Peripheral exemptions are not accurately reported
I had an issue with a peripheral that was being actively blocked (and reported as such) at the endpoint, was not being reported within the Sophos Central console. Since it wasn't reported there, it was impossible to add an exemption for the device which, in this case, was a Qualcomm wireless card installed to a Dell laptop. Per the technican, devices that are "set to block" won't get reported (even though there were dozens of other detections that were blocked. The workaround was to set the peripheral exemption policy to "monitor" so it would detect, then set back to "block" in order to create the exemption. That means I had to allow a potentially harmful device before I could decide whether or not to block it.
1) Everything that gets logged at the machine level should get reported to Sophos Central, especially policy violations.
2) An enhancement should be made to Sophos Central to manually add a peripheral exemption without having to select it from a list of detections, like you have to do now.