Client would like an API interface that can be programmed to remove endpoints that no longer exist or can be removed from the console and database

Client would like the ability to be able to "Exempt device" in the device control event viewer when not using the "Default" sub estate

When you choose to make a "Full, Managed" package using the deployment Packager tool. The options for primary and secondary after grayed out as it assumes that the machine will soon get its policy for updating from the management server. I suggest we allow for a secondary location to be set for machines that will not be communicating with the management server for some months but will have sporadic internet access.

SEC does not list total # of licenses related to a customers instance. Instead, support has recommended we go by "managed endpoints." When purchasing additional licenses or installing to new machines, it would be nice to see exactly how many agents we have left to push out.

The ability to copy rules and exceptions between the primary and secondary location in the client firewall settings.

I have seen your article on your knowledgebase: https://www.sophos.com/en-us/support/knowledgebase/113287.aspx I was wondering, is it possible to give the ability to switch the Sophos web control balloons off?

Request from John Veldhuis: I want the built-in CRT to be able to detect the presence of the thin agent, and remove it.

Allow the Mac CreateOnAccessPreconfig tool to build standalone mac packages with Web Protection disabled. Useful for large universities, for example, that distribute unmanaged mac packages. (Customer request).

Download Reputation prompts users if a low reputation file is downloaded, currently available for Standalone installations only