Currently, when the Windows 10 Soft-Disconnect feature is enabled, the presence of RMS prevents Windows from switching from the Wireless adapter to the Wired. This is because RMS keeps sessions to the Console server open indefinitely, and Soft-Disconnect is waiting for all open connections to be closed before making the transition.

This request is to change RMS such that it supports Windows 10 Soft-Disconnect.

It will be very helpful to be able to use the %AppData% variable when creating on-access scanning exclusions in Enterprise Console.

Could we please request that the ability to exclude environment variables be added to the Enterprise Console?

I think that having AutoUpdate set for an hour could be very noisy and we had an incident last Monday where there were a bunch of processes triggered by automatic updates. Is there a way to increase this to once or twice, maybe 3 times a day instead of every hour?

Upon the installation of Sophos Mobile, there is a point where you are asked if you want to turn ON location and the choice is either “Never” or “Always”. This should NOT be
an option, when it comes to corporate own products, it should be “Always” by default on a Cell phone. Can your development please update the app or generate another installation with that setting enabled by default and grayed out.

Can you please add a desktop policy, this is critical in getting this product implemented with users that have multiple roles.

Reduce the amount of error "abstraction" in the SEC so as to provide useful information to aid diagnosis. Simply seeing errors such as "The installation failed" is completely useless, as it masks numerous other causes of issues that would otherwise be very easy to remediate. The actual error message that occurred, e.g. MSI error message should instead be passed upstream to the SEC.

Certain Web Collaboration companies use a launching process that includes a random launching process executable that changes with every click on the link to enter the meeting. Adding the launching process to a firewall policy will not allow access as the next time the user tries to enter the meeting, the process has changed the random part of the launching process executable and it will still be blocked. Being able to add a hidden launching process with a wildcard would alleviate this issue.

Option to enable an auto full disk scan when a machine is first discovered in SEC. This would mean any machine which is being deployed via Group Policy would be automatic scanned when its first joined. Instead of waiting for the first scheduled scan time - it could be infected until this point.

Ability to view in details wich part of a policy have been modified from users, evaluate the exceptions added by endpoints, so accept in order to integrate the centrally managed policy, or deny them.

Currently, we block all removable storage unless permitted by exemption. We would like to turn on device control for MTP/PTP but we cannot do so in the same policy unless we block it the same way as our removable storage. Please make Device Control more granular so that I can choose to block certain device types entirely, while still enabling me to detect but NOT block others (such as MTP/PTP). I want to be able to detect MTP/PTP for a few weeks to see what devices are being used before I block them.

Would like the policy applied to the Parent OU be applied to the Child OU.. It reduces management task and time drastically, if we need to change any policy on company level this feature will help a lot.

Please implement more granular control over when Sophos emails for virus detection/cleanup. We would like to receive notifications for when Sophos is unable to clean up a virus on our fleet of devices (rather than being notified every time a virus is detected and/or cleaned up).

Please make the option available to configure the first and second updateserver free in SEC maged Endpoints.

At the moment i cant enter the Sophos Udateservers as the primary server/primary Updatelocation.

This would be Helpfull in case the headquarter has only limited upload bandwith and brachoffices get their updates from headquarter.

ability to enter office 365 email server credentials in SEC

currently you can only enter internally hosted server credentials, it would be beneficial to those using cloud based email solutions to have the option to put in those credentials in the policies pane within SEC.

require import / export options in web control
coz i have list 1000 websites need to block .

Please give us an option to route the SXL-Traffic through a web proxy which is set by group policy.

Please log blocked websites that were blocked via web control to the sav.txt log. While this info is in the agent log file, it's not enduser friendly.