Please share with the community what you think needs improvement with Sophos EPP Suite.
What are its weaknesses? What would you like to see changed in a future version?
In the future, we're looking forward to having a new synchronization firewall on the endpoint. The management console need improvement. I'd address the deployment side. If we could upgrade the deployment side to hand it off to the end-user, it would make it easier, as our campuses are far apart. We'd appreciate if the solution could offer us assistance with a later deployment.
The support could be improved. The response times are slow. Most of my clients are comfortable with the product and how it operates, but I'm sure there could be improvements that could be made. The solution needs to move from small businesses to large enterprises so they can compete with the 40 gig Check Point. They need to build a product for that environment.
The area improvement is something very specific. Windows firewall security allows an exception where the user of a specific device can turn the firewall on or off. We need to configure our Windows firewall security in an active directory via group policy. We do not want to allow the exception or for individual users to be able to make this change. When using Sophos, instead of doing this in an active directory, we have to create a policy on the Sophos portal itself. In the Sophos policy, we can indicate which port is allowed and which port is not allowed for the Windows firewall and how it is handled. Previously, we were using ESET smart security which also has a Windows firewall base. We could control each and every link and port for everything. Like for people taking their desktop remotely, we could allow VNC (Virtual Network Computing) remote connections on a specific port only. All other ports are blocked from this type of access. This feature is something only ESET had. I am pretty much sure Sophos does not have this kind of policy available. They should make this adaptation. The rest of the Sophos product and the technology and utility of the suite is beautiful. I believe all network system administrators would be glad to have this feature. What I would also like to see added is information about update compatibilities. This should be included in a notification for upgrades from Sophos as to whether there is any reason to update Windows for Endpoint or not. The problem stems from the fact that Microsoft is releasing these updates and the patches for security every month. A lot of those patches have issues and incompatibilities. After Microsoft releases the updates, they sometimes have to release a fix to the update with patches. They usually do this in the next two to three days. It would be helpful if Sophos did the testing of the updates to inform all their clients so we can be sure these updates are OK. Then, in turn, we can inform our clients if updates are compatible with their servers or not.
The solution is a challenge in terms of setting up the rules and managing them. Since the solution runs silently, you do not know whether the antivirus database has been updated or not. I'm not so sure whether I'm even using an updated antivirus database or if it even scanning every time that I insert a flash disk. I just need that scan and I need to know it's happening. I'm not getting that. Even if it does a scan, I don't know if hazards have been dealt with. For example, did it clean the disk after it scanned it? In other products, it's much more clear. There needs to be some sort of report that lets you know if it's running if it found something, and what it did with it, etc. We're concerned the Sophos partners may not necessarily have the right skill sets to deploy the solution in a way that meets our expectations. The solution is not easy to use in comparison to other endpoint security solutions.
I would like to have more logging features to help more deeply analyze traffic. This would provide us with more control over the products, incidents, issues, and so on. It would be helpful to have more control of the devices attached to the desktop, giving us better visibility and manageability. This would help us to prevent Traversal attacks, where the user can plug in external USB devices, for example.
They should consider giving the devices for free when they are charging for licensing. In the next release, I would like to see the phishing attached included in the firewall. Normally getting junk mail and phishing in emails is a problem for us. We are protected with other solutions but we would like to see it in the is one.
Deployment and central management need to be improved. In the next release, the solution should add anti-spam. They should add a plugin and or a browser plugin for security.
Part of the product that can be improved is the detection of other antivirus software. We had some trouble one time installing the product because there was a third-party antivirus product that we needed to remove before we could install Sophos. That detection in the installer could be better. It can easily be solved but does not have to be a problem in the first place. Pricing could be improved because it is a bit expensive. It would be nice if there were more capability to configure the notifications. We do get some notifications when a virus is detected or something is wrong, but we get notifications that the machine has to be restarted or other issues that should be handled by different people or different departments. There should be some distinction as to which notification type we want to send to a particular destination. That's something that should definitely be better in an enterprise solution.
If you are not an IT expert, the solution is difficult to use. So it needs to be simpler for a non-IT person so that when you have an issue, you can you know that the solution is just a click away. Except for the more advanced things. So in terms of usage, the management tools, monitoring, and dashboard should be easier to use.
Sometimes there are issues with the antivirus backlogs.