Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sophos for Mac

    Sophos for OS X recognizes a Virus and tries to delete it. But the Virus was in a Temporary directory so Sophos gives back the error that it cannot delete it. Put a File Check there to be sure that the File still extists if not delete the Alert otherwise try to delete it and give an Altert.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Re-implementation of “Per process” exclusions for Anti-Virus scanning in Server 2012

    Sophos Product Information
    Sophos Product: Sophos Endpoint Protection (antivirus client)
    Version in Production: 10.3

    Feature Request Summary
    Re-implementation of “Per process” exclusions for Anti-Virus scanning.

    It appears that this hidden function of the endpoint client no longer operates in Windows 2012 (see the support case that gave rise to this request #5147863).

    It would in fact be useful to formalise and document the functionality, as well as provide easier access to it.

    How will this new feature address your business requirements?:

    We would use this feature to avoid impact on backup speed where on-Read scanning is enabled on systems.

    On-read…

    27 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    16 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Improve Wildcard Criteria

    Improve the Wildcard criteria for File Exclusions, inline with MS KB article KB822158.

    So that *.* or say Edb*.log can be excluded rather than having to open up the entire folder or a blanket exclusion on all files with the extension.log etc

    Thereby improving granularity and allowing exclusions to be very specific to named O/s files.

    Examples being:

    FileIDTable_*

    Ntfrs*.*

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Use Fully Qualified Names in Enterprise Management Console

    Instead of using the NetBIOS Name for computers in the SEC, use the Fully Qualified Domain Name (FQDN). This would allow administrators to use the Protect Computers Wizard more easily, ensure proper identification of machines in the console, and allow for additional ways to filter computers in the list.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  5. Separate Policy for Alerting

    When working in large environments with several sub-estates it would very useful having a separate policy for the alerting via E-Mail or SNMP

    Typically components of the AV+HIPS policy (e.g. Exclusions) can be reused in the sub-estates but in scenarios where have to alert different groups of administrators it would improve the usability when we could provide a separate alerting policies.

    So we would have a much smaller count of AV+HIPS policies and only one alerting policy per sub-estate.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add ability to configure Message Relays to the SEC GUI

    Currently we have to find and edit mrinit.conf. It's not terrible, but a bit tedious to remember exactly where to do it and when to change MRParentAddress vs ParentRouterAddress, so it would be great if a sub-pane was added to the CID configuration window that lets you edit the values there at least. (Update Managers, Configure, Distribution tab, Update To list, click Configure. This window.)
    Bonus points if we can edit a particular endpoint in the Endpoints view and opt to make it a message relay, then the configure window above would list endpoints that have this designation.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  7. SEC import/export policies

    Allow export/import of all policies in Sophos Enterprise Console

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  8. Native support for Syslog

    The Sophos Enterprise Console needs the native capability to generate Syslog messages in response to system events and security incidents.

    Many IT organizations rely on Syslog in order to transmit event messages to other applications for further processing such as: Centralized log storage, Forensic log analysis, IT help desk, Incident Response, Audit, etc.

    When integrating Syslog events with a SIEM or Log Management tool, the tool receiving the events usually needs to normalize the data into their expected format. When creating a Syslog capability, it would be helpful if all of the events IDs were documented so that customers could…

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Alert email

    Client wants that as an administrator, they are receiving the Alert email for Out -of-Date Computers Or with other Alerts setting email but this email doesn't contain the list of related endpoints and their description, which Admin wants to quickly look from the email rather than go and jump to console.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Createa an exclusion template for Microsoft recommended exclusions for AD

    Microsoft has a set of exclusions that it recommends for AD. As a starting point from which users could add/remove further exclusions, how about a template of exclusions to import into Sophos for Domain Controllers.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  11. SEC endpoint computer health check

    Feature to allow an admin to check if a computer is online and its current status directly from the console

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  12. Linux endpoint pass AD domain to SEC

    Allow linux endpoint to pass or detect the AD domain so that it doesn't have the issue described below.

    This will allow the use of AD sync and linux machines in an enviroment where the agent can be re-installed or the OS re-imaged.

    https://community.sophos.com/products/endpoint-security-control/f/3/p/9843/30725
    https://community.sophos.com/products/endpoint-security-control/f/16/t/9845

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  13. SEC policy inheritance

    Customer want a inheritance of policies down SEC folder structure then he replaces a policy in a top folder

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Sophos Services preventing to stop in administrator User

    Sophos AV can prevent stopping on their services as you log on as Administrator account to prevent disabling the features of sophos.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Review  ·  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  15. ARP Spoofing detection in Sophos Anti virus manage by SEC

    On be half of our client we will request this features to have on your Sophos AV Manage by SEC Server to prevent in ARP spoofing/poisoning.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Monitoring capability to see Endpoint scheduled scans are running or have been run (with timestamp) via SEC.

    Feature on SEC to view and monitor scanning on endpoints. Viewing on Computer Details when the last scan occurred (or started).

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  17. Be able to delete compressed files that have an infected file in them.

    Be able to delete compressed files that have infected files in them. Either as a default setting or as a option in the enterprise console. Many of the virus/adware that can not be cleaned are inside compressed files. In almost all cases deleting the compressed file is the preferred solution..

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Want to have the specific revomavable device that was used (thumb drive, cellphone, HDD, etc) and the device ID on the Data Control Log

    Removed personal/company/partner information

    This will mainly help in our security reviews to provide relevant information about data/file transfer here in our company.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  19. The Interactive Services Detection service terminated with the following error: %%1

    Server 2012 Windows event error:

    The Interactive Services Detection service terminated with the following error: %%1

    Possible to change the way our programs function with Server 2012 and future versions to no longer cause this error

    http://blogs.technet.com/b/home_is_where_i_lay_my_head/archive/2012/10/09/windows-8-interactive-services-detection-error-1-incorrect-function.aspx

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  20. The migration (server to server) guide could be more verbose about user accounts.

    For example explaining which users are required when migrating from older servers. How the EMLibUser no longer exists and thus is not needed. What a SophosSAU0 account is, or a link to the kb explaining it. (https://www.sophos.com/en-us/support/knowledgebase/58627.aspx)

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.