The red exclamation icon for devices should be reserved for virus infected systems or systems that are isolated.

Not reporting in should not use this icon, a new yellow or orange icon should be created for this purpose.

The green checkmark icon reserved for good-health of course.

When doing a Threat Search, please allow the filtering out of the following fields: Filter process name, Filter date, Filter user name, Filter parent process name. Currently you can only filter these items into your search. It would be nice to filter things out to be able to spot anomalies while threat hunting.

Hello, Can you please build a PSA integration with Autotask PSA.

I would like to request an addition to the 'Email Gateway - VIP Management" of a known email addresses field. For example if I have a VIP listed who is known to also email from their own personal gmail account, this should be an additional field to flag that this isn't an impersonation attempt but a known alias.

Hello Sophos

Sophos Central has now way to tell us how many devices have tamper protection enabled/disabled.
Please provide the customer with visibility as to how many, and which devices have tamper protection disabled?
Audit log states: update tamper protection. But we can't tell if it is set to enabled or disabled?
Same event logged for enable / disable!

Kind regards
Kevin

Kindly have a way to extract raw header logs of emails in a form of a file like csv. Thank you.

Within the Self-Service portal, users should have the ability to select multiple messages for Release or Deletion.

Please add a feature to turn off reminders like the "turning on MFA at the top of the page when you log in to central " for customers who do not want to turn it on.

Policy Exclusions for isolated computers should be changed to support port ranges. It would also be nice to set precise IP ranges.

Add a text filed to filter registers and arrows sort columns in Website Management (Sophos Central). Must be a great feature very simple and fast to add.

I can never find anything in central and there is no feature search facility

Kindly add export report in Message History of Sophos Central

Sehr geehrte Damen und Herren,
ich habe seit heute Ihr "Sophos Endpoint" als Testprodukt für 30 Tage gedownloadet und installiert und konfiguriert.
Ich bin mit Ihrem Produkt definitiv nicht zufrieden.
Hiermit kündige ich das Testabo "Sophos Endpoint". Schicken Sie mir die Bestätigung der Kündigung des Testabo "Sophos Endpoint" an meine E-Mail Adresse: Darius.Zeidler@gmx.de
Mit freundlichen Grüßen
Darius Zeidler

Under "logs & reports", "events report". When viewing the "application control" information, it would be helpful for it to display a separate column for the category of the application detected, rather than appending this information to the end of the event information. That way, when the data is exported to csv, you could sort by the category column to see all instances of that category more easily.

Sophos Phish is a great product, BUT some of the training materials need updating, for example the GDPR one says it will replace old legislation, well, it did, over a year ago

Some updates would be very welcome

Can we please improve the onboarding process for new customers. As a managed service provider my customers DO NOT need access to Sophos Central so I should be able to add a customer directly by clicking add customer and then adding in my license. Not sure why we still have to go to add trial. Also, please don't exclude me using the same email address to sign up a new customer when I AM the technical contact. Let ME choose what I should do for my customer.
Thanks

It would be helpful if we could organise lists of clients via the icon column (so endpoint clients with issues could be displayed together at the top of the list).
It would also be helpful if we could select a number of endpoint clients from the list and prompt them to either diagnose or update at the same time.

It would be nice if there was a way to copy a previous phishing campaign and be able to just modify it slightly instead of having to recreate an entire new one.

The False Negative / False Positive reporting process is much too difficult to be useful. We need a button in the Sophos Central Email console to send an item directly to your support for review. If you ask me, this would be the single greatest improvement to your product since we're seeing a significant number of false positive and false negatives. There is no way that I'm going to take this much effort and time to improve a product that is failing to do what I've already paid for it to accomplish...