Possibilitar ao cliente liberar ou não a execução de aplicações a partir de dispositivos de armazenamento móveis, mesmo que o usuário tenha permissão para acesso a dispositivos de armazenamento móvel.

We are looking for Application-Based Admin Access features (Enable/Disable) on end-users machine so that Centralized Control can be implemented while providing the admin rights or Application base admin Privilege to end-users System.

Built-In Feature of Sophos XDR can be useful

On the Sophos Endpoint Protection, there should be a way to customize the progress indicator bar. Currently, when a scan is initiated and running, all you see from a end user's desktop is the green progress indicator bar.

It is 2020 and macOS is a common workplace device. We require the ability to prevent file transfers containing PHI and other protective information, as well as create custom rules. This needs to be revisited

On Sophos Endpoint policies, having the ability to decide on "Action to take"on all detection/issues.
When building software packages for deployment we receive numerous false positives.
Having the ability to respond to a detection to say "This is a safe file" would save many hours wasted adding exceptions and repackaging again. This is already an option for "Low reputation files downloaded".

I need to report on the number of workstation, laptops and servers using Sophos licences which I can't as I can't separate laptops from fixed computers.
I would also need to run a report and ensure that all laptops have the device encryption enabled (where it is less critical if not enabled on a fixed workstation) and this is also something which you can't do because you can't find out about specific device category like 'laptop'.

Can the destination URL that the user is uploading files to please be included on the DLP logging. This would help us in getting better information for users uploading files to websites.

Currently we have to use a 3rd party tool to check the URLs.

A Sophos competitor has recently released a new feature into their Security platform. They are calling it "Advanced Deception Technology". It essentially deploys a variety of different honeypots throughout your network and automatically reports on them when any of them are accessed. There are MANY companies that don't have the know-how, time, or money to implement these sorts of proactive measures. I would love to see this as an additional feature that could be integrated into the Sophos Central platform as part of the EDR solution.

I have two clients that are upset with this restriction. As am I. it is not Sophos' job to control the size of messages. Microsoft 365 has an upper limit of 150 MB, your services should be matching that, or remove the limit altogether.

1. support automation of adding block hashes into endpoint protection blocked items via custom feeds




2. alerts on the dashboard for detection of files that are in the blocked item list. currently there is no alerts on the dashboard. if one does not have a SIEM to do monitoring, then one must manually check each endpoint in the central to see who has detection due to the blocked item list.




3. option to automatically create case based on item 2.

endpoint software does scan the registry for potential malware.

But I hope to add a registry function,

Allow users to block applications that are not allowed to be installed through the registry.

the current Mail App (Windows 1909) has no exe left to start So far it was blocked by SAC. Not anymore. So users can start it.
ICh used Sophos to block the unnecessary Windows 10 apps. This no longer works.
Sophos support asks for an exe - I (and no one else) can't provide it.
Sophos has to adapt / develop here and continue to block these apps as well.

We use Sophos on about 100 linux systems for protection. For installation we use a script and that is working well. Because we want to automate the installation of the linux systems further we use Saltstack. By installing Sophos-agent with Saltstack we get errors(service request 03218428). So can Sophos make an installation that works under saltstack.

.msi installer for Sophos.

Is it possible to get an .msi installer for Sophos Endpoint Protection?

Many threat intelligence services offer MD5 or SHA hashes of known malicious files. It would be excellent if Sophos endpoint could report up to Sophos Central on file hashes that were either downloaded from the internet or received by email. Then a SIEM or similar tool could alert if a known malicious hash was detected.

Enable/Disable Tamper Protection for a group of computers from Sophos Central rather than disable/enable for all servers/computers or each device manually.

This function is helfull to remove quicly solved alert notification by accesing in admin panel. In some cases, always having to login to the console to reset the alerts is very time consuming.