Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Reports

    Report Regarding: Can you Add more column to the reports

    EXP: IP Address, Operating System, and mac address

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  2. Collect SHA-256 hash, size, created and modified date meta data on auto remediated file

    It should be helpful for the product when it automatically remediates (aka removes without trace or ability to restore for many files types!) report back to Sophos Central various key data about the file such as the SHA-256 hash, size, created and modified date back to Sophos Central to use in EDR searches etc.

    I have recently been trying to understand a threat that has been cleaned up and wanted to 1) search for it via EDR using the SHA-256 hash and 2) understand if it was a newly dropped file or one that had been sat there a long…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  3. Deleting Sophos Computer Objects automatically when an AD Computer Object is deleted

    A way to delete Sophos Computerobjects in Sophos Central automatically after they are deleted in the Active Directory.

    This would make the process of throwing out old hardware and cleaning up systems in which those objects still reside in, like Sophos for example much faster.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  4. Send email alerts if a Peripheral is detected to be plugged in

    I would like to be notified via email if a user plugs in a device that they shouldn't

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Applications Discovered Vulnerability

    A very nice feature you should work on, is application discovered vulnerability.
    You should gather all the CVE informations of installed applications on clients and servers.
    IT can rapidly take a look at the situation and can rapidly update all the vulnerable applications.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Assessment  ·  Flag idea as inappropriate…  ·  Admin →
  6. In HTTP site we are getting pop up message website blocked But HTTPS not getting any pop message even it blocked in sophos web control

    In the HTTP site we are getting pop up message website blocked But HTTPS not getting any pop message even it blocked in Sophos web control.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  7. Reports

    Please add one more New Feature to the custom report like IP Address, hostname, and mac ID

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  8. remove endpoint from central

    Option to remove endpoint from remote pc from central without the need to manually remove the client from the endpoint after tamper had been disabled

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. URL logging in DLP

    Can the destination URL that the user is uploading files to please be included on the DLP logging. This would help us in getting better information for users uploading files to websites.

    Currently we have to use a 3rd party tool to check the URLs.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  10. "Scan file with sophos AV" context menu function vs. sophos central exclusion list

    We had a strange behavior of Sophos Endpoint Protection which should be solved by changing the behavior of the "Scan with Sophos AV" option in the context menu of windows.

    What happened:
    A user had an infected word file stored on his desktop. When using the context menu function "scan file with Sophos AV" it doesn't find anything wrong or suspicious.
    This was weird because according to Virus Total this file contained Malware which was also detected by Sophos endpoint protection.
    When checking the exclusion list on Sophos Central we found an exclusion for C:\users*. This seems to prevent the…

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  11. Details of "Update succeeded" in the event log

    We would like to be displayed it so that we can see what has been updated in Central.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  12. Granular Policy management

    Allow AD user/group membership to allow functions within a policy.

    For instance,
    You block everything by default.
    You want group A to access Google Drive
    You want group B to access iCloud
    You want group C to access iCloud and shopping websites

    I want to be able to define this for each category within one policy not four policies in the event that that baseline is now to allow everyone access to OneDrive.

    This would be helpful in other policies within Sophos Central as well.

    Similar to request https://ideas.sophos.com/forums/285723-endpoint-protection/suggestions/18552832-policy-by-group-instead-of-group-by-policy

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  13. AppLocker Code Integrity functionality in application control

    Application control in sophos allows for blocking of applications but it doesn't provide a allow list of applications or an easy way to manage the list.
    it should include Applocker style idea where the central admins can provide hashs or accepted digital certificates of which applications are allowed to run and deny anything else.

    applocker requires windows enterprise and while windows defender code integrity supports windows pro it conflicts with sophos application control so one is needed to switch to a different AV product or loose out on this layer of defense.
    uncertain at this time if applocker would conflict…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  14. USB Block with pass

    Hello. We have a suggestion for the Endpoint. The suggestion is to lock the USB devices and allow the function to release with a password. It would be an additional option within the existing "block", "allow" and "read-only" actions.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  15. SVE - Enable retargetting of Guest Agent

    It would be great to be able to instruct a SVE Guest Agent to query a provided IP address and reinitiate its obtaining a list of SVE Appliances (i.e. the list for Guest Migration).

    I want to use the same VDI golden image in two server rooms but have a way to re-point the local Agent install to an IP I give it (of a SVE Appliance on a host in the same room) at VM startup. My script would look at the network ID and then pass the Guest Agent an IP it knows is appropriate.

    I don't want…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  16. Sophos Endpoint - Device Isolation: Adaptive sensitivity

    We are observing that some of our clients go into isolation while or shortly after an update to the Sophos Endpoint client components has been processed.
    Support was unable to assist and my best guess is that the mechanism that decides when to isolate a given client is too sensitive - services can take longer than expected to come up on computers with slower hardware or high CPU load during the procedure.
    Therefore I'm suggesting to make the self-protection mechanism more lenient during updates and high CPU/IO load scenarios.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  17. DATA LOSS PREVENTION MAC OS

    For every Sophos customer, please vote to have the Data Loss Prevention feature for Mac OS. We are a majority mac-house. I am sure there are tons of companies that have Macs in their ecosystem -

    Thank you Sophos for valuing your customer's suggestions.

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow proactive certificate/MD5 safe-listing instead of reactive safe-listing

    Currently there is not a way to safe-list files based on certificate or MD5 hash unless Sophos has detected it in the environment and blocked it.
    We should be able to upload certificates or files to the Sophos cloud and tell it to make sure not to quarantine those.

    This would make things like deployments smoother as well as clients migrating from other solutions where they have already gone through safe-listing exercises smoother.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  19. Check for presence of TPM

    It burns me a bit every time I go to the Encryption section and I see "Computers that could be encrypted." Sure, every computer "could" be encrypted, but why not do a simple WMI query with Endpoint and determine if there's an active TPM chip on that computer, and show that as another view? It would save us so much time to just see that, and enable all of those computers immediately. We would consume more licenses, that's for sure.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  20. Peripheral Control - Exemption Description

    We have many exemptions in the Peripheral Control Policy. It would be nice to be able to add a description as to why the exemption was made.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.