I've been a Sophos customer for years. Good, bad, and the ugly, i've always felt Sophos was top notch.
But lately, i stay more annoyed for 1 reason. LOGS. It's ridiculous that i can't see everything that Sophos AV and its products are doing. Now, you're pushing EDR / MDR solutions and the whole time I'm thinking, how can Sophos watch over my network when i can't even see what i need to see through logs????
Seriously, what is the one thing I will have to have in a threat response scenario???? LOGS LOGS LOGS. The logs i have are crap! You block apps and i can't see what is blocked, period. Even on the home version, that i can give my end users, logs are nonexistent. Apps are blocked and until you make an exception you have no clue that Sophos or one of its products are blocking it.
You offer web filtering, but i can't even provide logs to my department heads in regard to end users web browsing history.
With the money i have paid, and the money i have made for you through word of mouth (and yes, a good friend is a reseller and pushes your product regularly thanks to me) the least we should expect are good logs.
You have a good product! We need to know what it's doing and why it's doing it. That's not too much to ask.