Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Simple Addition : Machine reboot status event on Sophos Central

    On Sophos Central, we do get events whether a reboot is required for a server / endpoint or not. But it doesnt generate any event whether the reboot has been completed.

    The same event gets generated on client side but not on console side which is very lame.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enterprise Console


    1. We need an option under the Enterprise console to view all the endpoints of the entire sub-estate in one place. As an admin, we are finding it very difficult to go inside the sub-estate and view the endpoints.

    2. We need an option to move the endpoints from one sub-estate to the other sub-estate.
      (preferably drag and drop)

    3. We have a single AD server in place which needs to be synced with all sub-estate.

    4. We need a search option in the Add Peripheral Exemptions window.

    5. We need a “Model” option in Peripheral Control > peripheral exemptions.

    6. We need an option to…
    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  3. Reports in indian time zone

    We need DLP reports in GMT +5.30 zone instead of UTC , due to this we are getting challenges while auditing.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  4. Controllable thru cloud, stop scanning and send task to client.

    Should have Controllable feature thru cloud, exp: stop scanning, send task to client, turn on/off protection. It more easily IT support to support hundred over computer and different site, now hard to go to the site for only turn on the protection.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  5. Web Control device policy

    Could we have the ability back to apply web control policy by device instead of only by user? This was a feature in our previous version, and we use it to add protection for laptops. Some laptop users also use other devices so we don't want to apply policy by user, and some laptops are shared so we don't want it to be unprotected if someone else logs in. We prefer to avoid doubling up on protection for devices behind company firewalls.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Security/Control  ·  Flag idea as inappropriate…  ·  Admin →
  6. Find out inactive computer status on Enterprise console (Endpoint protection)

    How we find out inactive computer status on Enterprise console (Endpoint protection) same as Sophos admin Center console show.
    We cannot generate reports for inactive computers form Sophos enterprise console.
    Please accept my request for adding the feature in the report so that with this we can generate from Sophos enterprise console server.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Sophos Health Monitor Registry Values explained

    Please provide details on the registry values under:
    HKEYLOCALMACHINE\SOFTWARE\Sophos\Health\Status
    and the 64 bit equivalent.
    This looks like it would be very useful for us to create a Sophos endpoint monitor in our RMM platform - however there appears to be no documentation around the meaning of the values and support have been unable to provide the information.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  8. Vulnerable Software Report

    The Application Control feature allows for blocking of vulnerable versions of browsers, acrobat, etc. There should a reporting feature that will show all current vulnerable versions of popular software based on what version is installed and compared to the CVE Mitre index.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Patch Assessment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Sophos Central allows us to create a policy that blocks the use of all web browsers. What we would prefer is to block all Intenet access.

    Sophos Central allows us to create a policy that blocks the use of all web browsers. What we would prefer is to block all Intenet access without having to purchase an additional module that has this capability.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  10. AMSI Not working with .Net framework 4.8

    AMSI integration Not working with .Net framework 4.8

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  11. Secure LDAP binding

    With Microsoft forcing LDAP binding on SSL (Port 636) in second half of 2020 (https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023#ID0EUGAC) Sophos Enterprise Console needs support for it. According to Sophos devs the current SEC does not support LDAPS.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Sophos Enterprise Console (SEC)  ·  Flag idea as inappropriate…  ·  Admin →
  12. MTP/PTP separate webcam and mobile control

    On Device Control MTP/PTP devices, we should able to block only mobile devices but not the camera devices. these devices should be separated.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Able to download quarantined files from central

    If there are detection on the endpoints, the file that is moved to the quarantine must be able to download from the central console.
    This can be used as part of EDR incident investigation to be able for the administrator to investigate the detected file and we can also submit the file to SophosLabs for them to create IDE.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Incident investigation  ·  Flag idea as inappropriate…  ·  Admin →
  14. Individual (or client) Policy Exceptions

    I would like some functionality added to Sophos Central to accommodate for the need to exempt a specific application on a single server without creating the need for an endless and complicated web of policies as additional application exemption needs are identified.

    An example:

    The company has all servers "enrolled" in the Default Application Control policy. Server A requires all of the same rules as the Default policy but needs PuTTY allowed. No other servers can have PuTTY installed per a strict security policy. To accommodate this need, we, at present, must create Default Application Controls policy clone (w/PuTTY allowed).

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Application Control  ·  Flag idea as inappropriate…  ·  Admin →
  15. Current feature does not allow the peripherals to be blocked system wise without blocking the peripherals and then whitelisting it.

    It will be of great help if we can have the feature of disabling and allowing of USB drives system wise. Fo example if I need to block a specific USB drive to a specific system only, its not possible without blanket blocking the USB access and then allowing it as exceptions. By this you have to change the statud quo of other systems. This will lead to operational issues one has block all USB access and then allow one by one. So everytime the user has to get IT to allow if the USB device is a fresh one.…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  16. Bletooth blocking on MacOS

    Please enable Bluetooth blocking on MacOS via Peripheral control policy.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Device Control  ·  Flag idea as inappropriate…  ·  Admin →
  17. DLP: create a rule using a new extension

    We would like to create a dlp rule using a new extension to block or allow, but in this moment we can select only from a Sophos List. It's not possible to add or import new extension.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  18. Stop Scan Option

    Scan Now option is there but Stop Scan is not. it should be there it's basic feature of Endpoint

    Out many clients are asking for that feature.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Cloud Console  ·  Flag idea as inappropriate…  ·  Admin →
  19. Internet Destination File Copy

    Add a way to tell if an 'Internet Destination File Copy' was an upload or a download. Currently you can not tell if a user uploaded a file or downloaded or file. You can see where files go to a users 'Download' folder on Windows but this is not a reliable enough way to determine this.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Data Leakage Prevention (DLP)  ·  Flag idea as inappropriate…  ·  Admin →
  20. Application & Website Monitoring

    we want know user what are application & websites are using why this SOPHOS can implement because we going to use third party tool like employee monitoring is SOPHOS can do this implementation it would be more & more helpful

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  New idea  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.