Sophos Central
Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum
-
add multiple selection boxes to quarantine list in self service portal
On the Sophos email Self Service Portal there's no way to select and act on multiple emails. you have to work on them one at a time. I have users that end up with dozens of emails in their quarantine and would like to release or block them by selecting several at a time. you should add a check box to the left for multiple selections.
54 votes -
Add ability to see the version of Sopho Central agent installed on Apple / MacOS devices
We(Admins) need the ability within Sophos Central dashboard to see the version of Sophos installed on Apple / MacOS devices. Adding a column to the table of devices would be a great bonus as well so we can export a report.
This is useful for Admins to properly support users and account for the devices to see which one's need updating or out-of-date.
Currently Window's computers shows this information clearly already.
I've gone over this with Sophos support to see the version of Sophos installed on Apple / MacOS devices, and THERE IS NONE.
6 votes -
Mobile Advanced
Within the GDPU it is neccessary to delete all content from e.g. an iPad when a fully supervised Device is handed over to another e.g. student.
Within iPadOS or iOS it is possible to "ERASE ALL CONTENT AND SETTINGS".
So we need to trigger this from Sophos Central Mobile Advanced, too.5 votes -
Assign Device Group to Sophos Update Cache
Would it be possible, When manually assigning devices to an Update Cache, To specify a Device Group in oppose to ticking the individual PCs. This would make it for easier and quicker to assign devices to the nearest logical update cache.
Thanks
5 votes -
Alert on servers not checking in
I want a High level alert when a server stops checking into Sophos Central. Not just when it goes Inactive (2+ weeks) but any time it stops calling home for 24 hours. I work for an MSP and there is no way I'm going to check on that many client portals in one day just to look for issues; that's what alerts are for. The lack of this visibility has caused us a major liability with a client.
If a connection check isn't possible, then have Device Not Updated alerts happen implicitly when a server doesn't call home for…
4 votes -
Global Block URL Feature
Ill put this feature against Email Gateway as that is where is sorely needed but this feature should be for all Sophos Central components.
Part of the power of Sophos Central should be centrally across all security product reacting to a security event and taking action to resolve it.
Currently there is no "Block URL" feature in Email Gateway - There is an URL Allow list but no block feature. This is sorely needed.
One of the main benefits of using Time of Click is to immediately react to issues not only on future emails but existing emails in users…4 votes -
Automatic Exclusion - SQL Server 2019
Can SQL Server 2019 be added to the list of automatic exclusions please?
See: https://support.sophos.com/support/s/article/KB-000035264?language=en_US
4 votes -
Azure Sync should filter for group membership
Azure sync right now syncs the entire azure active directory. How is this usable for anyone? It gets service accounts. It gets a ton of guest users if you share documents externally from onedrive, or teams. People who dont even work at my company get synced to the sophos portal. With BYOD I would want automated emails to go out to new users so they can self service, but thats unusable with Azure Sync.
53 votes -
Make the alert control more granular, let us decide what alerts we want to get
Priority: HIGH
Detection name: Lockdown
Root cause: Could not find root cause
Possible data involved: no business filesIts concerning when we don't get HIGH alerts that involve blocking a PROD App.
I had to chase around trying to spot why it wasn't working. Several hundred people couldn't the app after an update! Once I saw the Lockdown alert I could allow the App as a Safe Allowed Application.
Also other malicious activity is 'cleaned' by Sophos but we don't get alerted! Why ?We need to have the choice of getting Alerts or not.
We find this disturbing that…
4 votes -
sync of shared mailboxes as a separate mailbox type
It would make sense that the Sophos Central would also synchronize shared mailboxes with the AD Scnytool. In AD it is a separate OU and so it would also be useful to display it in the administration. Simply add another query option in the tool for shared mailboxes and this new mailbox type in Central.
4 votes -
language filters
It would be very useful if you could block messages with certain languages present. For instance my organization would never receive messages in Chinese or Russian. Having the ability to block messages in certain languages would cut much of the spam down.
4 votes -
Policy, logging and Reporting improvement on Central Email
1> Blacklist check for a domain/IP.
2> Test a mail server response on SMTP/SMTPS.
3> SPF & aSPF detailed logs, at least for those which fail either or both. Policy enhancements for aSPF condition.
4> DKIM & aDKIM detailed logs, at least for those which fail either or both. Policy enhancements for aDKIM condition.
5> DMARC logs, list domains that pass & fail DMARC strict policies.
6> ToC detailed analysis logs instead of just blocking/warning.
7> Header anomalies detailed logging and reporting.
8> Sender's Mail service provider & DNS. Top 50/100 at least.
9> Look out for report generated by…9 votes -
Sophos Two Factor Issue
We need a "Remember this computer" option on the two-factor sign in. Its ridiculous having to enter that SMS code multiple times a day on my main secure computer.
4 votes -
url category test tool
Hi, we just move to Sophos, it looks very good. One point that we would like to be included, is a URL category test, this is, a test place where we can put the URL and get a response with the Category. Most of the URL filter solutions has this test tool.
3 votes -
Blocklist - Quarantine Option
We would like the ability to have the Emails that appear under the customers blocklist to be put under quarantine instead of them being straight away deleted.
This is impacting our client and there operation and has caused a lot of business loss due to not being able to retrieve the emails.
How would you rate the importance of this feature.
1 = Critical
2 votes -
Improved device list views
Including the ability to add/remove columns and filter results.
For example, add a column about tamper protection, and have the ability to filter for only devices with it disabled. Or to add a column about Intercept X software version and filter for certain version(s).
This would apply to Endpoint and Server views.
We intend to make this functionality available via APIs as well.
514 votesThe APIs are now available, please see https://developer.sophos.com/ for more details.
For example, retrieving tamper protection status is available this way: https://developer.sophos.com/docs/endpoint-and-server/1/routes/endpoints/%7BendpointId%7D/tamper-protection/get
I appreciate many people simply want the admin UI to offer the functionality rather than just APIs, and we will update it to allow column addition/removal and filtering on any column. However, this is likely to not be until around August as the development team have been reassigned to assist another project for a few months. Sorry for the wait, I would very much like this to be available earlier.
I’ll leave this item open and “started” until the admin UI changes are released, but please do be aware of the API option in the meantime.
-
Filter reason added to quarantine messages
It would be very helpful to be able to filter the Quarantine Messages to display the "Reason"
Example.
Filter by Direction (Inbound)(Outbound(All)
and Type (Bulk)((DMARC)(ETC)7 votes -
Location Awareness Policy
Location Awareness Policy
Ability to create different policy for different location such as in office and out of office such as home6 votes -
Ability to repair/uninstall sophos endpoints that are showing issues from central
I am requesting a basic feature enhancement. I am seeing alot of endpoints that are having issues updating or services shutting down. I was told that I would have to spend money to upgrade my service to have the ability to run a remote (from central) uninstall of the product or some sort of repair. I am requesting that ability on central for all endpoint subscriptions since that was the reason why central was established. Thanks,
2 votes -
Firewall Resources ( CPU |MEMORY | DISK )
I think is a good idea to have information about the firewall's resources under the Sophos Central.
If you look at Sophos Central > Firewall Management > MANAGE FIREWALLS > Firewalls, you can see that we've informations about NAME | ALERTS | SYNC & MANAGEMENT | SYNCHRONIZED SECURITY | VERSION | IP ADDRESS | MODEL | SERIAL NUMBER
I ask to insert three more columns for informations about the CPU, MEMORY and DISK which shows the load of each one of these resources.
Thank you.
7 votes
- Don't see your idea?