Sophos Central

Suggest, discuss, and vote on new ideas for Sophos Central. The unified console for managing your Sophos products.
Please raise all product releated feature requests in the respective product forum

Suggest an Idea for Sophos Central...

Improved device list views

Including the ability to add/remove columns and filter results.

For example, add a column about tamper protection, and have the ability to filter for only devices with it disabled. Or to add a column about Intercept X software version and filter for certain version(s).

This would apply to Endpoint and Server views.

We intend to make this functionality available via APIs as well.

280 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

AdminJon (Admin, Sophos Features & Ideas Laboratory) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

54 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    Dear,

    I join the vote as we have an important client from Argentina reporting the lack of details in the version installed on servers and endpoint. Do you have an estimated date to make this upgrade in the console?

    Thank you!

  • Anonymous commented  ·   ·  Flag as inappropriate

    Any updates to this? I need to pull info from Sophos Central pertaining to which machines do not have the latest version of Sophos Endpoint and I can only determine what version the machine has by searching by the machine name one by one which will take entirely too long.

  • Aland commented  ·   ·  Flag as inappropriate

    Sophos has reported that malware is able to defeat Intercept X and completely cripple EndPoint if tamper protection is turned off but we have no easy way to determine if tamper protection is enabled or disable quickly? This should show up on reports and security dashboard. Self healing after a certain amount of time should also be a global/site setting.

  • AdminJon (Admin, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

    It is difficult to show the policy in effect on a user without being misleading. A user can have more than one device, and those can have different policies.

    We plan to improve the device list details page so that, amongst other things, you can see which policies are applied.

    We will consider the same changes for the user list view afterwards, though it will need to take account of the device policy complexity outlined above.

    For now, I'm going to merge this request into the device details request as it is the primary way we're focussing on this type of request.

  • AdminJon (Admin, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

    Non urgent reboots are not detrimental to protection, so do not create an alert. At the moment they can only be seen in the admin console by looking for the event type on the user, device or event report.

    We plan to add more detail to the list views, including whether a reboot is urgently/non-urgently or not needed. I'll merge this request into that request accordingly.

  • XG Fan commented  ·   ·  Flag as inappropriate

    global tamper protection status without having to manually go through each endpoint's page is a must when 1000+ endpoints and multiple admins are involved.

  • AdminJon (Admin, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

    Agreed, this would be very useful. We're working on significant improvements behind the scenes to the "device list views", so that you can for instance add a column about tamper protection to see which devices have it enabled/disabled, and optionally filter for those in one state, e.g. disabled.

    We expect this to take several months owing to the nature of the backend changes, but please bear with us!

  • Dan commented  ·   ·  Flag as inappropriate

    "Reboot to complete update" messages should put the device in warning status and not informational!

  • ganders commented  ·   ·  Flag as inappropriate

    What is the point of an application that provides tamper protection but has not way to list equipment that has that setting disabled?

  • Anonymous commented  ·   ·  Flag as inappropriate

    +1

    The incredible thing that we have to be the users that we have to "suggest" this .....

    Even a schoolboy would realize that it is necessary ....

  • Marc commented  ·   ·  Flag as inappropriate

    This is a major risk that we cannot easily identify this!! Please add this report!

  • Philip commented  ·   ·  Flag as inappropriate

    I am receiving "Reboot required" alerts in the Console from computers that are offline. The trigger appears to be the scheduled scan.

    I'm also getting "Reboot required" alerts in the Console from computers that have been deleted and are no longer reporting to the sub-estate the alerts show up in! It is obvious that these alerts are generated in the Console, from the Console and have no bearing on what's really happening on the endpoint.

    These "Reboot required" alerts also appear to easily become "stale" and continue to report a reboot is necessary even after the endpoint Events list reports that a reboot has occurred.

    The best strategy at this point for dealing with these alerts is to clear them all and see if any more are generated to separate the current ones from the old ones.

← Previous 1 3

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.