Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. New report type : USB allowed/blocked

    We are using the device control feature to block USB drives in most PCs and created sub-groups to allow certain PCs to have USB Access.
    Currently there is no reporting on how many computers have USB access allowed and how many have it denied, so kindly let us know about this feature

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. 2019

    Add Windows Server 2019 to the list of approved operating systems for SEC 5.5.1

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  3. [Device Control] - possibility to block usb-to-ethernet adapter

    Currently you cannot block usb-to-ethernet adapter.
    There are several usb-key attack-scenarios which use the ethernet emulation to sniff ntlm-hashes from a windows PC. Is there also a possibiliry to an option to block media devices like usb keyboards, usb mouse and/or cameras? Or an option to create your own device classes.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. Configure sav-rms.service to start after sav-protect.service.

    We've been seeing some false alarms with real time protection on some servers when they boot up. It seems to be a timing issue with the sav-rms and sav-protect systemd service files. If sav-rms.service starts before sav-protect.service, it will report that real time protection is disabled for a few minutes. I changed the After= line for sav-rms.service to include sav-protect.service and I don't see the false alarms any more.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  5. Send an alert whenever an endpoint fails to register with Sophos Central.

    We have a number of AWS instances which are cloned to bring up new servers and we ran into a problem with duplicate endpoint IDs in the MCS configuration. When the servers tried to register with Sophos Central they would receive a 401 error back. I've found how to set up the images for the servers to avoid this (KB article 133268) but I think it would be helpful to get an alert when an event like this or any other issue that prevents the server from registering. Obviously if some network issue prevents the server from connecting to the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  6. report should be able to be customised

    should be able to add columns to contain the details that can be seen in individual machine reports to save time hunting them all e.g. the agent version and last update

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. More Granular Control over Roles

    We need more control over the user roles. Should allow super admins to have full control over the Roles, and pick and choose what the "admin", "helpdesk", etc... roles have access to. For example, we don't want anyone but super admins, to have access to "Account Settings", but there is no way to disable that for the specific roles...

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. On-Demand Scan from the Enterprise Console

    I'd like to be able to scan a client remotely from the Enterprise Console and watch the scan in real time or at least get the progress of the scan with the result when it finishes.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  9. Mail for Sophos Antivirus Release Management for SESC – Recommended and Preview Version

    Before an update of SAV Version, would help administrators, if Sophos informs a few days in advance per mail.
    Currently, preview and recommended version as of May 2019 are on the same ver-sion. Which is probably not the idea of the system. So clients can’t be tested with a preview test group.
    The information at https://community.sophos.com/kb/en-us/120189 is as often in-correct.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  10. wireless

    Sophos is still does not disable bridging i.e. disabling the Wifi NIC when the LAN NIC is plugged in and the opposite - enabling Wifi when the NIC cable is removed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. Uninstall and Repair from onprem console

    Sophos Admins need a way to force uninstall remotely from the console.
    This is a standard features across other AV products i have used.

    we have a deployment of over 260 machines across 1km long distance. It is not always feasible to walk to the pc or log in remotely if the user is using the pc.

    Why has this basic admin feature not been implemented?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  12. restart required pop up on endpoint computers

    an option in on prem console to easily allow pops ups on the client endpoints if the system admin allows it needs to be implemented.

    As a 24 hours business there is very little downtime on some pcs so not having the latest protection running because a user or a team has not restarted the pc manually as they have not scheduled is as they dont ever know that there is one pending is ridiculous.

    Admins on the console should have a choice whether or not to deploy that option to their endpoints.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  13. Emails detailing the outcome of a Fount threat

    The on prem server console should report back via email and state whether the threat found was sucesfully cleaned, quarentined or deleted.
    At present it just indicates that something was found. But no second email with the outcome.

    As a system admin i dont want to be always logging in from home at night or on weekends to over look the outcome if i am notified a threat was found

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident response  ·  Flag idea as inappropriate…  ·  Admin →
  14. Adding cyrillic symbols to DLP engine

    Please add also cyrillic symbols into DLP engine in EPP.
    It's a very important feature for CIS countries' customers.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  15. Supress all notifications on RDS environments

    Users on RDS servers visiting websites marked as "Malicious" receive a server-wide pop-up from Sophos Endpoint protection.

    "Desktop Messaging for Threat Protection" has been turned off on the policy but users still receive the warning in the lower-right corner of their screen in the RDS environment.

    Because of privacy reasons and GDPR this is unwanted behavior, if one users visits a "Malicious" website *all* the users receive the warning including the visited link.

    This is marked as a "Known issue" at the following link:
    https://community.sophos.com/kb/en-us/127299

    The feature would be to be able to disable the notifications for the categories: Malicious…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malicious Traffic Detection (MTD)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Veeam compatibility

    Veeam has the option to check your VMs for malware when you make a restore.
    Unfortunately, there is no ready-made command from Sophos to check the VMs. I would like to see this command in the future for Sophos Endpoint security and control and other sophos products.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. Detailed Reporting of Installed Agents

    Need to be able to see the protected servers with a list that shows more details. Agent Version, Component Versons. Customize Lists.

    Need to add a report to produce a detailed server list and installed component versions.
    THIS IS AN AUDITING REQUIREMENT - KPMG!

    Thanks.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  18. Web Address in DLP alerts

    In DLP Alerts for files that interact with web browsers, is it possible to show the web address that the file interacted with?

    For example: a user uploads a file which trips the alert into Google Drive.
    The alert would show User, File Path, File Name, Application: Google Chrome, Web Address: drive.google.com

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  19. show full version numbers in SEC console

    Update SEC to display the FULL version of products installed on the endpoint. Currently the full version numbers of installed products are only displayed on the endpoints making accurate identification impossible from the SEC console. (As evident in April-May of 2019) At a minimum, gather that information into the SEC dbase so it can be queried.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  20. scheduled policy updates via enterprise console

    Add scheduled policy updates via enterprise console. Given the limitations of Tamper Protection to prevent end users from making changes and the support risks of Advanced Tamper Protection, the ability to schedule policy checks to periodically force policy compliance on the endpoints would be a good future enhancement.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.