Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Block 3D application related file types

    I am using your Endpoint protection trial version for the past few days. We work on 3D animation. It would be very helpful if you can block these file types. These file types are related to our 3D applications. I want these file types to be blocked from uploading . Can you do it?

    1 .3ds
    2 .abc
    3 .mb
    4 binary.fbx
    5 .ms3d
    6 .c4d

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  2. Third party Software

    We suggest you to add the capability to do Vulnerability and Patch management for 3rd party software too, as some other competition AV software do.

    OS & 3rd party software installation
    Automates the creation, storage & cloning of system images – to save you time whenever your business needs to roll out new systems or update software on existing systems.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Patch Assessment  ·  Flag idea as inappropriate…  ·  Admin →
  3. 3rd Party Application installation and Patch Management. Location awareness with device and web policy

    This is a mandatory requirement that has come up for us consider 4000 nodes of our endpoints switching from Kaspersky. The present end point provides us a facility create automatic update task for all Microsoft and 3rd party updates which are critical or approved by administrator so that we can fix vulnerabilities. Also we can deploy 3rd party software using same to client machines.
    Also it also has a feature to enable multiple policies like "In Office Policy", "Out of Office Policy", etc so that we can have multiple web and device control policies which are critical to our business.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  4. lockdown

    would be nice to be able to see more lockdown events than 24 hours and also to be able to search/filter by date range. Also, why cant we get email alerts when lockdowns happen?

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow USB Device by ID AND per User

    Central Endpoint: Is it possible to add a "layout" to except USB Devices by ID combined with a Person? So the Basic Policy could block any USB Device and Exceptions are made by Person instead of a Policy which allows the Device for many Computers or Users. So the exceptions is one by one (Device ID & User).

    4 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. 1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sophos Central Send Reports to Cloud (Sharepoint\Dropbox\Box\AWS...)

    Currently, Event Reports only do 6 months of reports and gets sent via email.
    I would love to generate .pfd's of all my reports but our attachment limit via email is 10MB

    Could you not allow or link a URL to a Sharepoint\Dropbox\Box\AWS cloud storage share?
    Sign in verify the user login then collect reports there.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  8. Biometric Compatibility Expansion

    Allow users to login through Safe Guard utilizing Windows Hello and/or a wider variety of biometric devices (such as standard Dell/HP fingerprint readers, eternal reader brands, etc).

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  9. Assign server group membership using a configuration setting on the endpoint.

    We use Citrix PVS (Provisioning Services) to dynamically create XenApp servers from one gold image.
    I followed Article 120560. All good.
    Where I have a problem is the Group Assignment in Sophos Central.
    My base Gold Image servers are assigned to a group called "Master".
    Now I boot one production server using the new Image.
    It appears in the Unassigned list. I have to manually assign it to the "Production" group and Policies.

    I would like to be able to either specify the Group in a configuration file or registry key that survives the procedure I follow in Article 120560. …

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
  10. website management

    When a website tagged in Global Settings > Website Management is blocked due to a web control policy, the block page should inform the user which tag(s) caused the page to be blocked.

    5 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  11. User-created policy can be disabled by settings, but remain enforced?

    In Sophos central, for some policy categories it is possible to set a user-created policy to enforced, but "disable" it from its settings.

    For example, suppose that in the Web Control section there is the base policy at the bottom and the user-created one above it. If the user-created policy is opened for editing, the very first setting is:
    Web Control: Enforce/Ignore the settings in this section of the policy

    This setting is different from the Enforce/Ignore policy on the far right tab. Hence, it may be the case that there is an "ignored" policy, which retains "enforced" status, thus…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  12. Sophos Central - Scheduled Scanning

    In Sophos central console, Threat Protection>Scheduled Scanning it shows the only option for weekly scanning but we can not schedule scans on a weekly basis as Sophos utilize lots of primary memory and thus machine gets slow. I would like to get an updated version which provides monthly schedule scanning. It would be very helpful if we get this option on Sophos EP.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Updating  ·  Flag idea as inappropriate…  ·  Admin →
  13. Tamper Protection, log "login" attempts

    We would like to know when someone attempts to disable tamper protection by trying the guess the password. Loging such attempts would enable us to be alerted

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Easy way to move endpoint devices to a new client

    Dealing with a company split. The only way to move devices to the new client site is uninstall/reinstall. Most other products I've dealt with have an easy way to move endpoints to a new site. The current process is to disable tamper protection, wait, script an uninstall, then a script a reinstall. It's way more work than it should be. In the console, there should be an option "Move to a different client". With that, there should also be an easy way to add/remove components to match the new client site.

    11 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. On-Demand Scan from the Enterprise Console

    I'd like to be able to scan a client remotely from the Enterprise Console and watch the scan in real time or at least get the progress of the scan with the result when it finishes.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  16. Would like to have an alert when we get the event "Failed to install hmpa64: a reboot is required before the installation can succeed"

    Would like to have an alert when we get the event "Failed to install hmpa64: a reboot is required before the installation can succeed" or any other reason that result as rebooting the server or PC. When you have many servers, we can not check all the events on each server individually

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. file type

    Sophos real-time does not provide protection against all archive formats.

    My testing showed that rar, tar, 7z files are not scanned. Ticket/Case opened and confirmed with support 8554747.

    Would like to see more control over what file types/archives are scanned

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  18. search for sever by IP address in Sophos Console

    searching for servers by IP will be great to manage if we manage hundreds servers.
    Hosting companies are not friendly with the clients hostname.
    It would be very useful to be able to search and identify servers.
    So please add the option under Server Protection > Servers > The IP address searching.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  19. Root Cause Analysis for attacks from remote machines

    We recently had an incident where there was a Ransomware detection from a remote internal server that was stopped by Intercept X. It turns out that it was a false positive, however investigating to get to that conclusion was a problem as there is only a generic event created in Sophos Central but no Root Cause Analysis. If you look in the Windows event viewer logs for hitmanpro, you can see which files were affected and where the attack originated from, so the information is available but not being used within Sophos Central. When it comes to critical detections like…

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  20. terminal server desktop messaging

    When using Sophos on a terminal server there is a big problem that should really be fixed.
    All the users that are currently working can read all the desktop messages. Users B, C. D etc. can see messages like: "*******.com was blocked for user A".
    We had to stop the system tray icon in order to stop such problematic messages.
    This leads to the very uncomfortable situation to watch for Sophos notifications in admin console each time, a link does not work.
    Please make it possible on terminalservers for every user to see only desktop notifications which concern only this…

    7 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Windows Server  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.