Currently the Sophos Central attachment size limit is 50MB but many (most) organizations have a smaller limit. Sophos Central email accepts the email from the sender end and then when it tries to relay the email to our Exchange and it exceeds the receive connector limit then Exchange rejects the email without ever actually getting it transmitted. So neither Exchange nor Sophos ever sends an NDR, with the result that neither sender nor receiver knows the email was rejected.

There should be a setting to define the idle session timeout.

There should a setting to define the number of times login can be tried before the account is locked out and how long it has to be locked out before trying again.

ip restriction capability should be added to the api tokens area of the admin console to improve security.

There is no option to remove quarantined file(s) on EndPoint device from Sophos Central.
As it is not possible to connect to end user devices if more than 20 and do the manual activity to remove quarantined file.

Please have an option to remove/clean quarantined file from Sophos Central.

Es importante que el producto DLP de Sophos Email Gateway tenga la forma de agregar excepciones de cuentas externas las cuales pertenecen a listas blancas que no requiera ser monitoreada.

Your Allow and Block lists should be sortable by whether or not youve Allowed or Blocked something. This whole thing is amazing, and its cool you can search stuff pretty quickly if you know the name. but something I want to just see my entire allow list, or the entire blocked list. These lists are massive, it seems pretty basic to be able to sort on those two things alone. Please, add that functionality. At least a toggle for Allows first or Blocks first so I can see either fairly quickly.

We had a use case of needing to allow DLL's to load from an internal website. It would've been nice if just adding the site to our "Allow" list in Website Management would've allowed this to work, but it looks like that only controls site visibility, not the more granular Additional Security Options. As a result, we've made a policy that just blanket allows any DLL download, which is a little scary.

For machines that are showing as 'Out of Date' Why is there no facility to select all or multiple machines to 'Update Now'? Having to go into each Device individually to force an update is inefficient to say the least. A useful feature would be to allow selecting of multiple Devices to force an Update.

Right now you only get a notification, when a threat couldn't be cleaned up automatically.
We would like to be notified when a threat was cleaned up, because we would like to see where that threat was coming from, to take further steps.

How I can send to Sophos threat file sample not yet recognized by Sophos but comfirmed by several competitors at virustotal?
I mean how to send sample using Sophos central console?
Sending samples by Sophos usual web pages is time consuming.

We had a critical email address get blocked by Sophos for reaching a spam/virus threshold. The KB article KB-000039149 recommends resetting passwords, or disabling or deleting the account. We cannot do that. We need a feature to easily unblock our own email once we know the spam/virus block has been fixed, or was a false alarm. This email being blocked is costing us money, and I sit waiting for the lab in Vancouver to get back to me on my "Critical" ticket.......

Please provide the ability to export a CSV report of all devices for all of my customers in a single file from Sophos Central Partner Dashboard. I understand you can do this from inside each customer's Sophos Central Admin panel, but to get this basic list of devices protected for each of my customers, I'd have to repeat this process many, many, times.

If Dark Reader or other such extensions cannot be used due to the 403 or 404 errors upon login, please add a dark theme so we can save our retinas from bright monitors. Thanks!

Can you add the ability to sort the Website Management list by Tags and Category?

have the option to allow certain admins access to devices only, so no other administrator can make unauthorized changes to a specific collection of devices

If machines are accidentally deleted from central have the ability for machines to call home and re list if active.

Create a feature that will automatically delete duplicated AD sync entries or provide a list of email ID to be deleted in bulk. Instead of going through the dashboard to delete user one by one.

There was an instance where customer had to manually add 10000 email accounts because AD sync had an issue, however when AD sync was fixed they had 10k duplicates which would require to be deleted manually. So a feature like this would be a great idea.

Need a deep scan report to see all computers who havent had it done after a week of scheduling it

Could we have feature to remove/unassigned Sophos central Container policy from iOS/Android device group instead only individual device.