Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enterprise Admin to Control the Sub Estate License

    Hi, I would like to request a feature in a Sophos Enterprise Admin whereby, the Enterprise Admin are able to assign how many licenses are required for each sub estate.

    For Example:

    I have 250 licenses with 5 different sub-estate. So, as the Enterprise Admin, i can limit the license or control the license for each sub-estate by giving 50 licenses. And each sub-estate, when they are given 50 licenses, they can not simply take/use other sub-estate licenses.

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
    • Deletion Infected Archive File

      Dear Concern,

      If any kind of malicious content in any archive file that should delete all archive file from system, rather extract and clean only infection admin should have that setting on Cloud portal where admin will decide to delete infected archive.

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
      • [Device Control] - possibility to block usb-to-ethernet adapter

        Currently you cannot block usb-to-ethernet adapter.
        There are several usb-key attack-scenarios which use the ethernet emulation to sniff ntlm-hashes from a windows PC. Is there also a possibiliry to an option to block media devices like usb keyboards, usb mouse and/or cameras? Or an option to create your own device classes.

        2 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
        • I need to access my sophos Enterprise console through Web in intranet not Internet.

          How to access my console through web in intranet.Symantec have a this features.

          No need to login my server if there in my server over the network i able to access console using Port address via like (https:\\1.1.1.1:port number).

          i want same features in sophos console.

          1 vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Console option to view if endpoint needs restart

            It would be convenient for admins and end users if we could see in the "Devices" page within the Sophos Central Console a column that shows if the endpoint needs to be restarted (generally for applying updates.) Furthermore have the option to be able to sort by this column.

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
            • new

              Even though folder exclusions recommended by Microsoft for Exchange Server 2016 are added to the Automatic exclusion list added to the servers, the recommended Exchange Server 2016 processes are not being added by Sophos Central. Would suggest to add those and the file extensions also.

              1 vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
              • gmail

                It is possible to block Web Mail using Web Control, which is great. However we are corporate users of Gmail. With most competing products it is possible to use the inclusion of a specific header to enable gmail to apply controls as to which domains can be logged into - see https://support.google.com/a/answer/1668854?hl=en. As is it is not possible to allow access to corporate gmail but disable access to personal gmail. This is a significant feature missing.

                2 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                • api

                  Extend API with Device status

                  For housekeeping purposes we compare asset status of different systems (Eg. AD, Deployment systems, monitoring, etc...). Reporting services would need access to the computers and servers list. The API is a perfect tool for this but it lacks requirend fields....

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                  • Restriction to Discover Computers

                    Problem:
                    We are using Sophos in a multivendor environment which contains over 200,000 clients. The "Discover Computers" button is available for every Sophos admin, because there is no option to restrict this feature. Regularly somebody who is looking for a client presses the discover computer button. Now every network device which is reachable will be imported into the Sophos Enterprise Console and listed as an "unmanaged device". If we don't restart the SEC, sometimes more than 200,000 “unknown devices” are listed in the default "unassigned" group. We can delete these clients but they will remain in the Sophos database until…

                    27 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Customize/Brand block and warining message in Sophos Central

                      I would like to be able to customize and/or brand the block and warning messages which are displayed as a result of the Web Policies in Sophos Central

                      7 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Stop alerting when endpoint not updated in 2 days; Or make this configurable.

                        We need to be alerted only on important conditions. Being alerted that a laptop has missed two updates (laptops are often off for more than two days) is not helpful and, in fact, may result in the team paying less attention to Sophos alerts. We need to be able to configure this or at minimum, please change the default. Thanks,

                        68 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          3 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                        • Give the user *some* kind of indication that a restart is required

                          I'm getting multiple *Medium* level notifications per week about sophos endpoint clients that are "out of date". I now know, after two weeks of interactions with sophserv tech support that the issue has (and continues to be) that many computer users don't restart their computer because they don't have to, and the endpoint security client sometimes requires it, but doesn't tell them. They would happily do it if they knew it was necessary, but because it's not, I get pounded with multiple *Medium* level notifications per week indicating that their clients are out of date. This is super annoying, and …

                          68 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            5 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
                          • Adding a Comment Field to the Peripheral Exemptions List

                            It would be nice to add a comment field to the Peripheral Exemption List giving users the ability to leave a comment about the device. Users could leave a comment on who owns this device or why the device was allowed.

                            7 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              2 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                            • Machines not being able to contact Sophos Central

                              Can the App Dev Team write or come with a script to where when a client machine has been accidentally removed from Sophos Central and the client cannot contact central that the script can uninstall client and or remove tamper protection from the client machine which in turns allow the IT Admin to reinstall the client over again so the machine can communicate with Central again. The process you all have now is time consuming especially If the client machine is at a remote site and the IT Admin is not in front to the machine to perform its administrative…

                              2 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                              • Tamper Protection for Sophos Home

                                I just want Tamper Protection to be implemented into Sophos Home products. I suggest this because I have recently found out that all Sophos home modules can be terminated just by using Task Manager. This tells me that Sophos Home can be easily disabled by anyone, including unwanted attackers and malware.

                                6 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  3 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                                • Schedule Disable tamper Protection.

                                  As you maybe know there are problems with IASO systemstate backups in combination with sophos antivirus.
                                  https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/95786/freeze-thaw-vss-failures-when-sophos-av-is-utilized/374472

                                  The workaround is

                                  1. Disable Tamper Protection on the affected servers
                                  2. Open Services.msc on each server
                                  3. Stop and Disable the Sophos Health service
                                  4. Reboot server and test backups

                                  At Sophos managed central its possible to tamper protection manually for a device.

                                  Is it possible to schedule the "disable Tamper Protection" at a certain time in Sophos managed central?

                                  Then we can add a pre backup job to the IASO backup systemstate backup job to disable the sophos healt services and…

                                  5 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                                  • The Data Control feature is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Window

                                    Sophos Data Control feature in the endpoint solution is incompatible with Secure Boot. Secure Boot is the foundation for Microsoft's Windows security stack since Windows 8. Data Control under Secure Boot blocks all USB file transfers. Many companies require DLP solutions for compliance and will likely switch products if Sophos can't find a way to work with Secure Boot.

                                    6 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Datenschutz deaktiviert

                                      It seems to be quite unlucky to me that an endpoint with installed, but inactive "device encryption" shows the user the red Alarm sign ""Datenschutz deaktiviert" (german language Version).
                                      This should only appear with an active "device encryption" policy. We have to tell the users to ignore this warning. I am afraid, this teaches them to ignore any warning by Sophos.

                                      5 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        1 comment  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Enterprise Console REST API

                                        Provide a REST (or other) API into SEC. Basic features such as creating groups, assigning policy, adding/deleting/moving machines would be immensely helpful. Nearly all major software applications now have some form of accessible API that allows common tasks to be automated. This idea was suggested back in early 2015, but sadly was denied.

                                        4 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Tamper Protection Report

                                          Currently the only way to tell if Tamper Protection has been disabled for a device is Sophos Central is to view the Summary page of each device. My suggestion is to add a column to the existing "Servers" and "Computers" reports (under Logs & Reports -> Endpoint & Server Protection) that indicates whether or not Tamper Protection is enabled.

                                          28 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            5 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.