Please make the admin notifications subject editable.

Some service-systems can't handle the square brackets at the notification header.
Customization for the design of this header would be helpfull in those cases.

(btw. it would definitely help already, if there would be just one dropdown field, where you can change the square brackets into a normal bracket, a pipe or a simple slash).

Thanks
Felix

The notification from IPS about web browser - MS Edge iare not carried similar to IE or FireFox.

This cause tousand of @ from IPS. Normally I can disable such category on Notification Tab, but for exapmle RIG Exploit Kit (Network Trojan) also shares the same category (CRIT-852), which about it I prefer to have awareness.

CRIT-852] Intrusion Prevention Alert (Packet dropped)
Message........: BROWSER-IE Microsoft Edge SIMD memory corruption attempt
Message........: BROWSER-IE Microsoft Edge Array.concat type confusion attempt

When logging on an UTM via SUM, the Web Admin Login Event info-005 is not triggered and there is no mail.

Reflexion should have a more robust notification system. For instance, if an incoming message is deferred for more than x minutes I should be notified. or if x number of incoming messages are deferred I should be able to send a notification. The list goes on.

The fact Reflexion is an important part of my client's ecosystem and isn't able to provide important data is very problematic.

email notification if user has reached or downloaded more than 500 MB for instance . so the admin will know that someone is downloading more than their daily usual data.

WARN-129, among others, is not available in the notifications section.

To keep the list short, a custom text form or dropdown would be nice:
Simply enter or select the unlisted ID you want to configure for notifications and add it to the list of common IDs.

setup a report that can email a user when they have used a percentage of there network traffic quota. Example: "You have used 50% of your Monthly Data Allowance"

For our users it will be comfortable to have the Sophos Sandstorm messages during file download analysis in german.

There is no Monitor/Notification which would send information for harddisks going to fail in a few days/week. Maybe using S.M.A.R.T.?

And there ist no notification about failed single disks, only in RAID like "CRIT-060 Raid degraded: harddisk replacement needed".

Please add a notification for single disks (without RAID) in case of failure or a few days earlier.
Thank you.

The Avira Scanner died on the Customer's UTM for the 2nd time.

It then fixed itself a week after.

Customer did not receive any notification to say that only 50% of his AV scanning was functional (dual scanning turned on).
Dashboard was showing a green tick next to antivirus.
The only reason why customer noticed the issue was because they had issues with other module and they were going through the logs via backend.

The alerts from the Reflexion state that it cannot connect to the client server need a follow up email stating that it has re-established the connection to the server. If gives us warnings and leaves us hanging and we have to manually check on it. An email stating that it has reconnected and spooled email is being released would save a lot of work especially after business hours.

The SUM server often sends an email notification on behalf of a managed UTM with the subject: [INFO-913] Global resource level limit exceeded, but doesn't say what limit has been exceeded. It's necessary to logon on to the UTM and check through the logs to determine what caused the alert. It would be good if the notification from the SUM contained some additional information to save time on identifying the cause.
Thanks.

The description of the intrusion doesn't match the list of attack pattern group names.

mail notification, when some zip file is coming

i need some mail notification when i get some blocked email file for example with a zip file, so it should be sent a email when a email with a attach of zip is coming, because zip files should be blocked on the sophos firewall

We would like to see an email alert when connectivity is restored after an Internet or power outage. Currently we get an email when SMTP configuration status check fails, but not one for when it is restored and spooled email is being released.

Hello,

at the Moment the notification is only send if the threatlevel is not ok. Would be great, if there would be a possibillity to send a notification, if one of the measured values would be changed and not just the threatlevel.

So for example the SUM should send a notification, if the drops of packets is getting high.

Best regards

If the sender send me an e-mail with a forbidden file extension he gets the following notification:
"Betreff: Message delivery incomplete

Your message to the following recipients was quarantined:

<xyz@web.de>, quarantine reason: File Extension (zip)

Please contact your IT administrator for further assistance."

The idea would be change this text of the alert.

Implement the ability to create multiple E-Mail recipience for various UTM Notifications

Depending on Roles it would be greate to create different Notifiction selections.

Roles:
Support Ticketing: System relevant Notifications
IT Administrator: Everything
SuperUser from Company: Just Warnings and Critical Notifications

The alert description column in Sophos Central is extremely truncated. Add the ability to Expand the columns to read the entire desc.