Endpoint Protection
Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data
-
Reports
Report Regarding: Can you Add more column to the reports
EXP: IP Address, Operating System, and mac address
2 votes -
Reports
Please add one more New Feature to the custom report like IP Address, hostname, and mac ID
2 votes -
XG rule notifications
I had to recently create a new drop rule with internal Zone any to wan zone to IP list, this was after repeated ATP alerts from a Linux host attempting Botnet detected host ip connections, I know ATP will block anyway but to be sure I decided to create this top-level Drop rule with the IP list for which I will add Detected IP addresses into so it applies to all internal traffic attempting communication to the same detected ip addresses. It then made me think it would be handy if it were possible to include firewall rules in the…
1 vote -
Ability to restore files which have been Quarantined/Cleaned up
As title, it would be nice if we could restore files which have been Quarantined/Cleaned up, rather than having to restore from backup. This feature is present in other AV's like Webroot.
This can be a pain to restore sometimes when things are falsely flagged as malicious
1 vote -
deployment package
Request for deployment package for Sophos cloud, currently when we deploy Sophos cloud is download or a network drive. However, we need the file to be in MSI instead of exe extension instead. As we need to the future rollout, we need to deployment of our new devices can be use also for auto provisioning. Hopefully, we can have this in the near future for the software deployment.
1 vote -
deployment package
Request for deployment package for Sophos cloud, currently when we deploy Sophos cloud is download or a network drive. However, we need the file to be in MSI instead of exe extension instead. As we need to the future rollout, we need to deployment of our new devices can be use also for auto provisioning. Hopefully, we can have this in the near future for the software deployment.
1 vote -
Implement notification for Highly suspicious file executions
Allow email notifications for the Threat Center threat indicators. I can see "High Suspicion" files executed on an endpoint with no possible configuration for email notification.. (verified by Sophos tech support)
3 votes -
Check for presence of TPM
It burns me a bit every time I go to the Encryption section and I see "Computers that could be encrypted." Sure, every computer "could" be encrypted, but why not do a simple WMI query with Endpoint and determine if there's an active TPM chip on that computer, and show that as another view? It would save us so much time to just see that, and enable all of those computers immediately. We would consume more licenses, that's for sure.
1 vote -
report button
Hi,
The report button for outlook should be available in the Microsoft store. It would be much easier to deploy.
Thank you,
Jeff1 vote -
we require Sophos Endpoint report for below components.
we require Sophos Endpoint report for below components.
Core Agent Endpoint Adavance Sophos Intercept X
We have raised the ticket for same.
Sophos Support Case 033682701 vote -
create
On the Sophos Endpoint Protection, there should be a way to customize the progress indicator bar. Currently, when a scan is initiated and running, all you see from a end user's desktop is the green progress indicator bar.
1 vote -
Ability to select resolution to detections
On Sophos Endpoint policies, having the ability to decide on "Action to take"on all detection/issues.
When building software packages for deployment we receive numerous false positives.
Having the ability to respond to a detection to say "This is a safe file" would save many hours wasted adding exceptions and repackaging again. This is already an option for "Low reputation files downloaded".2 votes -
Deception Technology Integration
A Sophos competitor has recently released a new feature into their Security platform. They are calling it "Advanced Deception Technology". It essentially deploys a variety of different honeypots throughout your network and automatically reports on them when any of them are accessed. There are MANY companies that don't have the know-how, time, or money to implement these sorts of proactive measures. I would love to see this as an additional feature that could be integrated into the Sophos Central platform as part of the EDR solution.
1 vote -
You should not be limiting the size of messages, that is the email server's job.
I have two clients that are upset with this restriction. As am I. it is not Sophos' job to control the size of messages. Microsoft 365 has an upper limit of 150 MB, your services should be matching that, or remove the limit altogether.
1 vote -
Sophos endpoint protection new feature request
endpoint software does scan the registry for potential malware.
But I hope to add a registry function,
Allow users to block applications that are not allowed to be installed through the registry.
1 vote -
Enable/Disable Tamper Protection for a group of computers
Enable/Disable Tamper Protection for a group of computers from Sophos Central rather than disable/enable for all servers/computers or each device manually.
2 votes -
Hardware inventory for asset management and audit
I would be great if sophos intercept-x can gather every installed device hardware & connected devices inventory records for auditing and asset management purpose, as sophos intercept x is related the security, using the hardware records we can identify physical changes in hardware configuration of system like memory, hard-disk etc..
5 votes -
"A computer is no longer sending security heartbeats" Alerts
95% or more of the time we get the "A computer is no longer sending security heartbeats to Sophos Firewall" alert email messages, the heartbeat issues clears itself up in 5-10 minutes. Usually this is due to the computer restarting or InterceptX is updating. This generates way to much work to review all those alerts, check Sophos Central to be sure it's back online and then file away or delete the alert. I would love to have a way to set how many minutes the computer goes without sending the heartbeat before that alert is sent.
Yes, some will say…
1 vote -
Garmin Express Update
Garmin Express is a desktop software that notifies you for the latest maps and software availability. You can download the GarminExpress in your PC (Windows or Mac) from the support website, and it will help you install the updated maps on your Garmin GPS.
Every customer has a different choice, and they need maps for other purposes such as cycling, driving, golf, or as a wearable. Luckily, we have the Garmin GPS, which lets us download the maps of our choice. Moreover, the process is so simple that even a non-techie can do it without even realizing it.
https://www.garmincom.express/1 vote -
Inform user when group policy prevents installation of Sophos Protection Installer
I spent hours trying to install Sophos endpoint protection on a server and it would get to about 90%, hang for almost an hour, then fail only saying it could not be installed. When I got support involved, we discovered deep in one of the logs that group policy was preventing the installation. Why isn't this checked during the prerequisite check and if discovered, flagged immediately??
1 vote
- Don't see your idea?