Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Useful forensic details

    In order to handle incidents properly it would be much easier if SEC would provide some more relevant information about detected files.
    Essential information missing:
    - File size
    - File meta data: Application Name
    - File meta data: Company Name
    Additional nice to have information:
    - True file type detection
    - Original file timestamps (Created/Modified/Accessed)
    - Information about whether the file is signed

    2 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Incident response  ·  Flag idea as inappropriate…  ·  Admin →
    • DLP logs should include USB transfers in Sophos Admin Reporting, not just end user client

      I created a USB DLP policy to allow, but track all USB transfers. Transfers are tracked locally on the end point, but the log data is not transferred to reporting in the sophos admin console. It would be incredibly useful to see the same information that is tracked in the local log in the admin console as well. Other DLP policy matches make it there, why can't these?

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
      • Central licensing with TSE

        When a user uses an account to log on his workstation and the same user on the same workstation uses another account to log on a TSE session, Sophos Central counts 2 licenses. It would be interesting to count only one license.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
        • Application Control - Screen sketch (Windows Ink Workspace)

          Windows Update adds in Windows "Windows Ink Workspace" feature included by default in all Windows computers, Screen sketch allows you to capture screen, assuming a serious security hole.

          Add restriction for Screen sketch (Windows Ink Workspace) to
          Computer Policy / CONTROLLED APPLICATIONS / Screen capture tool

          Thanks!

          1 vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
          • Application Control - Screen sketch (Windows Ink Workspace)

            Windows Update adds in Windows "Windows Ink Workspace" feature included by default in all Windows computers, Screen sketch allows you to capture screen, assuming a serious security hole.

            Add restriction for Screen sketch (Windows Ink Workspace) to
            Computer Policy / CONTROLLED APPLICATIONS / Screen capture tool

            Thanks!

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
            • Display status of client from taskbar icon

              When a PC has the Endpoint Protection Client deployed via Sophos Cloud, if the client has issue or is out of date, there is no visual prompt on the Sophos shield icon in the notification area. You have to open the client and then click about, to see when a client last updated.

              When we used to use Sophos Enterprise Console, the Sophos icon in the notification area would have a red cross overlaying the icon, notifying the user of a problem

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
              • Citrix - allow a user policy override for a Citrix Server

                When logging on to a PC, the PC policy is in effect. When the user logs on the User policy will override the PC policy and take precedence. This is useful for blocking all unnecessary applications, website and perhipherals.

                When logging on to a Citrix server the Citrix server polic is in effect. There is no possibility at present for a User policy to take precendence. At the moment, if you want to allow an application, it is allowed for all user on the same Citrix server (same for websites, perhipherals etc).

                It would be useful to have a user…

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                • Share the applications added each month to application control policy

                  There has been cases when an already existing application was blocked suddenly because sophos adds to the list. It has caused significant disruptions in the company. It would make sense to share the applications added each month prior to pushing it out.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                  • Option for email alerts based on severity level

                    Make it so that a user can customize email alerts to receive alerts by severity level. For example, a user can opt-out from low severity alerts while still receive email alerts for medium and high.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                    • Easy way to move endpoint devices to a new client

                      Dealing with a company split. The only way to move devices to the new client site is uninstall/reinstall. Most other products I've dealt with have an easy way to move endpoints to a new site. The current process is to disable tamper protection, wait, script an uninstall, then a script a reinstall. It's way more work than it should be. In the console, there should be an option "Move to a different client". With that, there should also be an easy way to add/remove components to match the new client site.

                      8 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Scheduled repots

                        When is the ability to schedule reports going to become available within Sophos Central ? We require this basic functionality ?

                        2 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                        • Machines not being able to contact Sophos Central

                          Can the App Dev Team write or come with a script to where when a client machine has been accidentally removed from Sophos Central and the client cannot contact central that the script can uninstall client and or remove tamper protection from the client machine which in turns allow the IT Admin to reinstall the client over again so the machine can communicate with Central again. The process you all have now is time consuming especially If the client machine is at a remote site and the IT Admin is not in front to the machine to perform its administrative…

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                          • Please issue an MDM compatible MSI installer version of the client software

                            Please issue an MDM compatible MSI installer version of the client software

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                            • mail category has to block in web control policy or data policy

                              mail category has to block in web control policy or data policy, whats app has to block in app policy

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                              • Agent Shown as Healthy when not communicating with Sophos Central (MCS Agent / Client)

                                If the MCS Agent or Client service are stopped on an Endpoint Sophos Central continues to report this endpoint as healthy until it reaches over 2 weeks of no communication, only then does it alert to the Endpoint not checking in.

                                Test scenario:

                                User complains that Sophos is killing the performance of his machine
                                Admin disables tamper protection (from Sophos central) then visits use to tune off services to see if Sophos is really the cause of the problem.
                                Depending on the order services are stopped Sophos Central does not report a problem (if Sophos MCS Agent or Client is…

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • Schedule scan with automatic shutdown

                                  1)Many Endpoint Vendors having option scan after shutdown but in sophos it was not there
                                  2)Sheducle scan was also not performing if the task was skipped at the time of schedule.

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                  • uefi partition scanner

                                    scan EFI boot partition for malware modules *.efi

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      1 comment  ·  Flag idea as inappropriate…  ·  Admin →
                                    • malwarebytes

                                      Malwarebytes service and SOPHOS endpoint control on my pc worked together for almost a year. On or after the second Tuesday of the month, they no longer work concurrently. I either have to A) stop malwarebytes service and reboot, or B) turn-off SOPHOS Real Time internet scanning for four (4) hours, for them to work together on my PC.

                                      If Malwarebytes service and SOPHOS work together for the last three weeks, then all my browsers freeze.

                                      I am a Super Admin for the Iowa Attorney General's Office. Please restore the simultaneous functioning of Malwarebytes service and SOPHOS real time internet…

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  Malware prevention  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Sophos Enterprise Console forward syslog to a Syslog Server

                                        A software for Sophos Enterprise Control to forward or send syslog directly to a Syslog Server e.g. RSYSLOG

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Allow CPU % limiting for Sophos Processes

                                          Give the ability in Sophos Central to limit CPU usage for Sophos overall. This would apply to scheduled scanning as well as any process that is using high CPU at login. I want these things still happen but be less noticeable to users.

                                          18 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.