Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add Kanguru Defender Elite30 model series Secure USB drives to supported Device Control list

    With an expected implementation of restricting use to solely encrypted flash drives for our company, add the Kanguru Defender Elite30 model series to the supported device list in the Secure Removable Storage category of Device Control.

    2 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      7 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
    • HTTPS for ICAP

      Currently SAVI/SAVDI only supports HTTP for ICAP. As HTTP is a non-secure method for file transmission, new feature HTTPS for ICAP is needed.

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
      • More options for configuring client profiles.

        Especially we need to specify more in detail the on access scan Options. In my case it would be necessary to set on Access scan only for write Access.
        This is not possible now.
        The same Options as for Server profiles in category "Real-time scanning - Local files and network Shares" would be enough for the Moment.

        5 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
        • Sophos Cloud - Allow to disable popup alert detections on the endpoint

          On the Sophos Cloud Dashboard, allow to disable the popup alert detections so that the detection information is displayed only on the Dashboard console.
          This same feature is already available on the SEC (On-Premise endpoint console) but not on the Cloud dashboard.

          18 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            Started  ·  2 comments  ·  Incident response  ·  Flag idea as inappropriate…  ·  Admin →
          • App Control list

            I would like to be able to extract the effective block/allow actions on Application Control. I plan to have 5 different policies and would need an export of each one for management approval. I see no way to do this currently, except to click through each group setting.

            4 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
            • Firewall Events - Add a source address so that we know which machines to investigate without having to run a report.

              Firewall Events - Add a source address so that we know which machines to investigate without having to run a report. That way we can get to the potentially compromised machine quickly and review its local firewall logs.

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Malicious Traffic Detection (MTD)  ·  Flag idea as inappropriate…  ·  Admin →
              • Add the ability to add Relay or Domains to the Configure users and groups to be included or excluded with this policy rule.

                Add the ability to add Relay servers or domains to the rule
                Configure users and groups to be included or excluded with this policy rule.
                instead of just specific email addresses,

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
                • Linux endpoint pass AD domain to SEC

                  Allow linux endpoint to pass or detect the AD domain so that it doesn't have the issue described below.

                  This will allow the use of AD sync and linux machines in an enviroment where the agent can be re-installed or the OS re-imaged.

                  https://community.sophos.com/products/endpoint-security-control/f/3/p/9843/30725
                  https://community.sophos.com/products/endpoint-security-control/f/16/t/9845

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                  • Sophos Services preventing to stop in administrator User

                    Sophos AV can prevent stopping on their services as you log on as Administrator account to prevent disabling the features of sophos.

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      Under Review  ·  0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                    • Removal tool for McAfee SaaS anti virus software

                      As instructed by our account manager I'm submitting a support query to request an additional detection be added to the CRT. So that the Sophos installer is able to detect and remove installations of McAfee SaaS anti virus software

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                      • Separate Policy for Alerting

                        When working in large environments with several sub-estates it would very useful having a separate policy for the alerting via E-Mail or SNMP

                        Typically components of the AV+HIPS policy (e.g. Exclusions) can be reused in the sub-estates but in scenarios where have to alert different groups of administrators it would improve the usability when we could provide a separate alerting policies.

                        So we would have a much smaller count of AV+HIPS policies and only one alerting policy per sub-estate.

                        13 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                        • ARP Spoofing detection in Sophos Anti virus manage by SEC

                          On be half of our client we will request this features to have on your Sophos AV Manage by SEC Server to prevent in ARP spoofing/poisoning.

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                          • For the Cloud portal for Partners it would be great to be able to make global exceptions for all of our clients. Thinks like Labtech and Ka

                            For the Cloud portal for Partners it would be great to be able to make global exceptions for all of our clients. Thinks like Labtech and Kaseya drop a lot of files that Sophos detects as PUA's (produkey/nircmd/psexec) that have to be re-mediated client by client event though they are all in the same directory. I'm thinking that in the area where you have tabs for account detail and alerting now there could be a global exceptions tab to push to the clients or a selected group of clients.

                            3 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                            • The migration (server to server) guide could be more verbose about user accounts.

                              For example explaining which users are required when migrating from older servers. How the EMLibUser no longer exists and thus is not needed. What a SophosSAU0 account is, or a link to the kb explaining it. (https://www.sophos.com/en-us/support/knowledgebase/58627.aspx)

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                              • Alert email

                                Client wants that as an administrator, they are receiving the Alert email for Out -of-Date Computers Or with other Alerts setting email but this email doesn't contain the list of related endpoints and their description, which Admin wants to quickly look from the email rather than go and jump to console.

                                9 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Be able to delete compressed files that have an infected file in them.

                                  Be able to delete compressed files that have infected files in them. Either as a default setting or as a option in the enterprise console. Many of the virus/adware that can not be cleaned are inside compressed files. In almost all cases deleting the compressed file is the preferred solution..

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Re-implementation of “Per process” exclusions for Anti-Virus scanning in Server 2012

                                    Sophos Product Information
                                    Sophos Product: Sophos Endpoint Protection (antivirus client)
                                    Version in Production: 10.3

                                    Feature Request Summary
                                    Re-implementation of “Per process” exclusions for Anti-Virus scanning.

                                    It appears that this hidden function of the endpoint client no longer operates in Windows 2012 (see the support case that gave rise to this request #5147863).

                                    It would in fact be useful to formalise and document the functionality, as well as provide easier access to it.

                                    How will this new feature address your business requirements?:

                                    We would use this feature to avoid impact on backup speed where on-Read scanning is enabled on systems.

                                    On-read…

                                    26 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      10 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Data Control

                                      Sophos Product Information

                                      Sophos Product: Endpoint

                                      Version in Production: 10.3

                                      Feature Request Summary

                                      Verification on content rules.

                                      Case reference - http://sophtrac/Default.aspx?caseid=4653988

                                      How will this new feature address your business requirements?:

                                      Better able to track user actions in incident and investigation scenarios

                                      How would you rate the importance of this feature?; 2

                                      1 vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Createa an exclusion template for Microsoft recommended exclusions for AD

                                        Microsoft has a set of exclusions that it recommends for AD. As a starting point from which users could add/remove further exclusions, how about a template of exclusions to import into Sophos for Domain Controllers.

                                        8 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Allow install of SAV on a different drive and allow option to install components on other drives

                                          Allow the option to select where SAV can be installed on an endpoint and allow the option to select where the components for SAV can be installed to.

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            1 comment  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.