Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Excluding cryptoguard-detections

    Cryptoguard has detected a false positive detection of a client "attacking" a server. Fortunately it is a false positive, but there's no option to exclude the thumbprint of the client attacking a server, so Cryptoguard always recognizes this as an attack. There should be an exclusion for a client false-positively "attacking" a server.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Whats About OCR in Sophos DLP

    OCR (optical character recognition) Sensitive Image Recognition provides the capability to extract text from images (scanned documents, screenshots, pictures, and so on) and from PDFs, enabling you to use new or preexisting text-based detection rules on this content.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Threat Search Object Limit

    I sometimes have tens of thousands of indicators of attack and compromise to run through the threat search, but I can do only 100 at a time. Increase the object limit to 500 or allow the importing of CSV's.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  4. END POINT

    Hi,

    Please Provide the device Serial Number on the Dashboard, which really helps in the industry to Track the machine Immidelty.

    Also Reporting should be Improved with Large Visibility with PIE Chart & Category radio lines

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. I am unble to get details of machines where Sophos antivirus is not installed in network.

    I want to identify the machines in my network where Sophos AV is not installed. But I do not have any reports to do this, Is it possible to fetch these Details.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Name doesnt match

    Today we were investigating a system that had been getting taken over by remote control. Sophos said the system was clean and RDP wasn't being used so we were baffled. Eventually, we found that there was a copy of NeSupport Client which was digitally signed and had an original file name of client32.exe, but had been renamed to wupdsvc.exe. I think it would be a good idea for Sophos to flag files that are digitally signed, but not their original name, as suspicious when doing a scan.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Endpoint: "Scan with Sophos AV..." Option vs. exclusion list in Sophos Central

    We had a strange behavior of Sophos Endpoint Protection which should be solved by changing the bahavior of the "Scan with Sophos AV" option in the context menu of windows.

    What happend:
    A user had an infected word file stored on his desktop. When using the context menu function "scan file with Sophos AV" it doesn't find anything wrong or suspicious.
    This was weird because according to Virus Total this file contained Malware which was also detected by Sophos endpoint protection.
    When checking the exclusion list on Sophos Central we found an exclusion for C:\users*. This seems to prevent the…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. Show communication problems with Central on Endpoint

    Hi to all,

    when there is a communication problem between Endpoint and Central, the endpoint doesn't report any problem as long as you go under Status section.
    In my company i had the case of a Windows 10 PC not showned under Central, but with no symptoms of malfunctiong from the Endpoint side,
    This is a big problem, because i could have an endpoint infected with a malware without have an alert on Central.
    From my point of view it's necessary to show an alert every X hours on the Endpoint that report this.
    Thank you.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. Central Login: Prioritize the different 2nd Factor Auth options

    Please make it possible, to prioritize the different 2nd Factor Auth options. I use SMS token also as TOTP. I want to use TOTP as primary variant, but Sophos uses the SMS option every time as the first option. If i want to use TOTP, i have to manually switch the login method for this one time.
    Please implement a function, that i can prioritize the different mechanisms.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide a Nextcloud Sophos AV scanning engine

    Provide a Sophos AV scanning engine with API access for Nextcloud Linux servers like Kaspersky did.

    Kaspersky partner up with Nextcloud and provide a Kaspersky Scan Engine which communicates with an app via an API and scans every uploaded file.
    https://nextcloud.com/blog/nextcloud-and-kaspersky-partner-up-to-protect-users-from-malicious-files/
    https://www.kaspersky.com/about/press-releases/2020_kaspersky-and-nextcloud-partner-to-add-protection-to-content-collaboration-technology

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Linux Server  ·  Flag idea as inappropriate…  ·  Admin →
  11. add icon to end point in virtual server

    add icon to end point in virtual server to scan 1 server only or 1 file not all virtual servers

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Version Rollback

    I put a few machines in the test group to test the newest version but, want to go back to the version we are using in our environment. Apparently, this is not supported. I need to test before deploying. Please enable the rollback option. Even if it does require that we have to uninstall/reinstall.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Garmin Express Update

    Garmin Express is a desktop software that notifies you for the latest maps and software availability. You can download the GarminExpress in your PC (Windows or Mac) from the support website, and it will help you install the updated maps on your Garmin GPS.

    Every customer has a different choice, and they need maps for other purposes such as cycling, driving, golf, or as a wearable. Luckily, we have the Garmin GPS, which lets us download the maps of our choice. Moreover, the process is so simple that even a non-techie can do it without even realizing it.
    https://www.garmincom.express/

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  14. Custom notification in web control blocking

    Hi,

    For notifying the end user and SOE experience please enable the Customized notifications to add company logo and text message for users notifying the blocking.. From sophos cloud console to end point security..

    Current design shows "this website is blocked due to so and so category " And the below of windows it says sophos web control.

    So please add feature to add custom text and logo to notify URL blocking in better way.

    For example we want to notify user: " Our web controls detected you have accessed a non-complaint website. please contact service desk if you need…

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Update SDU to Check for Root and Third-Party CA Certs

    During a recent install of Sophos to a Windows-based appliance I could not get Sophos to install. Running the SDU showed that it had problems accessing certain sophos.com URLs even though network packet captures showed the handshake. It turned out to be that the root/third-party CA cert was missing from the machines certificate store so while the TCP handshake completed a TLS tunnel could not be built b/c the TLS cert on Sophos could not be verified.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  16. Messages to all my Microsoft Active Directory Users who are browsing

    When users start browsing we would like to put a message overlay on their page to get a message to all staff.

    Can sophos make this happen ?

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Inform user when group policy prevents installation of Sophos Protection Installer

    I spent hours trying to install Sophos endpoint protection on a server and it would get to about 90%, hang for almost an hour, then fail only saying it could not be installed. When I got support involved, we discovered deep in one of the logs that group policy was preventing the installation. Why isn't this checked during the prerequisite check and if discovered, flagged immediately??

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  18. Data Control: Add Remote Control Applications on Destination Application List

    We would like to Monitor/Block File transfers on specific remote applications like Zoom, Webex, Teamviewer, AnyDesk and alike using the Data Control Policy on SEC. On the current feature, only Skype is listed under the VOIP Application and no other options for Remote Applications.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  19. Support Lockdown for WIndows RDS Server

    It would be a really good feature if the function lockdown is official supported on Windows RDS Server. There are many users on it and some official (but potentially unwanted) software but also malware who writes whole applications and/ or plugins in the (open) userprofile. With lockdown it would also possible to stop installing PUA's.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Malware prevention  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow the ability to unblock all printers and webcams

    While Sophos administrators have the ability to exempt a specific printer, webcam, or other usb device on an individual basis it would be great to offer the ability to whitelist or allow all printers and webcams to be added without admin intervention for each user.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.