Hi,

I would really like the ability to multi select emails in quarantine manager to either Release or Release and Allow.

Hi,

It has been suggested a good way to deal with frequently released emails would be to either grey or white list them automatically. Perhaps this could be considered unless it is a feature that just needs to be enabled somewhere.

Currently it is not possible to disable specific bands. We would like to disable the (legacy) 802.11b band for example, as it is limiting both performance and preventing clients to hop over to another accesspoint.

Hello Sophos Team,

It would be a great help if we have search button on alerts page that helps us search with hostname/ip address and mark the issue as resolved for that searched hostname(once we rectify the issue at our end).

Thanks
Loveleen
IT Infra Lead
ColumbiaIndiaHospitals

More detail within the reporting sections. For Example: Under the Data Loss Prevention Policy Violations, I currently see the User/Server, # of blocks, and which DLP rule was violated. But I would like to be able to see additional details like the filename, location, which attempt was blocked (i.e. Storage Transfer, Web Transfer, etc).

Add more dynamic reporting options. I would like to be able to build better reports. If there are is a dynamic dashboard that we can create that we can then build a report from, that would be fine too.

Add Application allow (whitelist) feature from within threat case as opposed to going to the Events and clicking on details.

Add feature to be able to save/retrieve quarantined/cleaned up files for further analysis both under the device and the threat case.

Hi,

Currenlty, we could see the users that logged on to a device, and when the device was last active.

We would like to get Users Reports which should show the date/time when the user logged in and out .

It would be very helpful if this new feauture is implemented.

Thanks

Would it be possible for a version of the endpoint installer to be navigable using the keyboard.
Currently you need to use the mouse to do so, but having the ability to install endpoint on a PC without a mouse attached would be a useful functionality that seems unusually absent form current applications

Like press tab to move between buttons or be able to press c to continue or y for yes...

We have several domains, some routed to different Exchange Servers, it would be nice if the reports allowed us to filter by domain.

For better and faster Troubleshooting for Sophos Support, include a Process Monitor within the Sophos Central Endpoint.
The Process Monitor can be switched on and off from Sophos Central Management, collects the logs and sends them to Sophos Support the same way the SDU Log works.

This would be more efficent than being asked by support to run process monitoring on affected machines and having to manually capture those logs, forward them to Sophos Support.

Blocking newly registered domains would be a great help. I would say a large majority of the phishing, spam, and malware emails we received are from newly registered domains (NRD). Bad guys create new domains all day long to used to launch attacks. On our firewall we can block those sites as a category. It would be helpful if this could be a setting in the email policies to block these as well.

A button on the console to uninstall Endpoint protection would be extremely useful. No user disruption or spending time with a script, but a simple button per device.

It would be nice, if any upload has been happened then the severity should be "HIGH"

Please add the ability to push a scan from the manage/bulk/computers screen.

It would be useful to be able to control the number of alerts received for Data Loss Prevention events, similar to how we are able to for AV alerts. Currently, it appears that the options are either to send an alert for all or none. I would like to be able to receive a daily alert that summarizes these events.

Should have better granularity on the Auto Isolation feature. Only having it on or off for Red Health status only can have ambiguous consequences. If I wanted to only isolate on malware detected or even if a device was missing a component of the Sophos software, then I should have that level of granularity. Right now, it is all or nothing.

in your UI for listing server names, I notice that the number two (2) is a smaller font size than the other numbers