ones of interest for us are;

    SPDESIGN.exe
    INFOPATH.exe

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. Set email alerts by group of computers

    Set email alerts by group of computers . So we can set who gets alerts for certain computers.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. Adjust the number of lines shown on the DEVICE listing page.

    In the hopes of speeding up response time from the console would it be possible to lower the number of machines listed when DEVICE is chosen from the OVERVIEW menu?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Application Control - Event Viewer

    Application Control - Event Viewer- provide to select particular component to set allow or deny policy.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. Block creation, moving and deletion of *.EXE files

    Sophos Endpoint policies should allow the blocking of moving, creation and deletion of *.exe files on the system (i.e. block a user copying an *.exe file from C:\Program Files to their documents share). This is functionality that exists in Symantec Endpoint Protection and works very well in preventing the introduction of malware to an end user device/the network!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. Force policy update

    A button to force policy update on Sophos Central endpoints would be nice.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Schedule Disable tamper Protection.

    As you maybe know there are problems with IASO systemstate backups in combination with sophos antivirus.
    https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/95786/freeze-thaw-vss-failures-when-sophos-av-is-utilized/374472

    The workaround is

    1. Disable Tamper Protection on the affected servers
    2. Open Services.msc on each server
    3. Stop and Disable the Sophos Health service
    4. Reboot server and test backups

    At Sophos managed central its possible to tamper protection manually for a device.

    Is it possible to schedule the "disable Tamper Protection" at a certain time in Sophos managed central?

    Then we can add a pre backup job to the IASO backup systemstate backup job to disable the sophos healt services and…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Application Control - Screen sketch (Windows Ink Workspace)

    Windows Update adds in Windows "Windows Ink Workspace" feature included by default in all Windows computers, Screen sketch allows you to capture screen, assuming a serious security hole.

    Add restriction for Screen sketch (Windows Ink Workspace) to
    Computer Policy / CONTROLLED APPLICATIONS / Screen capture tool

    Thanks!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Citrix - allow a user policy override for a Citrix Server

    When logging on to a PC, the PC policy is in effect. When the user logs on the User policy will override the PC policy and take precedence. This is useful for blocking all unnecessary applications, website and perhipherals.

    When logging on to a Citrix server the Citrix server polic is in effect. There is no possibility at present for a User policy to take precendence. At the moment, if you want to allow an application, it is allowed for all user on the same Citrix server (same for websites, perhipherals etc).

    It would be useful to have a user…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Application Control

    Currently users must send a request to Sophos Labs to have a file blocked by Application Control. It would be good if users could create a custom block list to deploy across their environment - for example, block/alert on SHA256 hash, filename, regex, directory path, etc.

    Having the option to alert (not block) would be useful too, so use of applications that are required, but suspicious can be monitored.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Microsoft Remote Desktop store app

    Please allow us to enable/disable Microsoft Remote Desktop from the Microsoft App store. For some reason it's being blocked even though I have all the RDP options unchecked in Application control. I submitted a ticket for this and another application and they said i need to submit a suggestion.

    How is it a suggestion when it doesn't work as designed?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Application version control

    Additional options in Application Control, especially for browsers.

    Being able to block:

    Versions of Chrome < X (Chrome current version is 62)
    Versions of Firefox < X (Firefox current version is 57)

    Being able to block versions of Chrome < 59 and Firefox < 53 would be a great start in killing off legacy browsers with lots of vulnerabilities from being permitted to browse the Internet.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Browser extention control

    Allow or block browser extensions/Addons based on a whitelist.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. Block Grammarly

    Grammarly can be installed without admin rights into a user's profile, but requires an admin to... fail to remove it. I ended up torching the folder containing it, but it's left a mess on that PC. Since Grammarly is effectively a keylogger that sends to the cloud, it doesn't meet our security policies.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. portable

    Hi, i miss the application Keepass Password Safe to block in the application-Policy section. Some user seems to capable to run this as portable Version, so that i'm out of control

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. Turbo-Mailer

    The application Turbo-Mailer is a program used to mass-send emails. This has been used maliciously in the past and should be added to the list of applications capable of being blocked.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Whitelisting applications for application control instead of blacklisting

    Currently the SAV console allows for app blacklisting, it would be good to see a feature for blacklisting aswell. i.e. the give a list of applications which are allowed to run, rest can be blocked by default.

    We have list of 250+ applications being used by the teams, I would like to see if we can have option to only allow the ones that are authorized, rest are blocked.

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. WhatsApp

    Whatsapp have released a desktop version. Which apparently doesnt need admin rights to install.

    Can this be added to application control

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Publish (or provide a way to export) a searchable index of all controlled appliactions.

    This list should also include all pertinent details (i.e. category, date added to control, etc.). Within the SEC, if you don't know what category the application is listed under, you can spend a long time clicking and hunting for a specific application. This makes it extremely time-consuming to build custom, fine-grained policies or to quickly answer questions on what is allowed and not.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.