Currently, Event Reports only do 6 months of reports and gets sent via email.
I would love to generate .pfd's of all my reports but our attachment limit via email is 10MB

Could you not allow or link a URL to a Sharepoint\Dropbox\Box\AWS cloud storage share?
Sign in verify the user login then collect reports there.

We're constantly having hosts that have a status of red because Sophos is falsely reporting that "Running malware in quarantine or cleanup failure" Can we fix this or have an automated process to delete the events.db?

Scan ALL Computers from Central

would be nice to be able to see more lockdown events than 24 hours and also to be able to search/filter by date range. Also, why cant we get email alerts when lockdowns happen?

It would be convenient for admins and end users if we could see in the "Devices" page within the Sophos Central Console a column that shows if the endpoint needs to be restarted (generally for applying updates.) Furthermore have the option to be able to sort by this column.

Please provide the ability to export from the Alerts page in the the Sophos Central UI.

When a PC has the Endpoint Protection Client deployed via Sophos Cloud, if the client has issue or is out of date, there is no visual prompt on the Sophos shield icon in the notification area. You have to open the client and then click about, to see when a client last updated.

When we used to use Sophos Enterprise Console, the Sophos icon in the notification area would have a red cross overlaying the icon, notifying the user of a problem

Sophos installs a Finder Extension in Mac OS, which provides icon overlays amongst other things. This kills the icon overlays in Dropbox Smart Sync and makes that product unusable. It would be helpful (essential for many customers) for the Sophos Cloud console to let us choose not to have this extension (or to have it, but for it not to set icon overlays so that Dropbox becomes useful). We have developed a solution but it's quite a pain to deploy on Sierra, or requires MDM on High Sierra, which many customers will not have.

Sophos Central Alerts can be overwhelming. I need the ability to clear all alerts without checking on the 5000 alerts individually. I'd like to see just red alerts where Sophos could not clean up the issue. We see red alerts even when the issue has been resolved. So if it had been resolved it could change to a different color to still be able to see that there was an issue, but it doesn't need attention. Working for a school district we need to manage Sophos easily and efficiently due to time constrictions. Thank you!

Root Cause Analysis allows for a convenient re-arranging of the items in the Visualize tab, but that layout disappears when you navigate off the tab or page. Need an option on the Visualize tab to save the layout.

Provide a means to print an RCA in a presentable format. Perhaps allow to save/export that report to PDF.

Currently the only way to tell if Tamper Protection has been disabled for a device is Sophos Central is to view the Summary page of each device. My suggestion is to add a column to the existing "Servers" and "Computers" reports (under Logs & Reports -> Endpoint & Server Protection) that indicates whether or not Tamper Protection is enabled.

Batch update / scan action when selecting multiple machines/servers for Chemung NY

We need to be alerted only on important conditions. Being alerted that a laptop has missed two updates (laptops are often off for more than two days) is not helpful and, in fact, may result in the team paying less attention to Sophos alerts. We need to be able to configure this or at minimum, please change the default. Thanks,

It was usefull to get all active Customers with ALL active liences via API