With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.

Allow us to block Google Quic protocol on Endpoint level since we can do it from the Firewall. This would allow us to block it from the agent instead of having to manually disable it on Chrome or setup a Windows Firewall rule to block 443 or 80 on UDP.

Please give an update for the upcoming Surface Pro X
The upcoming Surface Pro X that will run on an ARM processor will not be supported by Endpoint (I do apologize for the earlier confusion).

The issue is with ARM processor and how it emulates 64 bit applications. Particularly, applications that originally were coded for 32 bit applications like Endpoint.

There is no way to run a report or search for any devices that have had tamper protection disabled and it has not been re-enabled.

This function is helfull to remove quicly solved alert notification by accesing in admin panel. In some cases, always having to login to the console to reset the alerts is very time consuming.

allow AD sync to import Computer Groups
This would make policies based on Computer Group membership much more useful and easier to maintain in an enterprise environment.

After renaming PC that installed Sophos Endpoint, the device name in Sophos Central Admin portal is not updated. How can I solve this issue?

Need to be able to choose or enter specific email recipients on scheduled reports...
As it is now, only the Super admin who created the report receives the report. We need to be able to set up scheduled reports to be sent to people that are not super admin such as CIO, CEO, CFO, President, Head's of organization, etc....

We would like to have a button under Mail queue search where we would be able to re-send the emails but also to transfer these emails to another appliance from the Cluster in case one of the appliance is blacklisted or for load balance.

A universal search bar on every page of Sophos Central similar to AWS would make navigation so much easier. Being able to search for a server name, policy name, group name or specific sections in Sophos Central instead of navigating individually through 4 -10 screeens.

For organizations with regional IT teams, it would be helpful if email alerts could be configured beyond just severity, product and category. For example, it would be useful if email alerts could be sent for events pertaining to a specific group or groups of computers. It would allow IT teams to only receive alerts for machines that they are responsible for. Alternatively, regex or string matching criteria would be super useful (more flexibility).

Thank you for your consideration,

Albert

Add this application to your list of applications your regular check to block. This is an intrusive application that scans your outlook and exports contacts, signatures, to a company called "ZoomInfo" where it is then sold to sales reps for lead generation. Many users aren't even aware this is installed on their machines and it's a user install, making it easy users to install it without understanding what it does.

Apparently uncommon (to sophos) applications need to be resubmitted to be blocked each time there is an update to the application. There should be other methods to block the application other than SHA, whether it's source of install, name, etc. It is not ideal to be keeping tabs on an application for updates when you dont want it in your environment.

Central Endpoint: Can define which USB ID as full ID name because currently show same model and Vendor, can't define which USB when client detected

We would like the ability to separate different threat types (PUA, Malware, Adware, etc.) and then be able to select an action to take on these individually (Remove, Quarantine, email alert, etc.) As of right now there is no way to treat any of these differently or define how to mitigate the risk.

When there is problem with Endpoint, and reinstall is needed, after uninstall, there is lot of registry keys, and files left on the system. On some cases, i have to grab 3rd party tool to remove registry keys. It would be really helpful for us (aspecially in large enviroments), to have complete uninstaller. Something, that get rid of everything, all files, all registry keys, so i can do clean installation.
Thanks in advance for your feedback.

As well as getting an email for alerts within our organisation it would be useful to be able to configure text alerts to go to the people who nvestigate as emails get missed. You can subscribe to general alerts via SMS but not specific ones for enepoint or server alerts within central.

Allow Web Control to apply Per Device instead of current Per User. This would be helpful in an office where staff roam PC to PC but the computer should have restricted website access.

When adding files, websites and applications from scanning for threats,
it would be great to have another field or 2 so that the Sophos admin can enter when exclusions are being added and a description for the reason why (i.e. internal helpdesk ticketnumber)