We have Endpoint protection deployed across our org, but just added intercept x licenses, and so we are trying to deploy that to the org. We are looking for a way to deploy the installation packages using our deployment software (kaseya), while turning off and on tamper protection per endpoint. Hopefully that makes sense, if not please email me. Thank you for your consideration

40 minutes on hold for an important issue is not ok

Can we please have the ability to add a single .dll file to an exploit mitigation?

Thank you,
Trevor Karppi
System Administrator
15405 SE 37th Street Suite 200 Bellevue, WA 98006
Direct (425) 974-8588 Ext. 1088 fax (425) 974-8599

Push an update to multiple machines at once
Mark issues as resolved for a multiple machines at once, not one by one

Tamper Protection needs the ability to set a new password for the whole site. individual randomly generated passwords are a massive inconvenience and time waste.

I am a Sophos partner and this is the first time we have purchased and sold Sophos Central Endpoint Protection. I have a few simple questions about setup and user etc. I am very frustrated as I can't find answers to some simple questions in your documentation. I have currently been on hold for over 45 minutes with tech support. Not a fun experience thus far.

The current UI for Sophos Endpoint protection does not look very good on newer HiDPI screens. The text is fuzzy, and not smooth. The software UI needs to be updated to support HiDPI screens such as the Surface line or any number of devices that now come with 4k screens

In the "Endpoint Protection > Computers" view, why is device encryption state not listed? Its immensely confusing to have similar views but some without important information -- especially as the 'manage endpoint software' button on this view can be used to manage the encryption module!

The new interface for policy management is far less useful than before. Now we must edit 5 individual policy areas instead of editing one policy with 5 components. The new interface requires we apply each portion of a policy to a user requiring 5 times the effort !

Please go back to the old view/ method and focus on changes that increase productivity, minimize administration and improve functionality.

Undo whatever madness you just did to the policies. I now have to go through several sections to assign my devices to the correct polices.

It was just add once to one group of policies before you split them all a out individually.

This is a pain the *** to manage now. I liked it better when, when adding a new user to a policy, I only had to do it in one policy and not several spots.

For example, all laptop users have the same restrictions. I was able to add the user *once* to the correct policy. Now I have to add that same user to four or five different policies.

BRING BACK THE OLD METHOD.

It would be nice to be able to trigger an update on a computer from the device details page. You can do it with servers, but I don't see a way with computers. The only way I've found to do it is by going to the user page and selecting the computer from there.

I need to know what group and which version of Windows each computer has. There doesn't appear to be a report that provides this information. A Users report provides the group the *user* is in but doesn't provide the version of Windows or the computer group.

Customer wants to have a blacklist/a auto pua remover feature for their central. I saw that we have that for SMC or as a feature request for SMC but I didn't see it for regular SAV for Central

It would really be nice to have a "support" level role to allow a group of users to alter or disable machine tamper protection. It would one step 'below' admin users, where it would not be able to alter or create policies.

Thanks,
mark

Alerting is strange, I have several laptops that throw alerts that they are out of date, but then within 1-2 minutes are back up to date. They don't throw the alert until they are online, then rectify themselves immediately. Why is this?