For the Cloud portal for Partners it would be great to be able to make global exceptions for all of our clients. Thinks like Labtech and Kaseya drop a lot of files that Sophos detects as PUA's (produkey/nircmd/psexec) that have to be re-mediated client by client event though they are all in the same directory. I'm thinking that in the area where you have tabs for account detail and alerting now there could be a global exceptions tab to push to the clients or a selected group of clients.

On the Sophos Cloud Dashboard, allow to disable the popup alert detections so that the detection information is displayed only on the Dashboard console.
This same feature is already available on the SEC (On-Premise endpoint console) but not on the Cloud dashboard.

On the Application Control, allow, on the same policy, to block some applications while keeping others as detect only.

Ability to add websites to internet browser based list of applications in DLP.
To allow access to the site but restrict file transfers on the site

Be able to delete compressed files that have infected files in them. Either as a default setting or as a option in the enterprise console. Many of the virus/adware that can not be cleaned are inside compressed files. In almost all cases deleting the compressed file is the preferred solution..

Sophos Product Information

Sophos Product: Endpoint

Version in Production: 10.3

Feature Request Summary

Verification on content rules.

Case reference - http://sophtrac/Default.aspx?caseid=4653988

How will this new feature address your business requirements?:

Better able to track user actions in incident and investigation scenarios

How would you rate the importance of this feature?; 2

When working in large environments with several sub-estates it would very useful having a separate policy for the alerting via E-Mail or SNMP

Typically components of the AV+HIPS policy (e.g. Exclusions) can be reused in the sub-estates but in scenarios where have to alert different groups of administrators it would improve the usability when we could provide a separate alerting policies.

So we would have a much smaller count of AV+HIPS policies and only one alerting policy per sub-estate.

Client wants that as an administrator, they are receiving the Alert email for Out -of-Date Computers Or with other Alerts setting email but this email doesn't contain the list of related endpoints and their description, which Admin wants to quickly look from the email rather than go and jump to console.

Allow the option to select where SAV can be installed on an endpoint and allow the option to select where the components for SAV can be installed to.

Client deploying the web control policy through Enterprise console but web control policy defined in UTM.
Currently, The EP only supports 2 templates: block and warn.
However the UTM supports 3 actions: block, warn & admin override.

Currently the warn page template for Endpoint is used for admin override, so the block & warn actions need to share the same template.
Client wants endpoint must support at least 3 actions as well .

Large UK customer has a requirement for Anti Tamper client side Firewall

Microsoft has a set of exclusions that it recommends for AD. As a starting point from which users could add/remove further exclusions, how about a template of exclusions to import into Sophos for Domain Controllers.

If the situation of cidsync.upd being empty re-occurs, Software would automatically correct the problem.

Also, if CID won't get updated, there should be an alert/Notification

Can we add an option to exclude a registry key from on access scanning?
Customer is using a third party software and its vendor recommended this.

Feature on SEC to view and monitor scanning on endpoints. Viewing on Computer Details when the last scan occurred (or started).

Server 2012 Windows event error:

The Interactive Services Detection service terminated with the following error: %%1

Possible to change the way our programs function with Server 2012 and future versions to no longer cause this error

http://blogs.technet.com/b/homeiswhereilaymyhead/archive/2012/10/09/windows-8-interactive-services-detection-error-1-incorrect-function.aspx