Manual Alert Acknowledgement
I would like to suggest the idea of providing a check box / option that forces manual acknowledgement of alerts. We are a financial organization, and have very strict security policies surrounding our systems. One of these policies involves have any PC that has a malicious detection pulled from the network and fully scanned with multiple utilities to ensure no trace of the threat is present.
Here is where the suggestion comes in. With Sophos, if it detects the initial threat and cleans it, it automatically clears the alert from the Console. We (InfoSec) receive an e-mail alert, and a ticket is created with our Help Desk via e-mail for scanning. We want to force manual acknowledgement of alerts to ensure the process is being followed in regards to our security policy. This would be the "final step", and would involve the tech going into the Console at the end to acknowledge the alert as "Resolved". This would not have to impact automatic cleaning, and the alert could list itself as "Cleaned - Recommend Resolving" or something like that.
I feel this would be a simple feature to add. While this is not a common use case, it adds a layer of granularity to the control we have over our Sophos product that we feel is lacking throughout the overall package. Little things like this that give control back to the user (especially advanced users) goes a long way for some of us. Thanks for your time!
No plans to implement at this time.