Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable tamper protection control via policy

    Currently via Sophos Central you can either disable tamper protection for a whole organisation, or individually per machine. I would like tamper protection to be controlled via a policy so that I can specify a certain department or group of users that can have tamper control disabled.

    2 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
    • customise message in Web control on Endpoint protection.

      Need to customise a Denied message in Web control on Endpoint protection.

      12 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • sso
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        1 comment  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
      • Windows Defender Security Center compatibility

        It would be great to have Sophos Endpoint report its status to Windows Defender Security Center.

        20 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • sso
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  Flag idea as inappropriate…  ·  Admin →
        • Application version control

          Additional options in Application Control, especially for browsers.

          Being able to block:

          Versions of Chrome < X (Chrome current version is 62)
          Versions of Firefox < X (Firefox current version is 57)

          Being able to block versions of Chrome < 59 and Firefox < 53 would be a great start in killing off legacy browsers with lots of vulnerabilities from being permitted to browse the Internet.

          15 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • sso
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
          • Block the Executable Files in Device Control

            To combat the unknow malware (mainly don't detected by Sophos) a new Device Control option as "Block the Executable Files" can help to protect the network without lost the functionality to copy/read/delete other documents from this medias. In the business the users generally uses your USB's to transport documents (word, excel, ppt, txt, etc).

            This was suggested by LINCK in community https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/155/automatic-scan-of-removable-media#pi2151=1

            3 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • sso
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
            • Microsoft Remote Desktop store app

              Please allow us to enable/disable Microsoft Remote Desktop from the Microsoft App store. For some reason it's being blocked even though I have all the RDP options unchecked in Application control. I submitted a ticket for this and another application and they said i need to submit a suggestion.

              How is it a suggestion when it doesn't work as designed?

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • sso
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
              • Sophos for Virtual Environments - SVM command line installation parameters

                When installing the SVM, it would be beneficial to support command line arguments to automate the installation. Especially in large environments.

                2 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • sso
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
                • whitelist exe files

                  Add the ability to white list exe files from specific locations. e.g Allow file https://myInternalServer.com/clientInstall/VC.exe from sophos central web control. Support told me that there is currently no way to tag internal applications as safe and therefore we have to allow ALL .exe files in order to use our internal VC application.

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • sso
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                  • Sophos for Virtual Environments - Load Balancing Capability

                    Sophos for Virtual Environments v1.2.0 introduced GVM Migration functionality providing High Availability/Fail-Over. This is great, but I am seeing an issue where the GVMs aren't distributed nicely across the SVMs I have created.

                    I have setup 19 SVMs and included all IPs in the additional_svms.txt on each. What I have found when using a gold image to deploy the GVM Agent to multiple virtual pools is that one SVM is favored above all others (600+ on one SVM)

                    This results in performance issues... these are evident when running loadavg and nproc commands.

                    So my request is, can SVE be updated…

                    3 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • sso
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      Under Review  ·  0 comments  ·  Virtualisation  ·  Flag idea as inappropriate…  ·  Admin →
                    • Browser extention control

                      Allow or block browser extensions/Addons based on a whitelist.

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • sso
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
                      • Windows PC as update cache server

                        Make it possible to use a Windows PC as a Update Cache Server.
                        Now it is only possible with a server OS.

                        There are situations however where a customer has a local network with only desktop PC's and limited internet access.

                        3 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • sso
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • SAML login support for cloud console

                          This is a must have for many organisations web based tools. Also helps with SSO and multi factor logon requests which can usually be configured at the identity provider.

                          64 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • sso
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            14 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                          • May we set custom messages for the warning or blocking of file downloads as regulated in Web Control?

                            May we set custom messages for the warning or blocking of file downloads as regulated in Web Control? I have a customer who would like to customize the message given with the warning for downloading PDF files. I know I can simply allow the file, but we would prefer to remain vigilant. The only way I can find to do this is through customizing a firewall's warning, but nothing within Sophos Central. Any ideas?

                            The firewall article is here: https://community.sophos.com/kb/en-us/123361

                            Original KB post here: https://community.sophos.com/products/sophos-cloud/f/sophos-central/91631/may-we-set-custom-messages-for-the-warning-or-blocking-of-file-downloads-as-regulated-in-web-control

                            36 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • sso
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              2 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                            • Allow custom web block warns instead of block or allow

                              It would be nice to manually add websites to the warn list instead of only being able to add websites to a block or allow. Warning is useful as people can still get through if it is legitimate.

                              4 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • sso
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
                              • Data Control Policy - Add Microsoft Edge as a destination

                                Currently Microsoft Edge is not included as a destination within the Data Control policy for the on-premise Enterprise Console.

                                20 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • sso
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
                                • Sophos Home Beta - "Reboot for Update" Notification - Disable or Mute

                                  Today I've got an update notification that told me to reboot to complete the update. Although I usually don't mind this, it threw me out of the game I was playing (full screen, DirectX 12 application). I clicked "remind me later" and went back into the game. This happened again after around 30 minutes and I decided to just leave the message there, which fixed the issue of the game being minimized.

                                  Although a reboot seems to be required for certain updates it would be nice to be able to disable or mute the message - or that it does…

                                  12 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • sso
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    2 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Can we allow only to secured Bluetooth device by default & block to only mass storage Bluetooth devices?

                                    As per existing device control policy,Either we can allow or block any Bluetooth device under Device control policy but cant keep allowed by default only Secured Bluetooth device (which doesn't has mass storage)

                                    Can we allow only to secured Bluetooth device by default & block to only mass storage Bluetooth devices?

                                    Kindly confirm on this

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • sso
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
                                    • USB drives scanning automatically.

                                      We need an option that allows USB drives to be automatically scanned upon insertion.

                                      45 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • sso
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        2 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Create a way to uninstall Hitman Pro from servers using the Sophos Central console.

                                        Since Hitman Pro was part of an update to sophos server protection, we have had issues with utilization being high on the servers. Would like to be able to uninstall Hitman Pro without affecting the other server protections provided by sophos central.

                                        8 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • sso
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Auto generation of reports

                                          We need the Sophos Central to generate Auto reports on Daily/Weekly basis like it used to generate on ON Premise Server

                                          18 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • sso
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            2 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                          • Don't see your idea?

                                          Feedback and Knowledge Base

                                          icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.