I need a better way to manage a large amount of devices. A device should be able to be a member of more than one group or a tags system should be introduced to tag devices i.e. location , type, preferred message relay server,

Support SAML2 authentication into Sophos Central.

It would be very helpful for there to be an option to start an on demand scan for all of my end points. All of my on premises anti-viruses had this option and we used it on occasion when we thought we may be having an issue. This was helpful when two or three computers would have the same virus at the same time to make sure it didn't go unchecked.

i cant access the support cases page on sophos central, i can only submit a new ticket and even for that it dosnt give me any user feedback to say your case has been received etc. it should at least send a email so i can track my issues.

Add the Inbound Allow/Block feature to Email Gateway Policies so we can assign Allow / Blocks to certain groups of people. A use case would be an HR email account wants to receive email from all domains for potential applicants while default policy wants to block most free common email account domains to protect against Phishing. Right now, my understanding is, that we can only apply Allow/Block feature at the Enterprise level.

I would like to see the capability for the Phish Threat to watch a mailbox for people to forward on phishing emails. Only a small percentage of the people have outlook.

Why is there no easy way to add folders to exclusion?

Based on knowledgebase searches, it appears as if there is no way to customize alert options to allow for either
1. multiple people to receive notifications unless they are all super admins
2. specific people to get a specific subset of notifications per their role

This feels like an incredibly large miss and a hopefully easily rectifiable fix. We genuinely need to have the ability to set and control notifications from this system as quickly as possible.

The current API options does not allow for export of "exchange login" username associated with a user. There are other attributes/identifiers that are pulled down, "suser", "source" etc, but "exchange login" shown in each user's account would be a great extra attribute to the raw log. This would greatly assist my SIEM correlation for adding events to a user's session.

Help desk users to manage only particular computer groups.

We want to assign help desk roles that can only manage the group of the country they are on.
They are all from the same company with branches in different countries.
One admin will manage every location and we want one help desk per country.

We have been told by a Sophos technician that this is not possible and we would really need this feature.

Thank you!

There are several products comes under Sophos Central admin portal but there is no way of particularly assigning admin access to product wise i.e - Email Gateway, Mobile Control, Server Protection, etc. Role base management just provide access permission on task base such as Super Admin, Admin, Help-Desk and Read-Only not for product base. It is essential to have this feature as there are different Admins has different scope assigned under them.

While creating a campaign, I would like to be able to save the campaign as I go to avoid losing progress if I'm pulled away from my desk.

Reports: Please Add the ability to see what machines have not been scanned in the last 7 days or time chosen

Also please add a report for finding any machines that have tamper proof protection turned off

Need to be able to set up alerts so that if a scheduled scan doesn't run on any endpoint, whoever's managing the Cloud account knows which machines didn't run their scheduled scan & can follow up to make sure it runs.

Provide the ability to pull a report/log of the scheduled scan results from all computers. It's not feasible to manually access the logs on over 100 computers.

FW Name on the Firewall Management page does not show the actual FW name, it shows the serial number again. Please advise.

macOS protected devices do not appear to be syncing (at least no where real time). Ex. when requesting a scan or disabling temper protection there is no scan performed on the client and temper protection is not turned off! This is definitely a fail as we have a lot of macOS clients.

Why is your solution to so many potential infections having us download a free virus removal tool from your public website where it treats me like I am unknown? Why not just incorporate tool that into the product we paid to have as our perimeter defense?