Implement passive forced Client-restart
We noticed that Sophos Endpoint Protection lacks the function of automatic monitoring of the restart status of clients, combined with a configurable automatic forced restart request on the user's client. The only way as a company to trigger this through Sophos Endpoint is actually via Live Response (Beta), but not automatically and by active monitoring beforehand.
The problem we are observing is that serious security gaps arise in companies because employees do not regularly restart clients and thus the rollout of security updates is delayed (e.g. Windows updates). By implementing a monitoring of the restart status of clients, this circumstance could be monitored and should be linked to the function that the Sophos endpoint software automatically issues a request to the user after detection of this circumstance to restart the device due to security concerns. Ideally, it should only be possible to postpone this request to a limited time.
This is a function that would offer companies a significant added security value in Endpoint segment. Since some remote management solutions from other manufacturers (e.g. Barracuda) already offer this feature, this implementation would be a further step in establishing Sophos as a holistic security provider.
After consultation with our distributor, this feature was not only requested by us, but also by a large number of his customers for a long time. There seems to be an obvious need for such a feature in the market.