Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Central endpoint - enforce proxy route via wpad for updates

    Central endpoint update configuration will currently read a wpad file and see proxy settings, however if there is more than one route it will take the most direct one with no facility to force the traffic via specific routes / proxies, see sanitized log output below.

    The system sees the proxy settings from the wpad but then still goes direct without the proxy as that is most direct route, we need to be able to set the route for this update traffic.

    =================================
    [ 1760] INFO WindowsProxyDiscoveryWrapper::GetDefaultProxyConfiguration WinHttp default proxy not set
    [ 3456] INFO WindowsProxyDiscoveryWrapper::GetProxyForUrl WinHttp discovered proxies "PROXYFQDN:3128" …

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Scan status

    There should be some sort of indication that a scan is running on a computer when it is triggered in the cloud. From what I can tell there is no indication that a scan is currently running or how far along it is, after pushing the "Scan Now" button.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  3. Customized Browser based alerts

    Please, allow to set custom messages for the warning or blocking of file downloads or URL's as regulated in Web Control for Sophos Central customers? Similar to what the XG firewalls are allowing.

    Thank you

    Larry Goncea
    Larry@domain-group.com
    484.256.4373

    37 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Block or Ignore devices that left the company

    Please add an option for devices leaving the company with the Cloud Endpoint solution installed (by mistake, not having possibility to uninstall, theft etc).
    My suggestion would be an "ignore/block" option, where the Endpoint won't be able to update anymore (SAU) and doesn't appear in the console either.

    35 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    We intend to modify the “delete” function so that devices have the protection software removed and tamper protection disabled. They will not show in the admin UI (by default) or use a license.

    The admin can recover deleted endpoints in case of mistakes with deletion. To facilitate this, a few core pieces of Sophos software will be left in place, these can be removed by the end user if they wish (the admin would then need to do a full reinstall to “recover” the machine though).

  5. MAC Address

    Would like to see the MAC Address listed on the Devices tab as well as to be able to export to a CSV file. This would be extremely helpful to those of us managing networks of 4000+ devices. I believe this information must be captured in the Sophos servers so I can't imagine it would be that hard to include in the Device information.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    36 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Quarantine and PUA cleanup not working the way I want.

    Today Sophos automatically cleaned up a PUA that I did not want cleaned up. I had no way to go into quarantine and restore the file. I would like to be able to do that preferably from Central. I would also like to be able to not automatically clean up PUAs but continue to automatically clean up malware. There is no distinction in the settings.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Separate Proxies & Translators category

    The categories Proxies and Translators should be separate. Many customers would like to block sites categorized as proxies but allow sites categorized as translators. They should be configured like this by default.

    Ex. translate.google.com is blocked by default.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Request to whitelist via ip address in Sophos Central Email Gateway

    Customer is requesting for an option to whitelist via ip address in Sophos Central Email Gateway

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Email Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  9. Ability to send messages to managed machines

    From within the Sophos Cloud product, it'd be really useful to be able to post notifications to an end user machine. For example "There will be an unusually large AV update on Thursday - please allow time for this to complete"

    or

    "You can now get corporate email on your Mobile Device - go to intranet.local/BYOD for more information"

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Automatic cleanup options for old machines

    We have over 3000+ machines that have not checked in for over a month. We NEED some way to either set a policy to automatically cleanup old/inactive machines or at least be able to select in bulk and delete them.

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  11. Alerts are not customiziable and need major upgrades.

    Clearing alerts, It would be best if I don't have to manually select all 500 alerts and acknowledge them. What would be better would be a section for me to select what categories to be alerted. I seriously don't care if a reboot is required after a software update. The computer will restart when it restarts. At this point the alerts are useless to me. Another idea would be the next time the computer scans and doesn't find a threat or issue, that the alert gets cleared. It's a lot of manual labor...

    33 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Sophos Central Audit Logs

    The Audit logs are lacking in detail and visibility, specifically:

    1. When moving devices/computers into groups - the audit logs only show that a change was made to the group itself, not which devices/machines were affected.

    2. When a change in product assignment is done (e.g. we remove Device Encryption as an installed product on a device/machine or a group of devices/machines) the audit logs do not show which devices/machines were affected.

    3. When changes are made to a Sophos Central policy, what were the actual changes made within the policy.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Need Event Log Report TO FIND System with Tamper PROTECTION Disabled

    FIND System with Tamper PROTECTION Disabled

    We have multiple Admins on Central and Sometime during T/S the Tamper Protection is TURNED OFF for few systems. However if the ADMIN does not roll back its a RISK.

    Need an AUDIT LOG REPORT for Systems with Tamper protection TURNED OFF

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  14. Notes for Peripheral exemptions

    add a notes field to peripheral exemptions so I can note why im creating the exemption.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Role customization

    Please create a feature that allows for custom security roles to be created, and/or for the existing default roles to be customized so we can better determine who receives notifications or restrict access to users.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  16. Users have no idea of missing emails quarantined due to attachment file type

    Hi, please consider this simple suggestion.

    Ability to include quarantined messages by reason "Attachment file type" in the quarantine summary but without the "release" option to keep them safe from themselves.

    Some messages that are not flagged as spam/bulk with attachments get flagged and sent to quarantine due to potential threats, but no one other than admins can see them. Unless you have a dedicated resource monitoring this quarantined list, users will never know about these messages.

    Not asking to open potential security holes here, but if the users could see they got messages that were deemed dangerous because the…

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Email Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  17. Control Update Cache through policy

    Would like the ability to specify what update caches a particular group of machines can use through the update policies. The current method would not work in our network environment, with our remote sites, as geographically distant locations may be forced to update from locales that are neighbours in subnets.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow us to filter and select alerts!

    For the love of God, please allow us to filter and select multiple Alerts to clear on the alert screen. We may have 100s of alerts for the same thing and, after resolving it, having to select each individual alert to clear it is ridiculous. It makes the alerts in our console completely useless.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
  19. InterceptX Root Cause Analysis (RCA) cases do not generate alert email

    I have had InterceptX Root Cause Analysis (RCA) cases detected with low, medium, and high priorities -- but none of them generated an alert email.

    It is very important that they do so, because RCA cases imply that malicious code has attempted to run on an endpoint, and this requires manual investigation to ascertain the cause.

    At the moment it appears that the only way of noticing if you have a new RCA case to deal with is if you manually go Dashboard -> Endpoint Protection -> Root Cause Analysis.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow filtering by Windows version

    On Sophos Central, when adding computers to a computer group, add an option to filter by the windows operating system version.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Endpoint Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.