Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Linux MTD Exclusions

    Allow Linux machines to have MTD exclusions put in place to help alleviate maxing out resources.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malicious Traffic Detection (MTD)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Visibility Into Details in Many Screens Within Sophos Central Dashboard

    There have been many situations when using the Sophos Central Dashboard when I see some high-level information but no way to drill down into the details. For example when using the Endpoint Protection, Logs & Reports, and then the Policy Violators report... I see a user listed but that's it... there is no way for me to know what computer, what policy, how to update the policy if necessary, etc. This is just one example of many such situations. It severely impacts the length of time it takes me to explore issues and address them. I've seen demos of Palo…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. PureMessage Quarantine Web access: enable over HTTPS

    Please enable HTTPS web access to the PureMessage Quarantine store - this would enable us to allow access to it externally, very useful for people working remotely and using OWA and Exchange Mobile.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Phishing websites can be identified and blocked automatically

    Phishing websites can be identified and blocked automatically, basing on the characteristic and behavior of phishing website to compare with popular normal websites, then catalog and block them. whether you can enable the artificial intelligence for it.
    Because we always get the phishing link, Sophos can't help us at all.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. 2019

    Add Windows Server 2019 to the list of approved operating systems for SEC 5.5.1

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  6. RBAC Granular Control For Groups

    Groups:

    Top Level
    >Sales
    > UK
    > Germany

    Have the ability for the user to only access Sales and Germany only, excluding UK. This will give them the ability to control these sub-estates only.

    Is this coming?

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  7. Install and Unisntall

    Install and Unisntall option in SEC using the IP address or the name and local administrator of endpoint.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enterprise console Origin Infection

    I suggest to add the field 'Origin of Infection' on logs of one virus detection.
    This field is very importante in malware such as Conficker or WannaCry.
    Andother antivirus companies provide it.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Sophos DLP Feature not working when Microsoft Secureboot is enabled

    Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers.
    Sophos Tech team advised to disable secureboot option. But this is not practical in large organizations with branches in different locations. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  10. Display status of client from taskbar icon

    When a PC has the Endpoint Protection Client deployed via Sophos Cloud, if the client has issue or is out of date, there is no visual prompt on the Sophos shield icon in the notification area. You have to open the client and then click about, to see when a client last updated.

    When we used to use Sophos Enterprise Console, the Sophos icon in the notification area would have a red cross overlaying the icon, notifying the user of a problem

    7 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  11. Delay Endpoint "Updating Failed" Toast Notifications

    Current, if a endpoint managed device has not been used for a period of time, the next user who powers this one and logs in will get a notification stating that the "Updating has failed". At this point the software has / is in the process of downloading (or shortly will do) updates to the device as normal.

    This present increased admin and support overheads when users log tickets.

    Suggestion to have the ability to either disable this notification or have logic which enables this to be delayed in displaying to the end user until either a set time after…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. Hide 'Virus protection Security and Maintenance' popup notification in VDI desktops

    I like to request the option to suppress/hide the 'Virus protection Security and Maintenance' popup notification in VDI desktops. Reason is that the red cross seems to be confusing to end users (for some users indicates there's a problem even though it's just there to notify that Sophos antivirus is active). Thanks!

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Disable Tamper Protection through Command Line

    Hi,

    Somethimes, managing 1000+ or even 5000+ machine its difficult, even more if we don't have built-in features in the console to remediate/uninstall corrupt/broken installations.

    But, the main problem is not that. The problem is that we CANNOT disable Tamper Protection remotely to reinstall/remove Sophos AV, in the following cases:

    1) Console was erased/failed and there's no cert/db/registry backup (all Endpoint with Tamper enabled)
    2) Broken installations dont apply Tamper Policies (to disable it)
    3) Migrated console (don't have the old one).

    All this would be solved by having the chance to disable Tamper through Command Line. Example

    Case A:…

    17 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  14. Uninstall and Repair Endpoints via Sophos Central (was SEC)

    The uninstall and repair options via console would make it easier to manage a large number of machines, mainly because sometimes it is difficult to get access to some of them.

    147 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Awaiting Feedback  ·  11 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Application Control - Event Viewer

    Application Control - Event Viewer- provide to select particular component to set allow or deny policy.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. 1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Block creation, moving and deletion of *.EXE files

    Sophos Endpoint policies should allow the blocking of moving, creation and deletion of *.exe files on the system (i.e. block a user copying an *.exe file from C:\Program Files to their documents share). This is functionality that exists in Symantec Endpoint Protection and works very well in preventing the introduction of malware to an end user device/the network!

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. Indication on the Sophos Icon by the time if a computer requires a reboot to complete update

    When Sophos requires a restart of the computer to complete an update it would be really good if the sophos icon by the time changed to a yellow exclamation mark or something so the end user would know to notifiy system administrator that Sophos needed attention. Or they could just restart the computer.

    7 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
  19. allow local and policy based exclusions to play nice

    Allow localized exclusions per machine/client to play nice with global policies from the management portal.
    Currently it appears that policy based exclusions prevent the ability to add additional exclusions at an agent or client level.
    It would be ideal to have the policy enforced when pushed out but still allow subordinate exclusions to be configured for end user networks and devices.

    For example:
    I have global policies that apply well to all clients but not all and as a result certain several clients have had to be purposefully removed from the policy target group. Having to reconfigure common exclusions for…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  20. Tamper Protection - When any Sophos process is attempted to be ended

    Our PCI-DSS Level 1 audit has asked us to show logs when any attempt to kill any Sophos process is done. None can be found, despite Sophos Support claiming an event is logged in Event Viewer - no Event Source, Event ID or other information was provided to prove this is the case. An "Access Denied" Error is generated by tamper protection, that's nice. We have no proof that someone or something attempted to circumvent Sophos until it has actually be circumvented - alert in Sophos central that the computer is no longer protected, nor how long this attempt to…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Compromise detection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.