this is testing

The idea is to use wildcards or folder base exclusion to prevent subprocesses from Hitman monitoring. For example if "make" starts many of gcc tasks or any other part of the toolchain. It would be nice to exclude the hole toolchain.

There is a information about Sophos Central dashboard page status.
https://centralstatus.sophos.com/

It is better to show Sophos Server/Endpoint's product server's status page like Central Dashboard does.
Is it possible to add or create a page like this?

So that customer can identify if their endpoint/server page has problem or not.

With the advent of the Surface Pro X, there is becoming a push for more 2-in-1 devices to work on ARM technology (as is found in most cell phones and tablets) to run full Windows OS's. However, there is no support for Endpoint Protection (Cloud or On-Prem) for these types of devices. I would like to see an Endpoint Protection package (Anti-virus, firewall, application control, etc.) that will support ARM processors.

We really need the ability to remove computers in bulk. Every time we recompose virtual machines it creates a new computer object and leaves behind a duplicate computer name.

It would be very beneficial to be able to run a report on all devices that have tamper protection on/off.

In the reporting section

https://cloud.sophos.com/manage/reports/protection/peripherals/create/blocked

Can the Date column be sortable (ascending/descending)

Whilst it is possible to export to CSV and sort manually, this takes focus away from the product pane of glass and doesn't aid function

If possible, it would be nice to be able to also "drill into" a blocked device and allow from this pane also.

Update Sophos to allow for SQL automatic exclusions for Windows Server 2019
All previous versions of Windows Server software allowed for automatic exclusions.

Generate report from Sophos Central console to get the current version of every endpoint for Sophos components (CoreAgent, Endpoint Advanced & Sophos Intercept X)

Allow the endpoint system to monitor inbound ips / ports and allow policy base blocking based on malicious scanning for example nmap discovery.

With the recent legalization in places of marijuana/cannabis, can we separate sites marked as that from the Illegal Drug category for Web Control.

For organizations that have scanners looking for known vulnerabilities and unpatched systems, we need the ability to whitelist our scanners. Currently, Sophos only allows exclusions of an IP address combined with a port number.
As such, when my scanner starts looking for the next threat and uses a new port, my users get blasted with a notification that they don't need to be concerned with.

Hello,

We would like our users to receive a visual notification when an update to Sophos Endpoint requires a restart of their computer. For example, a small pop-up in the bottom right-hand corner of the user's screen. We would like this notification to remain on-screen until the user performs the restart, or manually dismisses the notification. The reason being, we have many devices that go days or even weeks without being restarted after an update is installed, as the user is unaware that a restart is required.

Add the Serial Number field to the device report and exported list. Usually the serial number is the only common denominator when running an audit.

Right now my audit process is quite time consuming because I can't pull a device report with serial number.

The Computer Report is quite useless without the serial numbers.

It's kind of ridiculous that I can't create a custom report and pull the fields I require.

Need to Block Remote Support Application such as TeamViewer & Any desk File Transfer ability to prevent Data Leakage via them.

If the File Integrity Monitoring (FIM) logs aren't going to be centralized in the administrative console, enhance the existing endpoint FIM logging to the Windows Event Viewer by populating the FIM event details (file name, location, action) in the General tab of the event (instead of only in the Details view). Also, create useful Event IDs, Event Sources, and Task Categories to allow for filtering locally and advanced parsing by SIEM solutions.

We'd like the ability to confirm a medium/unhealthy status of a device and not have it populate within the dashboard. (IE: We have a spare laptop, we know that it is not online, but has Sophos installed)