Plans for access to protection policies?

Hi,

I'm sorry but I am not sure what you are requesting here. Are you asking for an API path where you give a TenantID and get back all the policies that have been created in that tenant with a list of machines it is assigned to?

Right now, you can pull out the policy information on a per machine basis with the paths in the Endpoint API. Is that the information you are looking for?

Hi,

I'm sorry but I am not sure what you are requesting here. Are you asking for an API path where you give a TenantID and get back all the policies that have been created in that tenant with a list of machines it is assigned to?

Right now, you can pull out the policy information on a per machine basis with the paths in the Endpoint API. Is that the information you are looking for?

I am looking more for endpoints that can detail settings in the various protection policies stored in the official Central Dashboard.

An example of the data I'm looking to get is the scheduled regular scan date per Endpoint Protection and Server Protection policy.
I'd also like to be able to retrieve data on the various settings toggles for specific policies

Something like... "Does policy A and B but not Policy C have Deep Learning enabled?" or
"Are there any policies that would be considered not configured properly?" via semi-regularly scraping the policy data and comparing it to known defaults.

The current endpoint APIs do a really good job with the broad strokes, but some of the reporting I'd like to do requires details that as far as I can tell are not yet available from the current API.

Bumping this since its been almost two weeks since I responded.

Hi Trevor, 

Unfortunately policy retrieval is not currently possible in our Central API. I am not sure on an ETA for it in the future either. 

Thank you for the update.

If its possible to pass it to the relevant folks, some sort of read-only reporting on stuff like policies would be a "nice to have" feature. In the meantime I'll mark the above as the verified answer.

It is my pleasure. 

Do you mind submitting a feature request at our link here with this idea? https://www.sophos.com/support/feature-requests.aspx

Cheers. 

I have brought this to the attention of the Product Manager

Thank you. Would it also make sense for me to file this as a feature request at the link gave?

yes, that is the official channel.

https://ideas.sophos.com/forums/428821-sophos-central/suggestions/42268777-read-only-api-endpoint-for-policy-data

Above is the feature request I entered this afternoon. Hopefully it will help get some traction on the idea.

--T

Hello Trevor and Skylar,  I can shed some light on our plans for policy based APIs.  If I were to classify the requests here, it looks like we have two requests.

1. Policy management APIs for tenants
2. Reporting of Policies for rapid insights and response

At current, we do not have plans for reporting API, however recognize this functionality is important to our customer base and are actively discussing what a full suite of reporting APIs and functionality would look like, and where it would fall on our backlog.

Now, for some good new! We are currently in active development on a full set of policy management APIs at the tenant level, which are currently due to release early in the first quarter of the 2021 calendar year.  This will include functionality for policy retrieval and management across:

• Endpoint enumeration
• Application control
• DLP
• Windows Endpoint firewall management
• Peripheral control
• Threat protection
• Update management
• Web control
• Server Lockdown
• File integrity monitoring

Initial release will cover the ability to:

• Retrieve all policies for a given Tenant
• Retrieve a single policy for a given Tenant
• Update policy order priority
• Update an existing policy