With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.

Allow us to block Google Quic protocol on Endpoint level since we can do it from the Firewall. This would allow us to block it from the agent instead of having to manually disable it on Chrome or setup a Windows Firewall rule to block 443 or 80 on UDP.

Please give an update for the upcoming Surface Pro X
The upcoming Surface Pro X that will run on an ARM processor will not be supported by Endpoint (I do apologize for the earlier confusion).

The issue is with ARM processor and how it emulates 64 bit applications. Particularly, applications that originally were coded for 32 bit applications like Endpoint.

Having now IPS on Endpoint, means that behind an XG FW with its own IPS activated there's a certain overlap (double check) of certain IPS patterns.
Proposal: use the heartbeat (synch security) to check whether or not the endpoint is sitting behind an XG FW with IPS enabled. If so, the endpoint doesn't have to check them again and can save some resources.

There is no way to run a report or search for any devices that have had tamper protection disabled and it has not been re-enabled.

Block incoming and outgoing file transfer using anydesk application during remote session.

Almost all central or cloud consoles for competing AV products have the ability to remotely remove/uninstall agents from a workstation. There are command line functions that can be used directly from a workstation to do this and you can reinstall the product if already partially installed, so it would seem like a VERY simple change to implement an uninstall function.

On Sophos Central, just like on the server protection which Sophos agent able to see what applications are installed on the servers. On the endpoints should also has this inventory of application features. This will help to see what applications are suspicious and looking for unpatch applications.

This function is helfull to remove quicly solved alert notification by accesing in admin panel. In some cases, always having to login to the console to reset the alerts is very time consuming.

With Microsoft forcing LDAP binding on SSL (Port 636) in second half of 2020 (https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023#ID0EUGAC) Sophos Enterprise Console needs support for it. According to Sophos devs the current SEC does not support LDAPS.

allow AD sync to import Computer Groups
This would make policies based on Computer Group membership much more useful and easier to maintain in an enterprise environment.

We all know patch is very important in security. It would be very helpful for us if there is a patch assessment (like on the on-premise SEC) on Sophos Central Advanced.

It should also categorized reports based on its criticality, Critical, High, Medium, or Low like the patch assement on SEC.

Scan Now option is there but Stop Scan is not. it should be there it's basic feature of Endpoint

Out many clients are asking for that feature.

On Device Control MTP/PTP devices, we should able to block only mobile devices but not the camera devices. these devices should be separated.

Could we have the ability back to apply web control policy by device instead of only by user? This was a feature in our previous version, and we use it to add protection for laptops. Some laptop users also use other devices so we don't want to apply policy by user, and some laptops are shared so we don't want it to be unprotected if someone else logs in. We prefer to avoid doubling up on protection for devices behind company firewalls.

We would like to create a dlp rule using a new extension to block or allow, but in this moment we can select only from a Sophos List. It's not possible to add or import new extension.

Would be helpful to all the users of Central Admins, if they can send a alert to the users for whom any action to be done or if any policy violation has been done. This can enabled realtime monitoring and alerting of users.

we need to block of files sharing from Microsoft teams from sophos using Sophos policies? How to do that?

Need to be able to choose or enter specific email recipients on scheduled reports...
As it is now, only the Super admin who created the report receives the report. We need to be able to set up scheduled reports to be sent to people that are not super admin such as CIO, CEO, CFO, President, Head's of organization, etc....