Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

Suggest an Idea for Sophos Central...

Tamper Protection

1. Add a status column for Tamper Protection Enabled/Disabled in the Devices list.

2. Add a Enable/Disable Tamper Protection option to the Devices page. You would check as many boxes as necessary and then enable/disable tamper protection for them. This is necessary for mass reinstalls where Sophos is missing services or other.

3. Add a timed option for when Tamper Protection will automatically come back on. This could be a pop-up that shows after clicking disable which would then ask how many hours/days it should be disabled, or if it should be disable indefinitely. This will add administrative security as it's easy to forget re-enabling.

USE CASE: We need to reinstall Sophos to a large amount of computers currently missing services or having other issues. While we've found a way to push out a mass reinstall, we still have the task of going to each computer in Sophos Central, disabling the Tamper Protection, and then revisiting those computers later to re-enable Tamper Protection. I've noticed that there is a way to remove Tamper Protection for all computers in Global Settings, but that isn't ideal and presents an unnecessary security risk for every other unaffected computer.

42 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Daniel Murrieta shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

3 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • Scott commented  ·   ·  Flag as inappropriate

    Agreed, from MSP perspective it would be easy to have an Administrator password that covers ALL my customers devices in My dashboard, then i can use that password whenever onsite etc, only i can change this password. This would save logging in to get Tamper Passwords each time.

  • Daniel Murrieta commented  ·   ·  Flag as inappropriate

    Hey Bryn, we have it all set to automatic updating. The team in charge of imaging is using a deployment software that I'd prefer not to mention publicly. It does seem to have issues with the image, but it's hard to tell as a lot of the issues also seem to fix themselves shortly after handing to a user and letting the computer stay online for a time. To be sure if it's the image or not, I'll need to monitor some 15-30 computers newly imaged over 2 weeks or so. The real issue seems to be from everyday users whose services just fail or go missing, but, again, I need to be more thorough in my monitoring before I can pinpoint that.

  • Bryn commented  ·   ·  Flag as inappropriate

    @Daniel - I noticed you are having issues with Sophos services not being installed correctly. Are you using the "Controlled Updates" option and a deployment task/image for deploying sophos?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.