Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Auto Scan of Removable Devices upon Plugging In

    Removable Devices should be scanned automatically upon plugging so that normal users can have a clean flash drive every time they use it.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  2. device control

    We have already set the default policy for
    device control and these policies are applied on one of the particular group, but
    when user from this group wants to access printer or dongle such devices are
    getting blocked as they are not storage devices. Every time we need to exempt those
    devices . Our concern is that we want these devices(Printer, Scanner, Dongle)
    allow automatically for the user without need of any exemption. and this feature is not available on Sophos antivirus.

    Kindly provide solution for it asap.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  3. HL-DT-ST DVDRAM GU10N identified removable device, it should be identified Optical device

    HL-DT-ST DVDRAM GU10N identified removable device, it should be identified Optical device

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Expand ID field in Peripheral Control to show full length Device ID

    In Central Reports and Device Control Exemption Lists, currently the full length Device ID is not shown. Even on mouse over, not all ID Data is visible in Central. On the Endpoint, the full ID Data is visible on mouse-over.

    Some USB removable media have long Identical Device ID with only a difference at the end. Currently, we can not identify the device in Central.

    Please make the ID field expandable in Central and store all data from the Endpoint in Central so that exemptions can be set specificylly without trial and error.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  5. Expand ID field in Peripheral Control to show full length Device ID and the user name

    Hello

    We would like to request a small feature, which consist of adding a Cologne (User/last user) to the Peripherals Exemption(s)
    We are blocking all secure removable storage and adding exemption(s) for the devices we deliver to our users, while adding the exemptions we can see which the last users that used it
    once we add the exemptions we cannot longer identify a device, and therefore we have no way to found out to whom the devices listed in the exemption(s) list belong, we can't remove a device from the list because there is no way to identified it, we…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add Imation IronKey D250 Personal 4GB secure removable storage device to supported Device Control list

    We recently decided to move forward with using the Device Control feature. We have dozens of these devices distributed through the facility. I see the Enterprise and Basic version has already been cleared. Please add this one the Personal.

    Thanks in advance.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. EXPIRATION DATE ON EXEMPTED DEVICES

    Would like to request to add expiration date of exempted devices, with this feature expired devices will automatically block/disable access but must have logs on DB as to when it was blocked or removed. This feature will also minimize the number of unused exempted devices on the Device Control Access list and give ease compared to manually disabling the devices. This would be useful for added security as user will not be able to access the expired devices on time once indicated on the expiration details.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. client

    Preventing windows domain users to tamper with settings. (even when tamper prevention is off) In our typical situation we have 15++ locations on mulitple locations on different continents / timezones. I can not provide a password everytime for clients when a Local support on site needs to switch the endpoint scanner on/off to trouble shoot.
    Other option make the tamper password 'fixed and adjustable and eassier sharable (amongst local support)'

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow CD-writers to be exempted when using read only policy

    We want to have a read-only optical device policy to allow all CD-ROMs to be used but only allow CD-writers by exemption. When using the read-only mode, any attempted write events are not being reported on the client or to SEC/Central, so there are no device control events to select and exempt the CD-writer you want to authorise. The only workaround is to temporarily set the policy to the more restrictive 'blocked', at which point all previously blocked events are suddenly reported to SEC/Central, allowing it to be exempted, then the policy can be set back to read only. Clearly…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. "Global" Exemptions (or better exempation by "Model")

    I have many "Integrated Cameras" that have been blocked after blocked MTP/PTP. I can exempt the Integrated Cameras by Model, but it only applies for 1 policy, which means I need to add them every policy. It also appears only appears to apply when the laptop model is the same as well, so I have to add "Integrated Cameras" for each different type of devices it has found on.

    We need to be able to exempt devices globally to that it applies to all matching peripherals of that type and on all policy.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Manual Exemptions and Use of Wildcards into Device Control for Removable Devices

    On Device Control you can only add devices that are in the Add Exempt List but what if you have a company with thousands of devices could we not add a wildcard for devices ?

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add usb card reader to device control

    we have bank provided usb gemalto card readers which are not in the list and can't be added as an exemption so would like these added.

    This is the ClassGUID and Class for this device:

    <Value Name="ClassGUID" Type="REG_SZ" Data="{50dd5230-ba8a-11d1-bf5d-0000f805f530}" />
    <Value Name="Class" Type="REG_SZ" Data="SmartCardReader" />

    If you look at the following Microsoft article this matches the classification specified:

    https://msdn.microsoft.com/en-us/library/windows/hardware/ff553426(v=vs.85).aspx
    Smart Card Readers
    Class = SmartCardReader
    ClassGuid = {50dd5230-ba8a-11d1-bf5d-0000f805f530}
    This class includes smart card readers.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. Prevent wallpaper change from web dashboard

    Give maintainer an option to prevent wallpaper changes even when user uses Windows 10 home where there isn't policy settings for that and regedit hack won't work ether.

    I know this isn't very commonly needed witth Sophos home version, but there are at least some short time periods when this is needed even at Home version. I really hope you can find a way to implement this and will include it already at beta (will definitely try beta immediatelly when this feature rolls out).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. device control

    Device control removable storage to allow authorised applications full control/write access, eg. word, excel

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow the Read Only option for MTP/PTP devices

    Allow the Read Only option for MTP/PTP devices.
    This feature is usable in case the users attempt to access files storage in Smartphones or Tablets.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Intergration

    It would be nice that when you deploy the Sophos cloud endpoint protection on a Azure domain joined device the device get's automatically mapped to the user in the Sophos Central portal.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Create a remove it or uninstall app

    Create a remove it or uninstall app for sophos so that users who are not in the sophosadminstrators group can uninstall.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Bulk add USB device IDs into exception lists

    We would like to be able to bulk add device IDs to enable easier additions into exemption lists.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. Endpoint encryption of USB devices.

    It would be more helpful if there was a way to manage multiple keys when you need to encrypt USB drives with multiple clients. You do not want to use the same key/password for all USB devices, which is the default. You need to go into each file and change the key used if you want it to be something else. A prompt when putting in the USB, after you say Yes to encrypt, that asks for which password would be helpful. Maybe an option that turns the prompt on and off based your needs.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  20. Log exempted USB devices

    With the Enterprise Console version of the product, when a device control policy is enforcing blocks and allowing exemptions, the exempted devices do not show up in the device control logs.

    Please add the option to log exempted devices.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.