As it stands, you can either use the predefined Sophos list for blocking email attachment file types or you must build one completely from scratch. You should be able to clone/modify the Sophos list, as it's a good baseline, but I need one or two extensions removed from that list. I am now forced to painstakingly hunt through the cumbersome stack of extensions and find the remaining 32+ extensions from the Sophos list and build it manually. Yuck!

When viewing threat cases I often have several filters set such as specifying a device or user name, only viewing new and high threats which helps find the cases I am looking for

When I click on a case it opens in the same browser window/tab meaning when I go back to the threat case list I have to re-apply my filters to get back to the same view.

It would be nice if clicking on a threat case opened in a new tab/window

Allow applications to be unblocked "ACTIONED" from the Logs & Reports Blocked applications list..

Is it possible to get an overview of the protected devices of all sub-estates in the enterprise dashboard overview. This way we do not have to click through so much to see a good overview of the amount of computers/users that are protected in each sub-estate. It wil give a better overview of how many devices/users are protected in each subestate.

If we could have an overview of the wheel with active, inactive, not protected,.. for every Subestate in the main enterprise console.

I don't understand why the outlook plugin for Sophos Phish Threat suddenly doesn't support Exchange 2013

Submitting on behalf of client:

In the allow/block list customers only have the ability to add IPs/subnet ranges to the block list. Having the ability to add IPs to the allow list as well would only make sense and seem logical.

This would be an important feature to restrict access to an IP only and not a whole domain which can easily be spoofed. Reference XGE-5239 for adding IP to blocklist.

Bitte bauen Sie eine Benachrichtigung am Client ein, wenn sich dieser bei rotem Zustand selbst isoliert!
Es ist schon mehrfach vorgekommen, dass mehrere Minuten Fehlersuche nötig sind, bis man drauf kommt, dass der Sophos Client den PC isoliert.

Please allow us to block a file with the "Blocked Items" feature, not only applications. It can be useful when a threat is not ready detected

i found after the pc after uninstalled the endpoint need to wait 90 days only can install back.

how about format pc?
i need wait 90 days only can install back anti virus?

3 months no protection?

and also the log, need 3 month only disappear

why cant remove right now?

i suggest can install and uninstall any time and remove the log too.

Il serait intéressant de pouvoir filtrer lors que nous sommes dans la vue d'un appareil sur le type de Menace. Lorsque nous avons par exemple énormément de blocage Web, les menaces (malware, PUA etc...) sont difficiles à repérer et donc a autoriser en cas de faux positif. Il pourrait être intéressant de pouvoir filtrer facilement sur le type de menace ou sur ceux sur lesquels on peut faire une action afin de faciliter l'administration et le dépannage.

Hello,
Please provide a button in the email listing items that are stuck in quarantine to "Add to whitelist and release".
Also, please add buttons in the quarantine to ALLOW/BLOCK easily by simply selecting the email and then clicking the right button. Provide an option to ALLOW/BLOCK the email address or the domain.

Currently, the process to add items to the allow list is clunky and hard to do for the end user. Please provide simplicity for our people.

Thanks!

Send Sophos Central Partner alerts to an email address

Please refer to Sophos Support case #8757008 and provide option to auto clean up the Sophos Alert for that situation.

Introduce option to set message size limit in E-Mail Security. Our mail server has a limit set on message size. If the mail server rejects a message based on e-mail size, send non delivery message.

Hi. On systems in the Alerts section that are "out of date", it would be great if we could send an Update Command to the PC. If that's not possible, and the system automatically gets updated at a later time, the system should then get removed from Alerts. I hope that makes sense...

wouldn't it make sense to have SophServ linked to Central? authentication is already complete so you wouldn't waste your time or mine! please add as a feature request!!

please add as a feature request.

When trying to find a computer that's been taken off campus (like loaner laptops/desktops), Sophos only shows a 192.168.x.x address, not the address of the router being used to contact Sophos. It would be great if Sophos would log that IP, too. It would also be great if Sophos logged each IP the device has used.

When trying to find a computer that's been taken off campus (like loaner laptops/desktops), Sophos only shows a 192.168.x.x address, not the address of the router being used to contact Sophos. It would be great if Sophos would log that IP, too. It would also be great if Sophos logged each IP the device has used.

Filter the Quarantine messages by Block Reason eg Attachment type. I need to be able to see those blocked because of attachment type or because of content as these usually need processing quicker than the others.
At the moment sorting by Reason doesn't sort the reasons alphbetically