This function is helfull to remove quicly solved alert notification by accesing in admin panel. In some cases, always having to login to the console to reset the alerts is very time consuming.

Scan Now option is there but Stop Scan is not. it should be there it's basic feature of Endpoint

Out many clients are asking for that feature.

We would like the ability to separate different threat types (PUA, Malware, Adware, etc.) and then be able to select an action to take on these individually (Remove, Quarantine, email alert, etc.) As of right now there is no way to treat any of these differently or define how to mitigate the risk.

When adding files, websites and applications from scanning for threats,
it would be great to have another field or 2 so that the Sophos admin can enter when exclusions are being added and a description for the reason why (i.e. internal helpdesk ticketnumber)

Almost all central or cloud consoles for competing AV products have the ability to remotely remove/uninstall agents from a workstation. There are command line functions that can be used directly from a workstation to do this and you can reinstall the product if already partially installed, so it would seem like a VERY simple change to implement an uninstall function.

For organizations with regional IT teams, it would be helpful if email alerts could be configured beyond just severity, product and category. For example, it would be useful if email alerts could be sent for events pertaining to a specific group or groups of computers. It would allow IT teams to only receive alerts for machines that they are responsible for. Alternatively, regex or string matching criteria would be super useful (more flexibility).

Thank you for your consideration,

Albert

In central console, Display private and public IP address both so that administrator can understand where endpoint client is.

What about Automatic Exclusion / full support for Exchange 2019 ?
-it's (GA) been out for over a year..

ETA ?

The features of this platform include the access to live channels such as CNN or HLN. View CNN original series, award-winning CNN films and Original digital shows. You can preview on-demand events for 10 minutes every day. Sign in with the cable or satellite provider for unrestricted access. In case of inquiries, you can ping the toll-free number of the customer support team on +1-844-695-1520.For more details viist us @ https://www.go-roku-connectivity.com/cnn-it-roku/

Generate a report of all peripheral exemptions that have been made.

We're constantly having hosts that have a status of red because Sophos is falsely reporting that "Running malware in quarantine or cleanup failure" Can we fix this or have an automated process to delete the events.db?

Currently, when enabling the setting to require MFA for all admins, it breaks the AD Sync tool. The only way around this is to manually add Admins to the list required to use MFA. This is a potential security issue as it is easy to forget to do this. I would like to see a feature added where MFA can be set to required for all admins, but the ability to add an exception for instances such as the account used for AD Sync. Thanks

Put a PAUSE button on the Central Endpoint scans! When it is scanning it makes using the computer next to impossible with high resource usage. All applications are slow to respond, if at all. Sometimes need to use the computer during a scheduled scan--no choice now but to Cancel the scan. Unfortunately Sophos has not provided an option to rescue his work. All other antivirus and anti-malware software have PAUSE buttons. Why not Sophos? Sophos theme is security made simple. So pls do not complicate. Need a button pls.

Could we have each system's anti-tamper status added to the Computer report? I believe there is a compromise solution looking at events for SEC customers but that is not an option for Central.

There is an existing install parameter "--devicegroup=<Central group>" to automatically add a new device to a specified group in Sophos Central. I would like to propose a "--usergroup=<Central group>" parameter to do the same for any new user added as part of the install, which can be used in tandem with the devicegroup parameter.

This would be useful for managing client-specific, user-based policies (such as Web Control) without having to manually add new users to a policy or group or make client-specific changes to a global policy that would affect all clients.

It would be very convenient if administrator has the option to add a note to device for reference purpose.

Please allow users to specify a custom report range for the excellent Hero report.

Need to be able to see the protected servers with a list that shows more details. Agent Version, Component Versons. Customize Lists.

Need to add a report to produce a detailed server list and installed component versions.
THIS IS AN AUDITING REQUIREMENT - KPMG!

Thanks.