add email company default disclaimer

It would be very useful if you could block messages with certain languages present. For instance my organization would never receive messages in Chinese or Russian. Having the ability to block messages in certain languages would cut much of the spam down.

Would it be possible to amend the backend email that is sent out during MDM Enrolment?

We need a "Remember this computer" option on the two-factor sign in. Its ridiculous having to enter that SMS code multiple times a day on my main secure computer.

Create a Report showing the Primary mailbox and all attached Alias with last activity. But it has to include all the aliases. Would help greatly with Microsoft 365 licensing and management of AD syncing. I could then match the list from Microsoft with Sophos, would be a great time saving tool.

feature request - list of programs for devices with endpoint and server protection.

I've been doing some testing for the "allow file transfer" action. I'm testing this action for logging files uploaded to the internet via web browser. I've noticed that an event is only logged when the user uses the "attach" button which brings up file explorer. An action is not recorded when a user does drag and drop functionality. Specifically I'm testing this using gmail file attachments.

Thanks

Live Response in Sophos Central is a power tool (essentially SHELL) and need fs to be monitored when people use it. There should be a report that can be scheduled to automatically be sent via email to Admins on a monthly basis that shows whenever Live Response was used and the comment that the Admin entered in the "Purpose" field along with the time stamp etc. The same info that shows up in the Audit Log but specific to Live Response Only and configurable in a report that can be configured to auto distribute on a cadence s/a monthly.

We need to be able to scan a group of computers based on certain criteria, such as all Windows 7 computers, or all computers in a subnet, etc. I'd even be happy being able to select every computers in the console to scan at once. This is a very basic feature that was available in SEC and should've been implemented in Central on day 1.

There needs to be an option to rerun the check that created the alert to see if it is still an issue without connecting into the device in question.
I can clear the alert and wait to see if it comes back or connect to the device and take a look, but both are inefficient. There needs to be a method of rerunning the checks the alerts are tied to within Sophos Central.

I want to be able to authorize ML/PE oder PUA or other blocked applications from the Alerts with a single click to my configuration.
Pls see: ref:00D301GN6a.5003Z1BE85Z:ref

When you're managing a firewall from central, or group rule, the link "Back to firewall management" throws you back to overview, so you need 2 clicks more to go back to "firewall management" (and every click takes many seconds, as central is not really fast as it should be)

Hi,
Our company is using HCL Notes 11 Release 11.0.1 (previously known as IBM Notes, Lotus Notes, etc.). It is unlikely that we can switch to Outlook.
Please make available a Report message add-in for HCL Notes.
Thank you, József

I would like to have the ability to define YARA rules and use them to process inbound files and if triggered, alert/block/quarantine the file.

Here is an excellent article that describes a way bad actors can try to sneak malicious file macros past AV agents, and then describes YARA rules that can be used to find files that have had the VBA Purging technique used on them. (https://www.fireeye.com/blog/threat-research/2020/11/purgalicious-vba-macro-obfuscation-with-vba-purging.html)

When a user logs on to a computer, it takes some time for the policies to update.
I suggest adding a setting that allows you to force a sophos update each time a user logs in

We need to schedule all our policy which applied to users on daily basis, but in sophos the option is not there and also mainly for Critical policies like Policy violators in DLP. Really we need this option in our portal as we pay money for your product.

When assigning a server to become an Update Cache&Message Relay server it should be able to download update cache files from another UC&MR server.

Example branch office UC&MR server will download update cache files from Head office UC&MR server.

Some of the company has a policy that there should be no internet connection on servers.

most of the company have few domain and to allow add secondary domain to allowed an outbound sending even it is not the same header.