Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Improved device list views

    Including the ability to add/remove columns and filter results.

    For example, add a column about tamper protection, and have the ability to filter for only devices with it disabled. Or to add a column about Intercept X software version and filter for certain version(s).

    This would apply to Endpoint and Server views.

    We intend to make this functionality available via APIs as well.

    444 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    90 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →

    The APIs are now available, please see https://developer.sophos.com/ for more details.

    For example, retrieving tamper protection status is available this way: https://developer.sophos.com/docs/endpoint-and-server/1/routes/endpoints/%7BendpointId%7D/tamper-protection/get

    I appreciate many people simply want the admin UI to offer the functionality rather than just APIs, and we will update it to allow column addition/removal and filtering on any column. However, this is likely to not be until around August as the development team have been reassigned to assist another project for a few months. Sorry for the wait, I would very much like this to be available earlier.

    I’ll leave this item open and “started” until the admin UI changes are released, but please do be aware of the API option in the meantime.

  2. Sophos Central Enterprise: Make Heartbeat works for all Sub-Estate central deployment

    Relate to this limitation:
    https://community.sophos.com/products/sophos-central/f/general/117661/heartbeat-with-sub-estate-central-deployment/425654#425654

    In a Sophos Central Enterpise deployment with sub-estate make endpoint Heartbeat connection with XG works for all the sub-estate.

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  3. FIM (File Integrity Monitoring) for sophos endpoints

    Hi all,

    We're wondering why there is no FIM (File Integrity Monitoring) functionality for endpoints but servers, only.

    There are also files or paths on endpoints where it would higher the security level a lot if you could assure the integrity of these files and paths.
    We have a specific scenario that I cannot cover with Sophos Endpoint Security because we cannot assure the integrity of certain files.
    To allow us central management of credentials of local administrator accounts on our windows client we use a well-known tool from MS called LAPS.
    LAPS uses a little application on the clients…

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. API

    as an Sophos System-Partner we work and customize with an Documentation-Software, called "Docusnap". Our ideas going to import some informations into the docu-solution for using in Recovery-, Rescue- and Restore-plans. But for devlop we need some defined WEB-API's. It would be nice and very helpfull having read only access on some details e.g. product summary, versions, installed on, last state and any more. What's your suggestions, any chance to implemente it next time?

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  5. Need randomization schedule for Schedule Scans

    In a previous Antivirus product, we had the ability to turn on a 4 hour window where the system perform a randomized scan of a particular server.

    Currently, Sophos Central can not provide the ability to perform a randomized schedule. Please consider this. In our virtual environment, I have currently set up 7 policies to split my servers into. However, each server within the policy STILL will start its scan at the same time as others with the same policy.

    A randomization option is needed to spread the IOPS load on our SAN.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. SNMP on XG-Firewalls

    Based on current generation from XG-Firewalls. Missed some SNMPv2 standard OID's for:
    ipAddrTable: 1.3.6.1.2.1.4.20
    ipRouteTable: 1.3.6.1.2.1.4.21

    Normally this values an standard all over the world on SNMP-Devices, still in Sophos-SG-generation. Generally it's needed by automated creation of routing-plans and more by software solutions.

    In the Moment the SNMP-Interface is nice, but not so usefull for production environment's. Secured OID's can be saved by implementing SNMPv3, but this alos not an available option on XG-firewall at the moment.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  7. Push agent via Update Cache / Message Relay

    Create the possibility to push an agent wihout having to download and install it. Probably could be realized by expanding update cache and/or message relay servers with agent push possibility.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Choose which events to receive via email (not only alerts)

    Alerts can be received via email. Sophos only sets these events as alerts, which are not automatically resolved by Sophos.

    But some events may be crucial, such as:
    - Someone tries again and again to open the same blocked websites
    - A Virus/Ransom Ware was blocked by Sophos

    For now you have to look into the Events Report in the Admin Center of every single customer to get these information,
    which is quite time-consuming, especially if you have a lot of customers.

    A Feature that allows you to choose by yourself, which events you want to receive via email, would…

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  9. Separate licensing for Linux Endpoints

    Estate Licensing for Mixed Windows/Linux only makes "Cents" for Sophos, Does NOT make "Sense" for customers. Effectively Sophos and MSP's have to charge more for a product that gets no or limited additional features from the Standard protection. When selling to clients whom have both Linux and windows servers it is kind of hard tell them. Get advanced its great on your windows boxes. Oh, and you get to pay more for your Linux servers and get no extra benefit.

    Linux products really should have there own SKU. And be priced separately. I see some posts for Linux workstations to…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Server Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. FEATURE REQUEST: Retain Computer List Upon Returning to Computer Search Page

    Bug Fix/Feature Request for Sophos Central Admin:

    Feature: Computer Search

    When performing a search on computer devices to check health status, you get a list of desired computers displaying either of the following 3 statuses: All Health Status, Computers with a medium or bad status, Computers with a bad status. When user selects a specific computer, more device detail information is displayed. However, when you go back to the previous screen, the previous list is no longer displayed; page is back to default.

    NEW IDEA PALMDALE SCHOOL DISTRICT IS REQUESTING:
    REASON: FOR EASIER END-USER MANAGEMENT (SAVE ALOT OF TIME &…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  User management  ·  Flag idea as inappropriate…  ·  Admin →
  11. Global Exclusion for Endpoint and Server separated

    Global Exclusion should be available for Endpoint and for Server. Not one for all as EP and Server exclusions are very different.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  User management  ·  Flag idea as inappropriate…  ·  Admin →
  12. 10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  13. Scan Option for Archive Filetypes - Threat Protection Policy option

    There needs to be an option to enable/disable,if archives were are scanned in Real-time scans.
    This option should be seperated by the kind of archive.
    Right now it is not possible to scan tgz-files.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Fix Outbound Spam Filtering

    Allow confirmed spam outbound to be quarantined and inbound to be deleted by having separate settings for inbound and outbound.
    Allow outbound filtering to be turned off.
    Or get better at recognizing confirmed spam. We have constant problems with false positives outbound. They're not even marketing emails. Last time they were legal documents for a court case, and Sophos decided it would delete them.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add "Details" link in macOS events

    Please add a link to view event details for macOS machines. This feature exists for Windows machines, but not macOS.

    When responding to alerts in Sophos Central, the first thing I do is gather as much information as possible from the alert itself. Whether the endpoint is Windows or macOS, I need to be able to view details such as the file hash, raw detection data, file publisher, etc. in order to properly triage the alert.

    After reviewing an alert, I go directly to the events tab of the device in question. On a Windows machine I am able to…

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. block list

    Allow superadmin accounts to edit an end user's block list on a global basis and not as per individual. Doing so will allow admins to unblock addresses that were accidentally blocked.

    Bring together the block list from all domain users into the enterprise list.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Email Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  17. Import Computers from AD

    The ability to import computers from AD would be helpful to identify devices that may not have the Sophos Central Agent installed

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  18. Log retention needs to extend 30 days

    Extend the duration of logs from 30 days to 180 days as a minimum.

    A month is not long enough for ongoing troubleshooting cases...

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Email Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  19. Outgoing DKIM signing for email

    Please add outgoing email DKIM signing

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Email Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  20. Improved Central Endpoint release notes

    The release notes located at https://www.sophos.com/en-us/support/endpoint-release-notes.aspx do not include every update made to the Sophos client. We sometimes receive emails stating "Sophos has released a product update" but determining which affected operating system is difficult since the current release notes page doesn't always show an update.

    Adding a page that is updated consistently every time an update is made available is a feature our organization would get value from.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 114 115
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.