Endpoint Protection
Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data
-
Details of "Update succeeded" in the event log
We would like to be displayed it so that we can see what has been updated in Central.
8 votes -
Surface pro X
Please give an update for the upcoming Surface Pro X
The upcoming Surface Pro X that will run on an ARM processor will not be supported by Endpoint (I do apologize for the earlier confusion).The issue is with ARM processor and how it emulates 64 bit applications. Particularly, applications that originally were coded for 32 bit applications like Endpoint.
35 votes -
Endpoint & Server License Overlap Alerts
When a customer has a termed license which is due to expire, a license expiry notification is sent to the end user, stating that their licenses have expired. This notification is fine if their licenses have not been renewed and have expired.
However if their licenses have been renewed and there is a new termed contract in place.
Please do not email customers that their licenses have expired. As a result we end up with complaints from the end user that we have not renewed their licenses. Then have to explain it is Sophos fault for an automated service sending…1 vote -
Ability to whitelist a specific threat
Here is a use case. One of our computers is used for demo purposes, and the demo includes uploading a file that knowingly contains a malware and demonstrating that the malware is detected.
We use a specific type of malware: OF97/EicarDrp-A, and we attempted to create a dedicated policy just for this computer that excludes this type of malware. However, this turned out to be impossible. Using a "Potentially Unwanted Application" exclusion type and setting it to "OF97/EicarDrp-A" didn't work. The support engineer advised to use "File or folder" exclusion type (case number 03580697), which is quite insecure (the user…
1 vote -
XG rule notifications
I had to recently create a new drop rule with internal Zone any to wan zone to IP list, this was after repeated ATP alerts from a Linux host attempting Botnet detected host ip connections, I know ATP will block anyway but to be sure I decided to create this top-level Drop rule with the IP list for which I will add Detected IP addresses into so it applies to all internal traffic attempting communication to the same detected ip addresses. It then made me think it would be handy if it were possible to include firewall rules in the…
1 vote -
Application isolation
Please implement application isolation for the well-known apps like Office, Adobe reader, browsers.
Users can open files from unsafe locations in a secure container on the client to prevent threats.regards
1 vote -
Realtime and on access scanning for Linux version 20.04 and above.
My company has increased our Server licensing to cover our new Linux web fabric, just to find out that Sophos does not support a version of Linux that has been out for over a year now.
Please update to remedy this.
Thank you.1 vote -
Sophos Central Backup policy
Able to backup Sophos Central Endpoint and server protection policies/ configuration
Backup is so important :)
1 vote -
Sophos Central sub-estate push policy
Currently only the base policies can modify and push by enterprise admin to sub-estates/tenants.
It would be helpful for enterprise admin to create different policies for different sub-estates, especially if you don't want to have admins on sub-estate (e.g. you only want to assign helpdesk on tenants).
1 vote -
URL logging in DLP
Can the destination URL that the user is uploading files to please be included on the DLP logging. This would help us in getting better information for users uploading files to websites.
Currently we have to use a 3rd party tool to check the URLs.
3 votes -
Suppression of notifications
Whenever a new update is rolled out, the endpoint agent will popup a message that says something like "Sophos Endpoint Agent Updated." or "Updates will complete upon system reboot" and this will generate unnecessary phone calls to our helpdesk. Requesting the ability to suppress (popup) notifications on Sophos Endpoint Agent via the Sophos Central site.
1 vote -
Cache previous web control policy so user switch policy activates faster
Please have the endpoint cache previous policy and/or all policies. Case 03520881 showed how a very restrictive web control policy doesn’t work initially IF the previous user had an full internet web control policy previously. Sophos takes 1-2min to identify the current user & apparently download the policy so the restricted user wrongly has open internet for 1-2min. If you have per-user policies shouldn’t they work right away? End-users don’t usually wait for things. This wasn’t an issue with a previous vendor ESET. This is more than just an inconvenience in a residential treatment facility & school settings where (CIPA)…
1 vote -
Ability to restore files which have been Quarantined/Cleaned up
As title, it would be nice if we could restore files which have been Quarantined/Cleaned up, rather than having to restore from backup. This feature is present in other AV's like Webroot.
This can be a pain to restore sometimes when things are falsely flagged as malicious
1 vote -
Sophos Endpoint Agent "Offline Installer"
The "Sophos Endpoint Agent" should successfully finish the installation process after the successful installation and setup of its own service. The installation of the other Sophos components should not be part of this installation routing.
1 vote -
confirmation dialogue for moving assets between groups in SEC
Create a confirmation dialogue box for moving assets between groups.
This would reduce the likelihood of accidentally dragging assets from one group to another and affecting large numbers of endpoints.Recently we encountered an issue whereby the explorer like functionality of Sophos Enterprise console left us with a number of laptop users losing connectivity to Wifi as the policy group the endpoints were moved to didn't have Wifi allowed. Whilst this was purely human error, a confirmation dialogue box would have given pause to allow review of the changes.
I understand this is hard, if not impossible to do in…
2 votes -
Web Control Policy applying on a group of computers
there is no way to apply a web control policy to a group of computers independent of which user is logged in
please make this feature available1 vote -
a
a report or alert that notifies the admin when tamper protection is disabled and for how long it has been diabled
1 vote -
deployment package
Request for deployment package for Sophos cloud, currently when we deploy Sophos cloud is download or a network drive. However, we need the file to be in MSI instead of exe extension instead. As we need to the future rollout, we need to deployment of our new devices can be use also for auto provisioning. Hopefully, we can have this in the near future for the software deployment.
1 vote -
deployment package
Request for deployment package for Sophos cloud, currently when we deploy Sophos cloud is download or a network drive. However, we need the file to be in MSI instead of exe extension instead. As we need to the future rollout, we need to deployment of our new devices can be use also for auto provisioning. Hopefully, we can have this in the near future for the software deployment.
1 vote -
URL whitelisting in DLP
We use SharePoint for collaboration,and do not want alerts popping up when documents are uploaded to this site. Monitoring and alerting about files transferred to corporate sharepoint site creates a lot of noise and makes the feature unusable.
Can we have an option to whitelist https://XXXXXX.sharepoint.com/sites/ to exempt it from being monitored/Alerting for DLP ?3 votes
- Don't see your idea?