Add Vivaldi browser as support browser for web control

It would be nice for Sophos to have an offline installation. A number of remote sites in my case have very poor internet connectivity and having the installation files download during the installation process is tedious and unsuccessful in some cases.

When there is problem with Endpoint, and reinstall is needed, after uninstall, there is lot of registry keys, and files left on the system. On some cases, i have to grab 3rd party tool to remove registry keys. It would be really helpful for us (aspecially in large enviroments), to have complete uninstaller. Something, that get rid of everything, all files, all registry keys, so i can do clean installation.
Thanks in advance for your feedback.

Add user-based policy in Sophos Enterprise Console to block and allow USB access.

Flag a stolen or lost device in Sophos Endpoint.

Device can be locked down, possibly remote wiped or operation system disabled.

Notification sent to Sophos Central Admin when device reports in on internet connection.

Would like to see user based web control on the Server Protection. Useful if your running session-based hosts for remote desktops.

To be able to make the Hero Report schedule-able and have the ability to send to email

Sophos Technical Support have confirmed that it is expected behaviour for the Endpoint Events log to display an incomplete list, as compared to that available in Sophos Central Admin console reports by Device.

For instance, it appears that ‘Application [X] was blocked by an endpoint firewall’ does not display in the endpoint client events. Nor does 'Update succeeded', or 'Real time protection disabled/re-enabled', etc.

However Sophos Technical Support cannot confirm what events are not shown to the user via the Endpoint Events log, and could only recommend creating a feature request for creation of a knowledge base article to explain.

Every time Exploit Prevention has an update, each computer ends up in the "Computers with Errors" field, because it needs a reboot. You can't acknowledge them to remove them from that list, and they won't be removed until they reboot. We try not to reboot our users computers unless we have a scheduled maintenance.
It would be nice if there was a distinction between an Error and a "reboot needed"

I check that report to see when computers are legitimately having problems, so when every computer appears in that list after an update, it kind of defeats the purpose.

Sophos is applying defitiion updates during the day and for some reason this is impacting our production workloads. It would be great to have the ability to schedule this, or define windows for acceptable update times.

When you go to override the Sophos Central Policy for 4 hours to troubleshoot you have the option to toggle all the various options off. The problem is that you can't toggle them back on (and it was confirmed by Sophos support that they don't support this yet). It seems to me it would be a better idea to turn each of those on and off (actually use them as a toggle especially since they look like a toggle and appear to act as a toggle).

We would like to use SCCM for upgrading (and potentially downgrading) the endpoint protection client. This is currently not possible and supported by Sophos since an upgraded agent will immediately downgrade to the version specified in the software subscription when connected to the Enterprise Console.

It would be helpful to be able to specify the length of time or the maximum size of logs stored on endpoints, so that we can plan for storage requirements, rather than them growing indefinitely.

Add Custom Applications:

Create a "Custom List" where specific exe's can be created and added to the blocked list when required. Ones of interest for us are;

SPDESIGN.exe
INFOPATH.exe

Currently Teams is not includes as a destination in the Data Control Policy for the on-premise Enterprise Console. Only Skype for Business - Teams is the official successor to skype for business !!

It is important to ensure that unwanted files can not be distributed across teams

Installation on Thousands of Mac's is practically impossible with an app installer. Why would you not give a .dmg install pachage that could be sent out via MDM solutions such as JAMF Casper or others? We can not rely on thousands of end user, in our case students from grade 5-12th to run through an install package. If we had known this beforehand, Sophos would not have been considered...

There is an existing install parameter "--devicegroup=<Central group>" to automatically add a new *device* to a specified group in Sophos Central. I would like to propose a "--usergroup=<Central group>" parameter to do the same for any new *user* added as part of the install, which can be used in tandem with the devicegroup parameter.

This would be useful for managing client-specific, user-based policies (such as Web Control) without having to manually add new users to a policy or group or make client-specific changes to a *global* policy that would affect *all* clients.

https://www.123-hpcom.xyz/ website helps you set up and troubleshoot your HP printer that supports MacOS. I am sure this will help the HP Printer users in many ways. We provide support technically for any HP printer that you use. Our consumer care team has been working round the clock only for delivering the needs of our customers.

If you have large amount of Threat same cases from a single user or device you can not delete more 25 item at a time. Currently I have 7000 from a single computer with the same message and Sophos has not provided tools to delete more than 25 at a time. It will take few days for me to delete all.

Not good enough Sophos.