Sophos Ideas / Sophos Central

Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

Suggest an Idea for Sophos Central...

← Sophos Central

Improved device list views

Including the ability to add/remove columns and filter results.

For example, add a column about tamper protection, and have the ability to filter for only devices with it disabled. Or to add a column about Intercept X software version and filter for certain version(s).

This would apply to Endpoint and Server views.

We intend to make this functionality available via APIs as well.

443 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

AdminJon (Admin, Sophos Features & Ideas Laboratory) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
Started  ·  AdminJon (Admin, Sophos Features & Ideas Laboratory) responded  · 

The APIs are now available, please see https://developer.sophos.com/ for more details.

For example, retrieving tamper protection status is available this way: https://developer.sophos.com/docs/endpoint-and-server/1/routes/endpoints/%7BendpointId%7D/tamper-protection/get

I appreciate many people simply want the admin UI to offer the functionality rather than just APIs, and we will update it to allow column addition/removal and filtering on any column. However, this is likely to not be until around August as the development team have been reassigned to assist another project for a few months. Sorry for the wait, I would very much like this to be available earlier.

I’ll leave this item open and “started” until the admin UI changes are released, but please do be aware of the API option in the meantime.

Show previous admin responses (1)

90 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID New Sophos ID Test Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Alex commented  ·   ·  Flag as inappropriate

    This is a no brainer, and absolutely needs to be implemented not just by API but in the Sophos Central Console.

    Looking forward to this report, or API at the very least.

  • Adam commented  ·   ·  Flag as inappropriate

    I've just been looking for a way to identify which systems have tamper protection disabled and am genuinely shocked to discover that there is nothing built into Sophos Central.

    This is, in my view, a huge omission and needs to be added as a matter of urgency.

  • AdminJon (Admin, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

    Work is progressing well on the back end changes. The first access will be via APIs. See https://developer.sophos.com/ for documentation on what the APIs will offer. I believe the APIs will be released and usable by any Sophos Central customer in the next couple of months.

    Once the backend and APIs are completed we will start to work on the admin interface improvements (which will use the same API and backend). There is still a lot of work to go, but the current estimate is that the UI changes will start to be released by the end of this year, with us gradually adding capabilities over time. I'll keep this feature request page updated as we go along. Thanks for your patience.

  • Robert Sieber commented  ·   ·  Flag as inappropriate

    And the Export to CSV link should include all columns and rows selected. Currently OS Version cannot be included in the export - which is ridiculous.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Dear,

    I join the vote as we have an important client from Argentina reporting the lack of details in the version installed on servers and endpoint. Do you have an estimated date to make this upgrade in the console?

    Thank you!

  • Anonymous commented  ·   ·  Flag as inappropriate

    Any updates to this? I need to pull info from Sophos Central pertaining to which machines do not have the latest version of Sophos Endpoint and I can only determine what version the machine has by searching by the machine name one by one which will take entirely too long.

  • Nicky Hughes commented  ·   ·  Flag as inappropriate

    Need Event Log Report TO FIND System with Tamper PROTECTION Disabled
    FIND System with Tamper PROTECTION Disabled

    We have multiple Admins on Central and Sometime during T/S the Tamper Protection is TURNED OFF for few systems. However if the ADMIN does not roll back its a RISK.

    Need an AUDIT LOG REPORT for Systems with Tamper protection TURNED OFF

  • Aland commented  ·   ·  Flag as inappropriate

    Sophos has reported that malware is able to defeat Intercept X and completely cripple EndPoint if tamper protection is turned off but we have no easy way to determine if tamper protection is enabled or disable quickly? This should show up on reports and security dashboard. Self healing after a certain amount of time should also be a global/site setting.

  • Scott commented  ·   ·  Flag as inappropriate

    Agreed, from MSP perspective it would be easy to have an Administrator password that covers ALL my customers devices in My dashboard, then i can use that password whenever onsite etc, only i can change this password. This would save logging in to get Tamper Passwords each time.

  • Brittany N commented  ·   ·  Flag as inappropriate

    Sophos, this is a major part of the security of your product. I would absolutely love to see this feature implemented. As it is now, sometimes I'll still run across endpoints where it's been turned off. How many more are out there like this? I won't know until I check through each individual endpoint, a laborious process which isn't feasible in anyone's environment.

  • AdminJon (Admin, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

    It is difficult to show the policy in effect on a user without being misleading. A user can have more than one device, and those can have different policies.

    We plan to improve the device list details page so that, amongst other things, you can see which policies are applied.

    We will consider the same changes for the user list view afterwards, though it will need to take account of the device policy complexity outlined above.

    For now, I'm going to merge this request into the device details request as it is the primary way we're focussing on this type of request.

  • AdminJon (Admin, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

    Non urgent reboots are not detrimental to protection, so do not create an alert. At the moment they can only be seen in the admin console by looking for the event type on the user, device or event report.

    We plan to add more detail to the list views, including whether a reboot is urgently/non-urgently or not needed. I'll merge this request into that request accordingly.

  • XG Fan commented  ·   ·  Flag as inappropriate

    global tamper protection status without having to manually go through each endpoint's page is a must when 1000+ endpoints and multiple admins are involved.

← Previous 1 3 4 5

Sophos Central: Endpoint Protection

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.