Apparently Mac OS is not currently supported by Sophos Endpoint DLP. We have a decent number of Mac laptops in use in our environments and have a need to protect PII. Please consider building out the DLP module to support the Mac OS.

Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??

Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.

Central Endpoint: Is it possible to add a "layout" to except USB Devices by ID combined with a Person? So the Basic Policy could block any USB Device and Exceptions are made by Person instead of a Policy which allows the Device for many Computers or Users. So the exceptions is one by one (Device ID & User).

Enterprises need File Integrity Monitoring on their Linux system files. This is a requirement for all systems requiring Continuous Monitoring (NIKST 800-137) which are all defense contractors, Government contractors, government agencies, and soon, all HIPAA covered entities.

For thin clients that do not have more than a few GB to spare for an anti-virus solution, a lightweight version of Sophos which is conscious about the amount of space it uses would be helpful.

In Sophos central console, Threat Protection>Scheduled Scanning it shows the only option for weekly scanning but we can not schedule scans on a weekly basis as Sophos utilize lots of primary memory and thus machine gets slow. I would like to get an updated version which provides monthly schedule scanning. It would be very helpful if we get this option on Sophos EP.

Terminal Server users on Windows Server 2012R2 are not able to do right click scanning without be prompted for UAC. I contacted Sophos with this issue and the outcome was: the product is designed in such a way that on the server 2012 R2 the user will be prompted for credentials to run a right click scan. They recommended to make a feature request.

IQ TechLine has been providing quick and reliable solutions to users as well as businesses through PC helpline number. Their IT experts are always ready to deliver most reliable and enhanced services to improve the performance of a system.
Website:-https://www.iqtechline.com/support-for-pc-optimization

Scan ALL Computers from Central

The Sophos Central Update Cache equivalent of a Child SUM. This will allow organisations to save internet link bandwidth by allowing Update Caches to pull updates from other caches over LAN/private WAN links.

When getting an ROP, HeapSpray, StackExch exploit detection, it would be nice to know what site(s) the user was on at the exact time of the detection. This would allow us to look at whether or not the site caused the detection. We can even access the site from our detonation chamber to test.

Should work on VCenter Clusters with DRS on

Following the security problems of SMB v1 operated by some ransonware some companies have decided to disable the smb v1 protocol. It would be interesting to be able to enable SMBv2 or SMBv3 for shares of Sophos Security VM or simply propose a procedure to activate SMB V2 or SMB V3

Allow us to add exclusions, especially to MTD, for websites/IP addresses in Linux. We have VMs in a cloud environment that are constantly talking to a monitoring host. Without those exclusions CPU usage is really high.

Please separate translate and proxies in blocking websites.
We are an international company and need to translate words from one language to another. These sites serve a business purpose and I'm adding numerous exceptions just so team members can do their job

I have some project and I need install SOphos Endpoint from Enterprise Console remotely, but the CRT cannot remove the OfficeScan 11 and XG automatically.
So I sugest that CRT remove Trend Micro OfficeScan 11 and XG automatically when install from Enterprise Console.