As Sophos Central stands at the moment, it automatically sends alerts to ALL administrators. We would like to be able to configure these alerts and who it sends to so every administrator doesn't get their email inbox flooded with these.

Currently when the complete Mac package (including Intercept X) is deployed it does not "Assign" Intercept X to that endpoint. Instead you have to into the Management Console and "Assign" Intercept X to that specific endpoint manually.

It would be beneficial if when deploying this package, which says it includes Intercept X, that it would automatically "Assign" Intercept X to the endpoint.

Currently we are having to install manually as part of the enrolment.

Intune only supports deploying MSI installers so we either need an MSI or an 'Intune compatible' method.

We need a tool to remotely remove Sophos agents.

I was told by Reflexion support that whitelisted addresses do not undergo SPF checks. I would expect whitelisting to overrule a spam score, but not an SPF/forgery check. With auto-whitelisting occurring at Reflexion, and targeted spearphishing attempts on the rise, this is a critical/basic feature that needs to be implemented.

We can't remove Endpoint Protection agents from the clients remotely. We are connecting to clients one by one and do the uninstall operation and this takes a long time to finish the job.

It will be great if you may develop remote uninstall feature for Endpoint Protection agents.
We will save time and money.

Regards,

As an Network Manager, I need to be able to down the FULL INSTALL NOT JUST THE installer !!!! Not sure who made this STUPID decision in 2018!!! If you service computer customers, you should understand what your customer's NEEDS are!!!!!! STUPID that my SOPHOS firewall blocks the download !!!! Also, there needs to be an UNINSTALLER, I SHOULDN'T have to edit the registry to disable TAMPER PROTECTION, when THE STUPID PASSWORD DOESNT WORK!!!!!!! THIS IS NOT 1990, GET WITH THE PROGRAM!!!!!

Desperately need you to bring back the full offline installer. Deploying the install amongst multiple endpoints is not feasible with our bandwidth.

The Audit logs are lacking in detail and visibility, specifically:

1. When moving devices/computers into groups - the audit logs only show that a change was made to the group itself, not which devices/machines were affected.

2. When a change in product assignment is done (e.g. we remove Device Encryption as an installed product on a device/machine or a group of devices/machines) the audit logs do not show which devices/machines were affected.

3. When changes are made to a Sophos Central policy, what were the actual changes made within the policy.

Hi Sophos,

It would be great if you could add a feature to Sophos Cloud that gives us as Administrators, the option to choose what alert e-mail notifications we want to receive.

For example, the missed update due to lack of reboot is a common email notification that can be redundant (depending on end-user) as once the end-user reboots the computer (end of day or mid-day maybe) the Sophos update completes itself.

Thanks for reading through my feedback guys!

Kind regards,
Cesar

An import function (for eg via csv-file) for serial numbers/device IDs of USB-devices would be very helpful in device control. Lots of SEC-customers with numerous allowed/blocked devices need to plug them all in in order to block /allow them if they migrate to Central.

Need option to restrict end users from releasing non-approved messages from quarantine. Should have option to "request release" which sends request to site admin(s), and they can allow or deny release of requested quaratined message(s). Apply restriction to Group, which can be applied to bulk-users, allowing others to not be restricted from releasing their own.

Why can't you put MORE INFORMATION on the devices summary page?

I don't want to manually click into EACH device to see if the exclamation point is for something important, or just a **** "Reboot required after software update"!

Automatic removal of central endpoint products, from endpoints, as soon you delete the computers from Sophos central.

As an Sophos Central Administrator I would like to be able to export the current view of a dashboard (e.g. Computers with a bad status - including machine name, IP Address, Last User, Last seen) so that I can create incidents in our ITSM tool for resolution by appropriate colleagues.

Improve Role Management

It would be very helpful to be able to centrally disable the various Endpoint protection services from the Central console on individual client machines. For troubleshooting purposes in a larger environment this would save quite a bit of time over actually getting on the clients computer and stopping various protections.

Users are not prompted for a reboot after an update so the devices are not getting rebooted as needed. Please add a prompt to notify user

I have a lot of PC with warning "Reboot required after software update". Why Sophos software cannot detect that PC was rebooted later and should clear warning message in Dashboard.