We cannot find reports on the how many computers was installed and deleted on SEC for this month, we tried to check on Sophos Databse but unfortunately did not find the database for Deleted computers with the date and time computers were deleted on SEC. Would be easier on our company's monthly reporting with this accurate data included, hoping for your favorable approval on this request2 votes
Restrict executable files from running in local user paths.
Group Policy Software Restrictions allows this based on Path (and other things) but the path one we use a lot for know malware that runs from Local %appdata% or other sub directories. You could then allow exceptions for those programs that are allowed to run form here.1 vote
So we know what subdomain or domain a computer is in, can we have the FQDN name visible on all devices?
We had two servers with the same name but in different domains for the same site. Confusing yes! But it would be easy if we saw the FQDN (device.domain.com) although the IP can tell us what subnet mask the machine is on, it would be a lot faster with a FQDN
Many time we need to exclude internal FQDN for custom Web Application that generate Exploit event because the cose was not write in a correct way.
It's not correct to exclude Browser form exploit Prevention or Intercept, but it will be great to exclude some FQDN from every exploit detection methods.1 vote
Application Control / Category Games: Blocking game launcher (e.g. Steam, Uplay) instead of single games.
Blocking Game Launchers (e.g. Steam, Uplay)
Most new games require certain launchers like steam or uplay to start - I think, these apps are missing in the current app list. I recommend to add such launchers to the app list which makes it much more easier to block games instead of trying to block single games (the list never can be complete).2 votes
when Sophos tells me thatI need to download a new version, I should not need to manuall uninstall the existing version first
When Sophos tells me to download a new version, I should not need to uninstall the old version manually, Sophos installer should do this automatically7 votes
There should be a way to filter email alerts so we only receive critical. We currently receive too many emails relating to the agent being out of data for a day which creates traffic for our ticketing system.2 votes
need an explicit no proxy (at all) setting for
b) policy in SEC for updating.
the no proxy setting currently means 'use system proxy' which causes install, reinstall and update issues depending how explicitly the environment manages proxies.1 vote
Feature Request - Bluetooth Audio in endpoint control
Assuming it's not currently possible to allow audio-only bluetooth within endpoint control policy, could this be added as a feature, please?
Enabling a blanket ban on bluetooth prevents the use of headphones and other peripherals, which can be inconvenient.
Add threat mapping for Sophos Enterprise Console like the threat mapping available in Sophos Central.2 votes
Easily allows me to configure exclusions babsed on the subfolder of a variable. In my case I wanted to exclude a number of subfolders of the Exchange 2013 installation
paths. I wanted to use “%ExchnageInstallPath%Mailbox” but adding a subfolder is not supported. It is not acceptable for me to exclude all subfolders, meaning I have to individually specify a path for each server (as they differ on a per server and per location
basis). This was more work than it could have been.2 votes
When adding new software to managed endpoints - i.e intercept x - to be able to see number of machines assigned vs bridgeable.1 vote
I believe it would be greatly beneficial to not just have the option to set a time for a policy to expire, but to have policies that come into effect during certain scheduled time windows.
For example, to have the option to apply a policy between 12PM-2PM Monday - Friday.1 vote
I had a critical notification from Sophos Cloud indicating a Ransomware detection - as it turns out, it would seem that it was a false positive, however the behavior of the application in question was questionable enough for it to be flagged. I would appreciate these types of detections(critical, etc) to be flagged in the Root cause Analysis tool so that we can follow up - even though the detection may be false, the behavior could be potentially unwanted and would merit further follow-up and investigation.2 votes
To better understand the Sophos Central logs. We know that device (endpoint) IP addresses are not included in the log. We’re attempting to learn more about the endpoint_id field. Can we include the following:
• A field that in any way represent an IP address (IPv6) or similar?
• Is there any lookup table available within Sophos Central that would translate endpoint_id to host?1 vote
Please add an option/additional column "Category" in report for Application Control. Now we can choose Application Control Expression * for all or select particular Application in report.
Given that you already have defined categories it would be fine if we could make report e.g. for category "Remote management tool" for last two months.2 votes
Have the ability for on-prem SEC/SAV to have the ability to configure the RMS component to use a proxy if the network has been locked down.
Updates can be configured to use a proxy but RMS cannot.
Can this be considered?
Make Sophos AV compatible with Microsoft Sysmon. Currently Sophos AV goes into deadlocks when Microsoft Sysmon is used with with image load option. Provide a fix that will not cause a deadlock, many other AV products do not have this issue.4 votes
It would be nice if Sophos enterprise console firewall control allows access control of applications such as rdp to PC from specific PC or IP such as those implemented in Windows Firewall where u can decide which PC/Users/IP are permitted to rdp to the machine.1 vote
- Don't see your idea?