In the email gateway logs and reports it would be nice to be able to click on the numbers in the columns (i.e. spam, advanced threat) to see what the email was and why it was classified that way. It would allow us to better tweak our policies for other emails.

Since MFA is enforced every login, and the time out is so low, I think you should consider implementing a way to bypass MFA if you're authenticating from a safe CIDR range. For example your IT's corporate network subnet could be white listed so the Admins dont get prompted every time we go to login, but if we're outside the office we would.

Thanks,
Alex

Bring back the Employee Profile that was in Phish Threat 1! This allowed us to QUICKLY see an employee and what they did in each campaign. This is not available in Phish Threat v2.

Allow implementing both Enterprise and Sub-Estate policies. Currently, it is one or the other, but not both.

You need a solution for Sophos Central the polls and gathers connected computers on the subnet that looks for machines that are not protected by your AV solution. Kaspersky had this function for machines that were on the domain or off the domain.. I find this to be a huge security risk that Sophos Central over looks.. I found a machine that I forgot during deployment to install AV and this feature would have alerted me to.. Please add this functionality soon!

Digest mode for Alerts. We get a frequent amount of "Device needs reboot" alerts, which we have email to our ticketing system. Be nice to have an option for like a daily digest mode of all devices under an alert sent one a day (or hour or week or whatever some folks may want)

Threat Indicators - beta
Threat indicators was enabled and we had over 70,000, most no longer applicable as they do not even have a suspicion listed. So I'm sifting through these, dismissing 25 at a time.

Threat indicators definitely needs more comprehensive filtering and some way to dismiss multiple by page count, or by the blank suspicion field, by date, etc..

Why the heck can't we sort by alphabetical listing on the Website names under Global Settings==>Website Management. This is just backwards to make admins scroll thru hundreds of websites or keep getting told it exists because there is no easy way to manage that data. Let's get with the times please.

the ability to kick off manual scans on guest vm of the security appliance

I would like for it to be easier to allow and block websites via url or ip address.

top blocked Categories page.
I would love to be able to click into categories and determine which users or machines visited which sites.

In version 1 of PhishThreat, there was an option to include the manager when a reminder email was sent out to the user to complete training. will that become an option in ver. 2?

Please add the version number(s) of the software that are included with the Software releases being managed in the controlled updates screen. It's nearly impossible to identify what a "release date" equates to in regards to the version number(s) of the software being deployed. Thank you.

Integrate compatibility services with third party wifi marketing and analytics such as Purple, Purple has integration with most of the other wireless brands , and now a days, lots of mid-size business are looking for this statistic studies for merchandising and digital marketing, something vital for all business these days.

You ave the WORST support I have ever worked with in my 25 years working in the IT industry. Takes days, sometimes weeks for a response. Its unacceptable.

It would be good if MSPs could have visibility of the users own allow/block lists for troubleshooting purposes and to assist end users in creating a per user block / allow list - otherwise troubleshooting missing emails could be problematic if a user blocks a number of addresses or domains and network admins have zero visibility of what the end user has set in the self service portal. This is quite a flaw when compared with other vendors such as Mimecast.