It seems like the percentage of employees that report the email should be based on opening it vice simply being included in the campaign.

The opening percentage is valid and the caught percentage seems appropriate as an overall statistic, but reporting seems like it has to be tied to opening to have any idea how effective the effort to train employees to report suspicious mail.

Allow ability to quarantine a domain, IP or email address as is possible with PureMessage and other email firewall products.

While other parts of Sophos have 2FA, we also need the central account, our Sophos ID, to have 2FA enabled

Need to be able to clear "WiFi" gateway unreachable alerts in one-click, not each alert individually.

The checked checkboxes in the Detected Threat Cases part of the website will get lost when you misclick on a checkbox and go to a case. When you go back to the Detected Threat Cases all your selection are gone. Please make multi selection better.

We need the ability to import exclusions into Sophos. When transferring from another product, this can be extremely time consuming.

Hello,

I found that consept of tagging permissions to Optix environment. It would be nice to create users and tag them only those features that are neccesary for them, like Optix only. This way customers could grant access to their Tenant, Optix and monitored Environment specificly.

Thanks!

Aaron Niiranen

We would like to make a feature request. We are hoping to be able to search for devices through multiple client tenants through our MSP Partner portal. This way if an installer is for the wrong client, we are able to search for the device through all the clients to find what client tenant the installer was from

Speeds drastically decreased when Sophos is enabled. Pipe in is 500/50 and we only get 160/50 hardlined. Confirmed this by disabling Sophos and then get near the 500/50 rate. Tried opening a ticket in the portal and continue to get an error submitting the ticket request.

in Sophos Central, I see an alert "An attempt to communicate with a botnet...." but I can't click on anything and it gives me no other information unless I log into the firewall and start guessing where to look in the logs. It would be immensely helpful if there was some information included here. Otherwise it's just saying "hey, something happened !" but without giving me any useful/actionable information.

display when computer have been updated and need to be restarted in sophos central. then give the admin the ability to force sophos to restart a computer in possible.

for the auto isolation feature create default global exclusions that can be turned on/off for common remote desktop programs so that techs can ahead and connect to these computers to do troubleshooting.

common remote desktop programs should include:

windows remote desktop
dameware
dameware remote everywhere

under the logs & reports for computers for the last scheduled scan column it show the date and time the scan ran. additional it should include the results such as "no viruses detected or viruses detected".

then when you click on a computer under it's agent summary it should display the date and time the last virus scan ran. additional it should include the results such as "no viruses detected or viruses detected".

give us the ability to run a virus scan on multiple computers at one time. we should be to either click a select allow computers under the devices or select individual computers and then be able to click on a button that is called run virus scan now.

Allow us to have multiple scheduled scanning under the threat protection policy instead of just having one scheduled time.

Please give us the ability to be able to remove individual computers that have been auto isolated. There should be a button underneath the auto isolated message for the computer that an admin can click to do this.

It would be good if Sophos Email Gateway could have geoblocking supported rather than just an IP list/range.

I would expect a lot of businesses could easily exclude certain country ranges from email where you would not have business from.

When users are accessing the Email Gateway Quarantine through the self service portal, users need to be able to sort by column (subject, sender, date, etc) and they need to be able to select multiple emails at once.

This is already possible with the administrator account but self-service users don't have these same features which makes it a real pain when they need to release multiple emails at the same time.

Tamper protection should be a policy, not a global setting. It is very frustrating to manage many devices that are being removed from our system. Requiring me to disable tamper protection for all to allow some to remove their Sophos endpoint is just unacceptable and a poor design.

Separate "integrated camera" from MTP/PTP in Peripheral Control so it can be allowed while mobile devices can be blocked for data security.