The lack of need for the patch for an extra password is a shortcoming. It will be a great improvement if the patch requires an extra password so that they can find out how to synchronize your Windows password with the same password for Sophos SafeGuard.

I would like to suggest some features that should be included in the next release of Sophos SafeGuard. It is a simple product that accomplishes its basic requirements, which is fine. I don't think implementing complicated solutions that may introduce other issues is necessary. Let it focus on doing what it's meant to do, which is to protect data, and that's all.

There's a problem with the premise console because the endpoints need to connect to the local network, but with the pandemic, many users are working from home, and their machines aren't synchronized with our VPN. In addition, SafeGuard's user interface is ugly and doesn't provide reports, so we have to go into the database and get information from there by creating queries. In the next release, Sophos should include a reporting function and the file encryption that's included in the on-prem version but not the cloud.

With new viruses being introduced in the market, Sophos SafeGuard cannot block or quarantine such viruses. Quarantine is a feature with shortcomings that needs improvement.

In the future, I would like to see the solution's quarantine capabilities updated.

I can't comment on what needs much improvement in the product since the build of the tool is good.

One of the areas of concern about the solution revolves around the endpoints, considering that our company has now finished using the appliance and the endpoints. I noticed that under endpoints, you can use something called lockdown, with which you can lock a server. Once you lock a server, you won't be able to install or put something on that particular server, but on the PC or machines, the lockdown feature is not there, and it is a query our company raised when we had to provide details for Sophos' review.

A disadvantage of Sophos SafeGuard is the partner here in Colombia that takes so long to provide a quote or product information to you. It should be easier to get access to Sophos SafeGuard.

My company communicated with three different Sophos partners to get a quote for the product, but it took too long to get the quotes, which is an area for improvement. My company only received the quote more quickly with the help of a friend working with one of the Sophos partners in the area.

Another area for improvement in Sophos SafeGuard is the pricing. Pricing should be better when adding a new account or scaling the product.

The product's next release could have integration features with different internal and external systems. Sometimes, it doesn't work with Azure.

It could interconnect with the firewalls on the client side, providing us with monitoring data, including logs and visual graphics. In this way, it would help us prevent potential data breaches.

I rate the product's user experience a seven out of ten. However, we face a few issues installing it for troubleshooting purposes.

The product is not cheap.

I do not see very many downfalls, but I would recommend adding a few different encryption algorithms. For example, adding Triple DES, Blowfish, and Twofish, would only provide added value to the users. They could then decide how to secure the data they are using the product for.

As a tool, Sophos SafeGuard is not optimized. I suggest that Sophos SafeGuard should be optimized so that it takes less time to provide encryption features to users. I want Sophos SafeGuard to consider another encryption solution since it currently uses BitLocker. The solution must have alternate encryption methods that users can use to make the tool more effective and a good solution.

From an improvement perspective, I would like to see more integration capabilities being offered by the product. The product is good and works properly in different environments.

It just needs a little bit more on the reporting side. Its reporting can be improved a little bit in terms of being able to know that things are in the right status. I should be able to pull a report to make sure that everything is all right. 

It could also have cloud integration. At the time I was using it, it wasn't a cloud product.

BitLocker comes from the OS license with Windows. It's a free solution. However, Sophos is a product we need to pay for. Therefore, using it is more expensive for our organization. It's also, in general, a pricey option. We'd like to lower costs.

Sophos requires separate BAU operations and separate infrastructure. We require a server and few other things, as well as portals. However, a solution like BitLocker is integrated with the CCM now. It doesn't require any other infrastructure. 

It would be ideal if the solution had different features within one agent. 

If you're talking about technical support, their endpoint support needs improvement. Their UTM is doing well, however.

If it's possible, they should make all the features available because it's got a lot of features on offer, but you have to buy the license in order to add those features to the normal Endpoint. If they could make all those features available and/or offer a bundling option it would be better.

What would make Sophos SafeGuard better than competitors is if its management console also includes firewall management.

In the future, I want Sophos SafeGuard to be more scalable. The solution also needs a better management console. It would also be good if Sophos SafeGuard could surprise its customers a little bit more.

There are times that this solution takes up too much memory that needs to be resolved. If it is not fixed it will definitely create issues in the future.

In an upcoming release, there should be more reports on the health status of the systems that we could fix, such as memory health, CPU utilization, and CPU health. These types of additions would be a great help.

The Office 360 integration could be improved, it's not so straightforward. It's been a challenge. When I moved from my mail in-house, on-prem, to Office 360 on cloud, I had a lot of challenges getting my mail to pass through the firewall. That's something I'm currently working on.

Additional features I'd like to see would be more help results to the product. Maybe they could provide a way to train on the product, provide tutorials that could be easily accessed for people to easily understand the product quickly. I think that would help. The issue is not always the product but the configuration and the know-how to easily manage the system that sometimes make you not get the best out of the system. It's a matter of making resources available. 

You have to pay extra for some additional features, like data extraction. It would be nice if everything was available in one bundle.

It's a good product, but some are not happy with the boot BCN, and the point-to-point VPN requires the best protection. Better internet protection is required.

The dashboards currently lack sufficient information. For example, when we want to look for accessibilities we have to go in-depth and then run the scripts and only then access what we're looking for. It could all be available in the reports and save a lot of time. I want to be able to know who is using what, to check visibilities.

In the latest versions, from Windows 8 onwards, everything is encrypted using BitLocker. What we require is key management, and in particular, policy management surrounding keys. There should be an option wherein I should be able to set the policy to exploit the BitLocker POA keys, and able to manage and reset the keys. Right now, the solution doesn't have this as an option.

From version eight, Windows 8 onwards, SafeGuard doesn't work 100% of the time. So we have to use BitLocker for the encrypting. Only the key management is done by SafeGuard. 

When you have the PPM chipset, you can have the power-on authentication, when you boot up your machine, you can set the six-digit passcode. As of right now, SafeGuard can't manage the six-digit passcode in terms of the expiration, and I need that added as a feature.

The solution is not using other features like booting encryption, because it causes very heavy processing of the workstation. If they could find some way to handle the encryption and decryption to be lighter on the workstation it would be better.

It would be ideal if the solution could make the processing possible on an appliance, instead of having to install it on a machine. Also, it should be in the network layers and communicate with more workstations. The encryption and decryption processing should not be on the workstation; rather it should be on the appliance.

Sometimes, multiple updates and crashes happen in the tool, making it an area where improvements are required.

I would like to get less frequent updates on the product.

Sophos should conduct some seminars to teach people how to use it and also to inform the users about what they should do in case of problems.

The solution lacks connectivity to Azure AD so it can connect to the regular internal Windows AD server but there's no direct connection to Azure AD. That would be a product improvement that needs to be implemented given that almost everyone is now on the cloud.  

The encryption could be improved. If they could find a way to make the encryption and decryption to be the same on the work-stations, it would be better.

Some of the encryption settings have a complex configuration.

Here in Egypt, they don't prioritize the selling of this solution and there is no compliance from the government. There is not enough marketing for this solution. If they give it some priority it will become more familiar to customers. Many of our customers need a solution that uses encryption technology.

The security does not have 100% authentication.

This solution is complex in the development process. Customers are asking for things that are needed in the development and this solution is not easy to develop.

In the next release, I would like to see processing on the appliance and not to install it on any machine. It will be in the network layers and able to communicate with all workstations.

It would be better to have the encryption and decryption processing on the appliance and not on the workstations.

I would like to have more control over the files in the Sophos encryption system.

This solution needs to have more data loss prevention techniques. Having a DLP integrated with the encryption engine would be very good.

The solution's ability to integrate with other solutions, such as a DLP, should be addressed. 

Sophos SafeGuard is a German product. Sophos isn't really active in Europe. The Middle East, Africa, South Africa works with Sophos but their primary users aren't in Europe. They should market and push this solution to the European market. 

When you compare Sophos SafeGuard to Palo Alto and other enterprise firewalls solutions, Sophos doesn't have the same market. 

Palo Alto targets the SMB market and Sophos would like to approach the enterprise market, but it can be difficult to approach these customers without having the right offering.

Sophos has a rich roadmap to cover this area, but we are not aware of it, so it difficult for us to approach these customers without having the right offering.

In the next release, I would like to see more automation with the endpoint logging, but it's a special feature that is quite complicated to explain. There is a trick to implementing it. You have to implement some scripting into it.

I would like to see a support-cloud, where Sophos creates a single package that contains all of its products.

The integration could be a little better.

I use this solution frequently and I can't think of anything I would change.

The tutorials need to be simplified. The existing ones need to be easier to follow and we could use some tutorials for basic setups. They should aim to be more like Cisco, which offers very good tutorials and materials.

If there was a way to automate the configuration, that would be ideal.

The pricing could be improved.

Technical support could be a bit better.

We've only really been dealing with this solution for six months, so I haven't had time to note anything that is lacking in the solution.

The cost is rather expensive. It's a pain point for many clients. They should work to see if they can reduce pricing.