Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Clear/resolve alerts from endpoint client

    This function is helfull to remove quicly solved alert notification by accesing in admin panel. In some cases, always having to login to the console to reset the alerts is very time consuming.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  2. Sophos Central Email Alerts Customization

    For organizations with regional IT teams, it would be helpful if email alerts could be configured beyond just severity, product and category. For example, it would be useful if email alerts could be sent for events pertaining to a specific group or groups of computers. It would allow IT teams to only receive alerts for machines that they are responsible for. Alternatively, regex or string matching criteria would be super useful (more flexibility).

    Thank you for your consideration,

    Albert

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to control mitigation of detected issues

    We would like the ability to separate different threat types (PUA, Malware, Adware, etc.) and then be able to select an action to take on these individually (Remove, Quarantine, email alert, etc.) As of right now there is no way to treat any of these differently or define how to mitigate the risk.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add admin comment field for Threat Policy Exclusions

    When adding files, websites and applications from scanning for threats,
    it would be great to have another field or 2 so that the Sophos admin can enter when exclusions are being added and a description for the reason why (i.e. internal helpdesk ticketnumber)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  5. Support / Auto Exclusions for Exchange 2019

    What about Automatic Exclusion / full support for Exchange 2019 ?
    -it's (GA) been out for over a year..

    ETA ?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  6. Threat Analysis Center UI Improvements

    I noticed several improvements that could be made to Threat Cases :
    1. The first section is not clickable. Ex: clicking on Root Cause or Beacon should Click on the File/Process in the Map below
    2. SOPHOSLABS Threat Intelligence > Machine learning analys > Code similarity; it is not possible to select and copy the hashes. The hashes don't display fully and when hovering over them, we see the full hash as a preview but it is not possible to copy it
    3. SOPHOSLABS Threat Intelligence > Download PDF. The file is image based and the text is also not…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sophos Central Uninstall Option

    Almost all central or cloud consoles for competing AV products have the ability to remotely remove/uninstall agents from a workstation. There are command line functions that can be used directly from a workstation to do this and you can reinstall the product if already partially installed, so it would seem like a VERY simple change to implement an uninstall function.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  8. Fix the Running malware in quarantine or cleanup failure indicator in Sophos Central

    We're constantly having hosts that have a status of red because Sophos is falsely reporting that "Running malware in quarantine or cleanup failure" Can we fix this or have an automated process to delete the events.db?

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  9. MFA

    Currently, when enabling the setting to require MFA for all admins, it breaks the AD Sync tool. The only way around this is to manually add Admins to the list required to use MFA. This is a potential security issue as it is easy to forget to do this. I would like to see a feature added where MFA can be set to required for all admins, but the ability to add an exception for instances such as the account used for AD Sync. Thanks

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add anti-tamper status to report

    Could we have each system's anti-tamper status added to the Computer report? I believe there is a compromise solution looking at events for SEC customers but that is not an option for Central.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  11. User group assignment install parameter

    There is an existing install parameter "--devicegroup=<Central group>" to automatically add a new device to a specified group in Sophos Central. I would like to propose a "--usergroup=<Central group>" parameter to do the same for any new user added as part of the install, which can be used in tandem with the devicegroup parameter.

    This would be useful for managing client-specific, user-based policies (such as Web Control) without having to manually add new users to a policy or group or make client-specific changes to a global policy that would affect all clients.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  12. Put a PAUSE / Stop button on the Central Endpoint scans!

    Put a PAUSE button on the Central Endpoint scans! When it is scanning it makes using the computer next to impossible with high resource usage. All applications are slow to respond, if at all. Sometimes need to use the computer during a scheduled scan--no choice now but to Cancel the scan. Unfortunately Sophos has not provided an option to rescue his work. All other antivirus and anti-malware software have PAUSE buttons. Why not Sophos? Sophos theme is security made simple. So pls do not complicate. Need a button pls.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  13. central add note

    It would be very convenient if administrator has the option to add a note to device for reference purpose.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  14. Block single peripheral, whilst allowing all by default

    In Sophos Central, you can block all peripherals by default - and then have an allow list

    You can't do it the opposite way round, where you allow all devices and just have a block list.

    When trying to create a Peripheral Exemption to Block a device, with the default being Allow, it says that "Exemptions cannot be stricter than global settings."

    This mean that for a particular customer, we have to Allow around 300 USB devices just to block a singular device which a user brought in with malicious content on.

    It would be good to just block a…

    59 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  15. Customise date range on Hero Report

    Please allow users to specify a custom report range for the excellent Hero report.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  16. Detailed Reporting of Installed Agents

    Need to be able to see the protected servers with a list that shows more details. Agent Version, Component Versons. Customize Lists.

    Need to add a report to produce a detailed server list and installed component versions.
    THIS IS AN AUDITING REQUIREMENT - KPMG!

    Thanks.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  17. Display status of client from taskbar icon

    When a PC has the Endpoint Protection Client deployed via Sophos Cloud, if the client has issue or is out of date, there is no visual prompt on the Sophos shield icon in the notification area. You have to open the client and then click about, to see when a client last updated.

    When we used to use Sophos Enterprise Console, the Sophos icon in the notification area would have a red cross overlaying the icon, notifying the user of a problem

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  18. clear multiple alerts

    From Cloud Console, Status Tab, Alerts section, it would be great to have an option to select multiple alerts and clear them/acknowledge them all at once. If I'm addressing an endpoint with multiple actions, I have to go through one by one and Mark as Resolved. At the very least they could be grouped so that I don't have to confirm multiple instances of the same persistent file being cleaned up because another infected computer on the network is dropping a file on it and Sophos is deleting it. If this happens after hours I could have 20 of the…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  19. Scan ALL

    Scan ALL Computers from Central

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  20. lockdown

    would be nice to be able to see more lockdown events than 24 hours and also to be able to search/filter by date range. Also, why cant we get email alerts when lockdowns happen?

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 9 10
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.