Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Warning for pending reboot after Exploit Prevention updates

    Every time Exploit Prevention has an update, each computer ends up in the "Computers with Errors" field, because it needs a reboot. You can't acknowledge them to remove them from that list, and they won't be removed until they reboot. We try not to reboot our users computers unless we have a scheduled maintenance.
    It would be nice if there was a distinction between an Error and a "reboot needed"

    I check that report to see when computers are legitimately having problems, so when every computer appears in that list after an update, it kind of defeats the purpose.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow upgrading the Endpoint Protection Client via SSCM

    We would like to use SCCM for upgrading (and potentially downgrading) the endpoint protection client. This is currently not possible and supported by Sophos since an upgraded agent will immediately downgrade to the version specified in the software subscription when connected to the Enterprise Console.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Notification From Address

    The "From" address is not something you can configure for email alerts. By default it sends it as sav@<machinename>.<domain> and there is no way to change that. If you are sending through office 365 smtp, it will not allow you to send email alerts with a different from address as a basic security policy.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  4. 2019

    Add Windows Server 2019 to the list of approved operating systems for SEC 5.5.1

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  5. show full version numbers in SEC console

    Update SEC to display the FULL version of products installed on the endpoint. Currently the full version numbers of installed products are only displayed on the endpoints making accurate identification impossible from the SEC console. (As evident in April-May of 2019) At a minimum, gather that information into the SEC dbase so it can be queried.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enterprise console Origin Infection

    I suggest to add the field 'Origin of Infection' on logs of one virus detection.
    This field is very importante in malware such as Conficker or WannaCry.
    Andother antivirus companies provide it.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  7. RBAC Granular Control For Groups

    Groups:

    Top Level
    >Sales
    > UK
    > Germany

    Have the ability for the user to only access Sales and Germany only, excluding UK. This will give them the ability to control these sub-estates only.

    Is this coming?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  8. SMTP configuration

    SMTP configuration

    Please define global smtp server configuration to use for all mail alerts on policies

    You can also define one of global server settings for smtp server. And you can use this setting for all policies by activating related mail alerts.

    I have to maintain all of policies and mail configurations, isn’t it ?
    

    It is not best solution to define smtp server policy by policy. As you see as below, I have too many policies and in this solution it is increasing my operation cost .

    And review other products feature for smtp alerts as same as mcafee…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Disable Tamper Protection through Command Line

    Hi,

    Somethimes, managing 1000+ or even 5000+ machine its difficult, even more if we don't have built-in features in the console to remediate/uninstall corrupt/broken installations.

    But, the main problem is not that. The problem is that we CANNOT disable Tamper Protection remotely to reinstall/remove Sophos AV, in the following cases:

    1) Console was erased/failed and there's no cert/db/registry backup (all Endpoint with Tamper enabled)
    2) Broken installations dont apply Tamper Policies (to disable it)
    3) Migrated console (don't have the old one).

    All this would be solved by having the chance to disable Tamper through Command Line. Example

    Case A:…

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  10. search for sever by IP address in Sophos Console

    searching for servers by IP will be great to manage if we manage hundreds servers.
    Hosting companies are not friendly with the clients hostname.
    It would be very useful to be able to search and identify servers.
    So please add the option under Server Protection > Servers > The IP address searching.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  11. Definition updating

    Currently there is no alert / status change for an endpoint who's definition files are out of date, meaning, let's say you have a fully protected client, but, sophos update (not engine as that alerts if it fails) but rather JUST the definitions fail to update.

    we would like the ability to be able to either configure a threshold for alerting, or be able to simply enable/disabled alerting for definitions not updated.

    we have many endpoints that will fail to update for days, and the result is a system that while there are no alerts, is potentially not protected.

    my…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Restriction to Discover Computers

    Problem:
    We are using Sophos in a multivendor environment which contains over 200,000 clients. The "Discover Computers" button is available for every Sophos admin, because there is no option to restrict this feature. Regularly somebody who is looking for a client presses the discover computer button. Now every network device which is reachable will be imported into the Sophos Enterprise Console and listed as an "unmanaged device". If we don't restart the SEC, sometimes more than 200,000 “unknown devices” are listed in the default "unassigned" group. We can delete these clients but they will remain in the Sophos database until…

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  13. Enterprise Console REST API

    Provide a REST (or other) API into SEC. Basic features such as creating groups, assigning policy, adding/deleting/moving machines would be immensely helpful. Nearly all major software applications now have some form of accessible API that allows common tasks to be automated. This idea was suggested back in early 2015, but sadly was denied.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Bulk Policy Changes

    Enable bulk (various) changes across multiple policies in complex environments with a large number of groups and policies. Instead of having to manually change a setting in each policy one by one (for example, deselect bandwidth restrictions, in each updating policy), it would be benifical to have the ability to select multiple policies and apply the change to all of them. Changing a single setting across multiple policies manually is very time consuming and resource intensive, especially if you have a large amount of policies (100+).

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  15. File hashing is still missing

    After identifcation of malware, do a hash on the file (in Quarrantine or before delete). This helps me to add the hash into other security tools for detection and prevention, and it also helps me to verify it's intended behavior.

    You get rave reviews for this product from the security community but I can't understand why this simple information is not made available within your product.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Message Router service restart on error

    Under certain conditions the Sophos Message Router logs "The network identity (also known as the Interoperable Object Reference or IOR) of the local computer is invalid." and the agent no longer reports in to the Enterprise Console. Even though an error was detected the service does not restart or continue to retry. You can manually restart the Message Router service and it works correctly. Changing the service start mode to "Automatic (Delayed Start)" also works.
    Please modify the Message Router so when this error is detected the service will retry, or terminate the service so Windows can restart it.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  17. SEC Exploit Prevention E-Mail Notification

    Actual there is no way to be alerted by a Exploit Prevetion Event like the E-Mail Notifications in the AV & HIPS Module. Many of our customers are horrified why that standard function is not implemented!

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  18. ldap

    Allow additional filters on the AD/LDAP query used for sync. Our internal policy when retiring an endpoint is to disable an endpoint and only delete it after a period of time. As such, we have a number of retired endpoints showing as unmanaged.

    Enhancement request:
    Permit additional filters on the query to allow the exclusion of disabled systems.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  19. policy evaluation

    The Policy Evaluation Tool (PET) which is part of the console software can generate a report showing exceptions in policies that may pose a risk. We have some reports that are showing valid and desirable exceptions as "questionable". It would be great if we could 'flag' these as safe so that they are not marked as questionable in the future. This would allow us to continually run the PET report and 'catch' risky exceptions that may be added by whoever in the future.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Exclude Process in on-access-scans in Enterprise Console

    Under Antivirus and HIPS, On-Access-Scans its not possible to exclude processes. The Client configuration allowed that.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 8 9
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.