Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Adding a Description or friendly to an exception to the peripheral control policy

    When you are adding an exemption for an usb drive or some other device being able to give that device a friendly name would be incredibly helpful. I am not seeing anyway to do that. If I need to go back and remove that device because it was temporarily needing access or it was stolen. I can't really do that based on the information available in the exception description. We send USB drive to each or our bank branch locations I can't even tell which drive is located where without naming them in a separate spreadsheet or some other method…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Implement notification for Highly suspicious file executions

    Allow email notifications for the Threat Center threat indicators. I can see "High Suspicion" files executed on an endpoint with no possible configuration for email notification.. (verified by Sophos tech support)

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  3. Application installed

    On Sophos Central, just like on the server protection which Sophos agent able to see what applications are installed on the servers. On the endpoints should also has this inventory of application features. This will help to see what applications are suspicious and looking for unpatch applications.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. endpoint report

    Please show full Path to threat/malware at the macOS Endpoint (don't know how the windows version behaves). Or make path clickable so that navigation to the needed folder is easier when manual removal is necessary).

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Controlled Updates in Sophos Central-I work in an environment which needs 4 levels to deploy updates. First would be the "test" group, then

    Controlled Updates in Sophos Central-I work in an environment which needs 4 levels to deploy updates. First would be the "test" group, then Dev, QA, and finally Prod. Currently Sophos only offers one group, but Enterprise environments require/demand a greater level of control over updates. Please seriously consider expanding our ability to have a more granular control set.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
  6. Sophos Central Patch Assessment

    We all know patch is very important in security. It would be very helpful for us if there is a patch assessment (like on the on-premise SEC) on Sophos Central Advanced.

    It should also categorized reports based on its criticality, Critical, High, Medium, or Low like the patch assement on SEC.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Display private and public IP address both

    In central console, Display private and public IP address both so that administrator can understand where endpoint client is.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  8. DLP: Exclusions for internal Web-Applications / URLs

    As the number of internal Web-Applications is still growing, our users need to upload files that contain sensitive data, on to this (internal) web applications. These applications are accessed via webbrowser.

    With the current product I only have the option to either block or allow web browsers in DLP. I can also allow or deny filetypes. Unfortunately, both is not sufficient.

    There should just also be an option to add URL-exclusions to DLP.

    Would you please check if feasable?

    Best regards,
    Christoph

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Reregister Device

    The only current way to move ownership of a device such as a PC is to run SophosSetup.exe with the --registeronly switch. This is difficult, especially with physical access to computers limited because of Covid. It would be easier if an administrator could move the device to a different user much as a device can be moved from one device group to another.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support Answers In E-Mails Without HTML In It & Become S/MIME Aware

    HTML in emails is considered as a bad idea at least by the German CERT.
    So it would be good if the Sophos Support would get away from this
    marketing bullsh** and send his responses in plain text.

    Furthermore it would be good, if the processes with email based sample submission
    would be aware of S/MIME signed emails and evaluate the cryptographic signatures
    instead of marking them "non-detect worthy" (big lol)

    The as-is-state does not look professional.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident response  ·  Flag idea as inappropriate…  ·  Admin →
  11. Option to Clear "events.db" or address old Alerts not displaying in events anymore.

    There needs to be a way to deal with old Alerts and Warnings which have gone past the displayable events logs. If any event is causing an endpoint to stay consistently in Red Alert or Yellow Warning state, then the event should stay persistent and never go away until addressed. There's no way to deal with these issues currently other than to uninstall/reinstall Sophos completely or follow the below instructions from Sophos. This will only clear the events log to stop the alerts from showing, but doesn't actually address the original alerts.


    1. Disable tamper Protection

    2. Stop Sophos Health service

    3. Navigate…
    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Incident response  ·  Flag idea as inappropriate…  ·  Admin →
  12. File transfer block over Anydesk remote session

    Block incoming and outgoing file transfer using anydesk application during remote session.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  13. central

    I been working with sophos products in our organization for close to 10 years. and this is my conclusion. who ever is designing the consoles does not design it from network admin perspective. for example, you login to the central cloud console you see alert and then you are on your own pal. you have no option to re-install the agent on the client from the console. same for policy violations alert. you have no button to force the policy. Imagine when you are responsible for near to a 1000 machine and lets say 100 of those gave you alerts.…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  14. notifications for hash

    Include the ability to customize notifications so that an alert can be sent out when a specific hash type is detected.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malware prevention  ·  Flag idea as inappropriate…  ·  Admin →
  15. Search based on TLD

    Allow searches based on the top-level domain in Threat Search.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  16. web site browsing

    Having the ability to enable / capture all user browsing activity when the need arises would be helpful in troubleshooting issues where a web site appears to be blocked but its unclear of the cause along with responding to HR requests to determine if a user is accessing sites that may not be blocked but are considered risky / not meant to be accessed as a normal course of business.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  17. Policy issue on IP V6

    Hello Team,

    We are facing issues with applied application policy issue in our Sophos Intercept X and Advance. We have applied the policy for blocking the Google drive and dropbox, that was working earlier but now we are not able to do the same. As i logged the request in Sophos and found that, according to them there is some issue in IP V6 because all the machines have both versions on IP. According to them in each and every system we need to manually disable the IT V6 for blocking the drives.
    I think it is a bug, kindly…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  18. import USB exclusion

    It would be great for the Sophos Central to have a place to import the USB information (e.g., Serial number or brand) to the exclusion list. To make the migration from other brands to Sophos more easily and customers more willing to migrate to Sophos.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  19. Threat Search Export

    Allow for Threat Search results to be exported as excel and/or CSV for use in a pivot table.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  20. Threat Search Objects Filter

    Add the ability to filter out based on the device name or allow boolean operations for username and device name.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.