Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Linux process exclusions

    Add feature to create Linux process exclusions. Process exclusions are already available for Windows servers but not for Linux servers.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  2. Remove Non-Persistent VDI Sessions from Sophos Central

    Within the Sophos Central console, non-persistent VDI sessions create new instances every time they are started. The console should be able to remove a non-persistent VDI session once it is closed out.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  3. vipre

    The Sophos installer should be able to remove Vipre branded A/V products on installation.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. global exclusion authorisations detail

    When you authorise a PUA from the Alerts are in Central it adds a global exclusion with a name that does not mean much and enters no detail about why it was created and by who. If it could add some of the detail found in the audit log to the exclusion it would help admins verify the exclusions and ensure they are needed.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. How to activate FOX News on Roku?

    First, you need to get the FOX News app on the Roku device from the channel store. You can get this app under the News and Weather section. Once completing the installation process., you can access the app and get the activation code. Take a note of this code and open a web browser. Visit foxnews com activate and in there choose the device that you are using. Next, key in code and select the pay-TV provider. At last, click Activate to initiate the activation process.
    VISIT - https://www.go-roku.net/foxnews-com-activate-roku

    Want to know how to activate Fox News via foxnews com…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Implement notification for Highly suspicious file executions

    Allow email notifications for the Threat Center threat indicators. I can see "High Suspicion" files executed on an endpoint with no possible configuration for email notification.. (verified by Sophos tech support)

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  7. Peripheral Exemptions

    Peripheral Exemptions: when we have Exemptions any Device so can Add hostname or user name

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  8. Applications Blocked by EndPoint Not vissible on Endpoint or Central Management

    Applications Blocked by EndPoint Not vissible on Endpoint or Central Management. Please add blocked applications to the detections on the endpoint and Central Management, so these detections/blocks are noticed directly.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. Need a option to add server group in SophosInstall.sh like Windows/Mac --devicegroup option

    Some customer asks about adding group automatically during the installation on Linux server(central).
    There is a option for Windows/Mac endpoints.
    Is it possible to add similar option for SophosInstall.sh? like --servergroup, --group and so on.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  10. Application base admin Privilege to end-users System

    We are looking for Application-Based Admin Access features (Enable/Disable) on end-users machine so that Centralized Control can be implemented while providing the admin rights or Application base admin Privilege to end-users System.

    Built-In Feature of Sophos XDR can be useful

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Block Google Quic on Sophos Central Endpoint Protection

    Allow us to block Google Quic protocol on Endpoint level since we can do it from the Firewall. This would allow us to block it from the agent instead of having to manually disable it on Chrome or setup a Windows Firewall rule to block 443 or 80 on UDP.

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. MAC address

    Sophos Central should show MAC addresses for connected devices.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow wildcards to be used in custom content types

    Allow wildcards to be used in custom content types. Specifically so that when a file is allowed by removable storage, it will record the file name even if it doesn't match a specific file name or extension.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  14. USB Block with pass

    Hello. We have a suggestion for the Endpoint. The suggestion is to lock the USB devices and allow the function to release with a password. It would be an additional option within the existing "block", "allow" and "read-only" actions.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add a way to filter out the device type/device category in reports (laptop, workstation, server)

    I need to report on the number of workstation, laptops and servers using Sophos licences which I can't as I can't separate laptops from fixed computers.
    I would also need to run a report and ensure that all laptops have the device encryption enabled (where it is less critical if not enabled on a fixed workstation) and this is also something which you can't do because you can't find out about specific device category like 'laptop'.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. Linux install.sh Script Return Codes

    It'd be very beneficial if there were a similar table of return codes made available for the Linux agent installer script like there is for the Windows install.exe binary: https://support.sophos.com/support/s/article/KB-000033327?language=en_US

    We've wrote some basic Ansible to help us deploy and run the install script to our Linux hosts, and given the list of actions the installer takes and that any of those actions can fail, it'd be great if we knew which error codes to catch and handle in our Ansible role.

    I imagine other Linux-using customers would benefit from this documentation if they use Salt, Chef or some other…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  17. Check for presence of TPM

    It burns me a bit every time I go to the Encryption section and I see "Computers that could be encrypted." Sure, every computer "could" be encrypted, but why not do a simple WMI query with Endpoint and determine if there's an active TPM chip on that computer, and show that as another view? It would save us so much time to just see that, and enable all of those computers immediately. We would consume more licenses, that's for sure.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  18. exploit exclusions

    now only
    with the addition of exploit exclusions to see if it can be mitigated.

    From the Sophos Central console:
    Global Settings> Global Exclusions> Add Exclusion> Exploit Mitigation> Internet Explorer

    also add the known url or ip of your own application, even better if applicable to a group of PCs

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  19. Sync between CLI scan method and Sophos console

    Currently , the only availability is sync between GUI AV scanning or detection and Sophos console.
    We are using CLI method of scanning for our environment. That is not capturing in the Sophos Console logs or events. Please create a method of sync between CLI and console to get logs and events.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. IPS on Endpoint - Heartbeat XG IPS offloading

    Having now IPS on Endpoint, means that behind an XG FW with its own IPS activated there's a certain overlap (double check) of certain IPS patterns.
    Proposal: use the heartbeat (synch security) to check whether or not the endpoint is sitting behind an XG FW with IPS enabled. If so, the endpoint doesn't have to check them again and can save some resources.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.