Sophos Ideas / Sophos Central

Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

Suggest an Idea for Sophos Central...

← Sophos Central

Improved device list views

Including the ability to add/remove columns and filter results.

For example, add a column about tamper protection, and have the ability to filter for only devices with it disabled. Or to add a column about Intercept X software version and filter for certain version(s).

This would apply to Endpoint and Server views.

We intend to make this functionality available via APIs as well.

388 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID New Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

AdminJon (Admin, Sophos Features & Ideas Laboratory) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

71 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID New Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Grant Phillipson commented  ·   ·  Flag as inappropriate

    I agree this should be a feature, just now it is too time consuming having to go into every device to check its tamper protection status. we should be able to run a report or have an extra column on one of the existing reports. also maybe place an alert if tamper protection is turned off.

  • Stefan Bettighofer commented  ·   ·  Flag as inappropriate

    We have to Reinstall ower PCs with disabled TP. Else the HitmanPro Alert Service Fails to install from time to time.

    Its possible that we forget to aktivate the TP after the reinstallation of the Client.

  • Eric Weaver commented  ·   ·  Flag as inappropriate

    Yes, need to be able to schedule reports and send them via email, like the on-premise Sophos Enterprise Console lets us do. This is critical from an auditors, regulators perspective.

  • Michael M commented  ·   ·  Flag as inappropriate

    Hi, This would allow us to better managed our Customer endpoints. Knowing the component versions allow's us to determine if a device isn't receiving an update for some reason or if a device has installed a hotfix yet.
    I'd recommend listing out what's in Installed Component under the Sophos Endpoint Self Help tool

  • Zeb Smith commented  ·   ·  Flag as inappropriate

    In this day and age of DevOps and Automation, the lack of an external API to perform at basic functions (at a minimum) is a huge shortcoming.

    We should, at the very least, be able to easily query information about devices registered in Central, get a list of active alerts, etc. via a web service.

    Email alerts on a fleet of many thousands of devices are simply not manageable.

  • David Veatch - Super Admin commented  ·   ·  Flag as inappropriate

    I just found a relatively easy way to identify the machines that have Tamper Protection disabled - though it's not without its inconveniences.

    Logs & Reports/Audit Logs

    Tamper Protection changes are recorded here the Description column as "Update computer tamper protection"

    Export as CSV is available, making it relatively easy to narrow it down to just those entries.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I totally agree with this, it's very hard to see on a large network which machines need a reboot, also whereas the console says "Reboot Recommended" the individual machines state "Reboot Needed" which is very different.

  • Tom Stacey commented  ·   ·  Flag as inappropriate

    Endpoint and Server as well please. It would be a nightmare if i had to check all 2000 devices individually.

  • Anonymous commented  ·   ·  Flag as inappropriate

    We really need this feature please, whether in drop down or a new column would be so MUCH more enterprise friendly than nothing. I tried the suggested Event report, but it was not accurate compared to current state. I had to run the Audit Logs -> Export which only told me that Tamper was changed and not whether enabled or disabled, so still had to touch a bunch of servers we had been troubleshooting.

  • Tim commented  ·   ·  Flag as inappropriate

    I also agree that this would be very helpful. I have had a few instances where I have needed to disable Tamper Protection on an Endpoint, and then a while later (days or weeks) realized that I had forgotten to re-enable it.

  • Vikas Mundhe commented  ·   ·  Flag as inappropriate

    We really want a report that tells me if any endpoints have tamper protection turned off.
    Reports>Events>Policy Compliance>Policy non-compliance does not solve the purpose

  • Matt Davies commented  ·   ·  Flag as inappropriate

    The 'Reboot recommended' warning/alert functionality was changed as part of a recent update to the Sophos Central Platform. 'Reboot recommended' alerts were changed to informational messages, meaning that they do not show in the Alerts section on the dashboard.

    The informational messages appear in both the updating event log and in the Events tab against individual devices. Unfortunately, the updating events report shows a complete history of machines that have triggered the 'Reboot recommended' informational alert. So this doesn't make it clear as to which machines have been rebooted and which still require the reboot.

    Please alter this functionality in order to make it clear as to the machines that are currently pending a reboot (even though it may not be 'required'

  • Ken commented  ·   ·  Flag as inappropriate

    A simple drop down option where Show all computers is default would work out the best you have show all Bad and all medium and bad so another option to show all with tamper protection off. Often we have to shut off to do maintenance and sometime we forget to turn back on

  • Fieldhouse commented  ·   ·  Flag as inappropriate

    And buttons to override every occurrence of disabled tamper protection, on endpoints, servers, and/or both.

1 3

Sophos Central: Endpoint Protection

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.