Normally you can only check username and password (in extension a certificate ) during remote access authentication. There is no ability for checking the environment of the user, f.e. what device is he using, AV running and up-to-date, Firewall on, not using special applications, etc. .
There must be a applet used during clientless SSL-VPN access for checking the user environment against important security functions and after checking the user has to match into a security zone. Depending on which zone the user lands, there are different rules working for access the internal site.

UTMs do not cache updates for endpoints so every endpoint does it's own fetch from liveconnect. This is very bandwidth inefficient during maintenance releases/updates.

One thing that would be VERY nice to see is the ability for the UTM to connect to Active Directory / Open Directory / E-Directory and scan to see what computers do & don't have Endpoint Protection on them then allow you to push the endpoint install to the client PC or remove from a client PC directly from the web interface on the UTM

Would like to control mobile devices (Encryption/ AV/ Remote-Lockdown) from UTM9 Web Admin

I see that Sophos has a Patch Assessment tool that scans PCs on the network and alerts you to outdated Programs. Add this into your UTM Endpoint please.

Include sophos endpoint style category application controls in the management features of UTM.
This will complement network based application detection and control.

Dear Astaro team

We do not have any option which will show the graphical logs of the system which is infected by virus on the UTM dash Board or on Logs

Sophos Antivirus supports multiple Linux distributions. I recommend adding this client to the UTM Endpoint list so we can protect, manage and monitor security on our Linux servers and desktops

Can endpoint tamper protection be hardened in a way that the user (even administrator) does not have the ability to disable Sophos services, rename the Sophos directory structure, or even delete Sophos registry keys.

All this will add optimal protection against tampering by not allowing anyone to uninstall Sophos, even with administrative privileges.

After this weekend my parents HP Laptop and Mac Powerbook got stolen, I thought it would be a nice feature to have some tracking agent installed on these devices (or Android / iOS, Blackberry phones, iPads etc.) to track down the actual position where the device was connected last time to internet (and all other helping informations to find the device). A solution comparable to Preyproject ( http://preyproject.com/ ) which is controlled by ASG would be nice.

Have the ability to have Macintosh Endpoint Protection Clients

Force scan USB's when first plugged into a machine, not just when first accessed. This is required to meet SOP's

Client requesting the ability to create a recurring report (emailed daily/weekly) that lists all the systems by last update, with errors, and/ or those that differ from policy. Should be able to create a report on any tab or policy that exists in the product based on computer name, policy or container name

The customer asked if it is possible to get standard lists with exceptions which they can import into the Anti-Virus and HIPS policy. Like exceptions for Exchange, Sharepoint oder Lync.

It would be great to have the ability to disable the On-Access-Scans for a certain amount of time on the client.
E.g. via right click on the systray icon:
"Disable On-Access-Scans..."
"for 1 hour"
"until reboot"

This should, of course, only be possible for admins, perhaps only after entering the tamper protection password!?

i think it would be nice to have a possibility to upload files somewhere and test them with the built-in virus-scanners.
i had the idea to use something like shared folders (dropbox/ubuntu one etc. ) to upload those files.

Our customer asked if can implement a scan that scans files before they are written to the disk, so that files are intercepted before they can do any harm.

Would like to see application control protection in the UTM Endpoint. To block certain files and applications form running and be alerted.

ADD the category "Computer name" in Firewall Events in order to filter events with computer name.

We do with our previous solution every Friday afternoon a full scan of all local drives on the PC's and servers.

This scan can be moved by certain definable users up to 3 times on a different day or skipped entirely.

When the scan is skipped 3 times the next time he is done without the user can stop the scan.

The whole thing, the administrator of the configuration settings centrally regulated.

These possibilities we would have liked in the UTM.
Sophos will include that in the Endpoint Protection?