Endpoint added in multiple groups, so in case will apply update management policy don't use caches for the endpoints, those are already a part of different group or groups for protection, web and application control policy.

I am looking for a policy that will go over the programs running on a server and provide alerts if there seems to be a rogue process that is being started. I thought the whole AI thing that Sophos was known for would do analytics on the servers/endpoints to alert if something seemed not normal.

Receiving an email alert when a new item is added into the Threat Analysis Center would be a great benefit.

We need more control over the user roles. Should allow super admins to have full control over the Roles, and pick and choose what the "admin", "helpdesk", etc... roles have access to. For example, we don't want anyone but super admins, to have access to "Account Settings", but there is no way to disable that for the specific roles...

Installation on Thousands of Mac's is practically impossible with an app installer. Why would you not give a .dmg install pachage that could be sent out via MDM solutions such as JAMF Casper or others? We can not rely on thousands of end user, in our case students from grade 5-12th to run through an install package. If we had known this beforehand, Sophos would not have been considered...

A simple feature provided by other leading vendors is the ability to cancel a long-running manual scan. This is a basic User Interface feature. The alternative is for the user to reboot which is very counterproductive. It could be controlled via a policy if that is not desired by all customers.

Hello Team,

I have a customer that have suggested that Sophos be compatible with Airwhatch .

Any ideas if that can happened in the future?

Although I've disabled Desktop Messaging across the board in Sophos Central, endpoint users are still getting "No threats found" notifications.

Sophos support has confirmed that there's no way to disable that message without editing the endpoint computer's registry to completely disable balloon notifications.

Please add the ability to easily disable the "No threats found" message, as well as any other messages that aren't covered by Desktop Messaging.

Please add also cyrillic symbols into DLP engine in EPP.
It's a very important feature for CIS countries' customers.

In Enterprise Console when creating the groups, can we have checkbox style to remove sub OUs from Monitoring.
We have few OUs which are Linux Servers and wanted to exclude them from the Top Level OU.

In the hopes of speeding up response time from the console would it be possible to lower the number of machines listed when DEVICE is chosen from the OVERVIEW menu?

With Sophos for Mac the annoying problem of Red Alarms in case of shut down clients (missing heartbeats) should urgently be solved. This can turn out critical if self isolation or isolation via firewall of clients is activated.
A regular software shutdown must be registered by Sophos an sent to the Firewall/Central observation instance.
Oterwise hundreds of alerts flood the Central platform an have to be sorted out by administrator.
A regular shutdown is no cause for a red alert. If alerts for some reason would be necessary to inform the administrator, a yellow status is sufficient, avooding self isolation.

Endpoints send email alerts only through email server which accept emails without authentication. Such an "open relay" is a "no go". Sophos claims to be an "Gartner Endpoint Leader" in todays newsletter...

But what about the simple security things?

Im waiting for that function now for more then 10 years!

Ability to block certain file types running from a USB device like .bat or .exe files.

For now, EDR's feature Threat Search only covers a specific sub-estate (For and Enterprise Dashboard) where a device of reference for a detection is a member of. Manually, the admin has to copy the artefact (SHA or filename) and threat search it to other sub-estates. It will be helpful to cover all sub-estates in the future for threat searches for easier administration and investigation.