Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. DLP Support for Mac OS

    Apparently Mac OS is not currently supported by Sophos Endpoint DLP. We have a decent number of Mac laptops in use in our environments and have a need to protect PII. Please consider building out the DLP module to support the Mac OS.

    6 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      3 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
    • Device Control - USB Devices

      Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

      Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

      36 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        3 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
      • Allow USB Device by ID AND per User

        Central Endpoint: Is it possible to add a "layout" to except USB Devices by ID combined with a Person? So the Basic Policy could block any USB Device and Exceptions are made by Person instead of a Policy which allows the Device for many Computers or Users. So the exceptions is one by one (Device ID & User).

        3 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
        • File Integrity Monitoring on Linux Server Protection

          Enterprises need File Integrity Monitoring on their Linux system files. This is a requirement for all systems requiring Continuous Monitoring (NIKST 800-137) which are all defense contractors, Government contractors, government agencies, and soon, all HIPAA covered entities.

          4 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
          • Thin Client/Lightweight Version

            For thin clients that do not have more than a few GB to spare for an anti-virus solution, a lightweight version of Sophos which is conscious about the amount of space it uses would be helpful.

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
            • Sophos Central - Scheduled Scanning

              In Sophos central console, Threat Protection>Scheduled Scanning it shows the only option for weekly scanning but we can not schedule scans on a weekly basis as Sophos utilize lots of primary memory and thus machine gets slow. I would like to get an updated version which provides monthly schedule scanning. It would be very helpful if we get this option on Sophos EP.

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
              • Option to delete files when it can't be cleaned by Sophos

                We have several site all around the world but Sophos is centraly managed which means that we cannot always physically go to client computers or remotely connect to them (because of time zone, bad internet connectivity, etc...).

                So when an alert for files like those is raised in the console:
                Manual malware cleanup required: 'Mal/VMProtBad-A' at 'G:\PortableApps\Sid Meier's Civilization V + DLC\CivilizationV_DX11.exe'
                Manual malware cleanup required: 'Mal/Sality-D' at 'E:\hasna .scr'
                Manual malware cleanup required: 'Mal/VB-OL' at 'E:\Data Dell.exe'

                I would like to be able to select "Delete" and not just wait that something happen. Currently the only option is "Marked…

                16 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                • Right click scanning without UAC Server 2012 R2

                  Terminal Server users on Windows Server 2012R2 are not able to do right click scanning without be prompted for UAC. I contacted Sophos with this issue and the outcome was: the product is designed in such a way that on the server 2012 R2 the user will be prompted for credentials to run a right click scan. They recommended to make a feature request.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Windows Server  ·  Flag idea as inappropriate…  ·  Admin →
                  • PC Helpline

                    IQ TechLine has been providing quick and reliable solutions to users as well as businesses through PC helpline number. Their IT experts are always ready to deliver most reliable and enhanced services to improve the performance of a system.
                    Website:-https://www.iqtechline.com/support-for-pc-optimization

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      4 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                    • Scan ALL

                      Scan ALL Computers from Central

                      7 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                      • The ability to utilize subordinate update caches to have a distributed update structure internally

                        The Sophos Central Update Cache equivalent of a Child SUM. This will allow organisations to save internet link bandwidth by allowing Update Caches to pull updates from other caches over LAN/private WAN links.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          1 comment  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
                        • On-access from SEC: Exclusions of FileSystems

                          Hello,

                          when using on-access from the Sophos Enterprise Console (SEC):

                          - currently 2 modes are possible for exclusions:
                          " Exclude Items": Files and directories can be excluded by path.
                          " Exclude remote files": Excluding remote files currently excludes the following by filesystem: nfs, cifs, smb, smbfs,coda, afs

                          - Our customers need possibility in SEC to exclude as much filesystems as the command « ExcludeFileSystems » permits to do in the Sophos Linux agent, which supported FS list is :
                          https://community.sophos.com/kb/en-us/118932

                          Example:
                          To have possibility to only exclude a filesystem of type "fuse" from the SEC.

                          Is it an evolution planned…

                          2 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                          • Root Cause Analysis for attacks from remote machines

                            We recently had an incident where there was a Ransomware detection from a remote internal server that was stopped by Intercept X. It turns out that it was a false positive, however investigating to get to that conclusion was a problem as there is only a generic event created in Sophos Central but no Root Cause Analysis. If you look in the Windows event viewer logs for hitmanpro, you can see which files were affected and where the attack originated from, so the information is available but not being used within Sophos Central. When it comes to critical detections like…

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
                            • Report the active websites in Exploit Prevention

                              When getting an ROP, HeapSpray, StackExch exploit detection, it would be nice to know what site(s) the user was on at the exact time of the detection. This would allow us to look at whether or not the site caused the detection. We can even access the site from our detonation chamber to test.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                              • Need to work on clusters with DRS

                                Should work on VCenter Clusters with DRS on

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
                                • smb V2 enabled

                                  Following the security problems of SMB v1 operated by some ransonware some companies have decided to disable the smb v1 protocol. It would be interesting to be able to enable SMBv2 or SMBv3 for shares of Sophos Security VM or simply propose a procedure to activate SMB V2 or SMB V3

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    2 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Website/IP exclusions for Linux

                                    Allow us to add exclusions, especially to MTD, for websites/IP addresses in Linux. We have VMs in a cloud environment that are constantly talking to a monitoring host. Without those exclusions CPU usage is really high.

                                    1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      Under Review  ·  0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Proxy AND Translate Web Control Categories

                                      Please separate translate and proxies in blocking websites.
                                      We are an international company and need to translate words from one language to another. These sites serve a business purpose and I'm adding numerous exceptions just so team members can do their job

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Remove third-párty endpoint

                                        I have some project and I need install SOphos Endpoint from Enterprise Console remotely, but the CRT cannot remove the OfficeScan 11 and XG automatically.
                                        So I sugest that CRT remove Trend Micro OfficeScan 11 and XG automatically when install from Enterprise Console.

                                        3 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Changing of license type from Advance to standard in portal

                                          Client mentioned below:

                                          Client advised that they are using command line method to deploy Sophos Antivirus

                                          but they didn't found in below KBA for option for Standard and advanced license product option

                                          and due to that they need to login to each client portal -> go to Licensing -. and then change the license type from Advance to Standard

                                          and he is looking something automatize through command line as in below KBA

                                          https://community.sophos.com/kb/en-us/127045

                                          Advised him, currently there is no option, however he may go as a feature request which go towards the Sophos developing team but unfortunately we don't have…

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.