Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 5 subscribers
  • Views 20679 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Suggested feature requests / changes for SMC

RL

Hi,

We've recently moved from a competitors product to Sophos Mobile Control, and thus far we're quite impressed. However after doing some usability testing the following valid points (in our opinion) have come up...

1. In order to make the URL easier to remember for the Self Service Portal it should be accessible without the /SSP, and instead the SMC Management portal should have something like an /Admin switch

E.g.

https://smc.domain.com = SSP page

https://smc.domain.com/admin = SMC Management portal

2. In order to avoid a user accidentally choosing the wrong device type the user should be forced to select either private or corporate. This is instead of the SSP defaulting to 'private'.

3. You should be able to set a different default SSP Task bundle for private and corporate devices

4. And the most annoying of all - the shear fact that the user must open and re-close the Sophos Control application before the application can be activated from the portal, and therefore check the device for compliance.

With all of these shortcomings we have chosen not to use the Self Service Portal. It’’’’s a nice idea but its usability is quite poor.

If anyone from Sophos product management want's to discuss these points then feel free to contact me.

Thanks,

John

:40499


This thread was automatically locked due to age.
  • 0

    Thanks Sandy,

    Can I add to this feature request list please:

    5. A context senstive help is needed. - Currently, when you click on the question mark in the web portal, a webpage is opened to the 11 different documents available for the product. This is not helpful whatsoever as the user has to trail through the documents in the hope that they can find what they are looking for!

    I'm sure as we use the product more and more I'll be adding to this list...

    Thanks,

    John

    :40559
  • 0
       

    Yep, number 6 and 7,. Number 6 is a game changer...

    6. Currently only one group can be used for each customer account within SSP!

    We have 4 LDAP groups mapped to various members of staff, but to achieve this we need to set-up 4 different customers and repeat ALL of the settings for each!!!

    In my opinion this is a very poor design and a massive game changer for us. At this point I’’’’m seriously considering moving back to the competitors product due to the lack of usability in SMC.

    7. The fact that the user needs to remember their Customer ID. A simple drop down box option (set in the admin console) would resolve this!

    I'm sorry, but SMC needs a lot of work done to it in order to bring it up to the standards of the other Sophos products!

    :40589
  • 0

    Hi John,

    thanks for your feedback. Let me first give you the link to our feature portal:

    http://feature.astaro.com/forums/143212-sophos-mobile-solutions

    In this portal, you can post your requests, see all existing requests and vote for them, comment on request and exchange your view on requests with other Sophos Mobile Control users. And IMHO the best feature, you will get updated with any status change in one of the posted or voted features. I highly recommend to use the feature portal

    To give you some context on my answers, let me first highlight, that in about 1 month, we will release SMC 3.5. This release is in final QA and we cannot include any new features into it. The next release, we are working on is SMC 4.0

    Regarding your feature requests, I have comments

    to 1.)

    This is under review for SMC 4.0 and in the feature portal. Vote for it :-)

    http://feature.astaro.com/forums/143212-sophos-mobile-solutions/suggestions/2908940-swap-the-smc-default-page-so-that-is-displaying-ss

    to 2., 3. )

    Valid request. I would like to get the opinion of other users about it.

    Can you open a new feature on this, so you get informed about any update

    to 4.)

    I agree to your comment, that it is annoying. Unfortunately Apple iOS does not allow us other means, except of asking the user to type in all information. If we figure out another way of doing this without opening the app first, we will implement it

    You might open a new feature request in the portal, but unless we have a new bright idea, we will not be able to implement it

    Best regards

    Thomas - Product Manager

    :40607
  • 0

    HI John,

    to 6.)

    Maybe there is a big misunderstanding here. The SMC SSP users must come form one user group. But this does not mean, you have to give up the existing user groups. You can use them in the SSP to apply different profiles to them.

    The SSP user group just defines the users, which are allowed to log into the SSP. I recommend you create a new one with the name like SMC_SSP_Users and assign it to the respective users.

    If you define settings in the super admin customer, they will become available in all other customers

    to 7.)

    First of all, I assume, because of point 6, you do not really want to have different customers/tenants. If we resolve your point 6, the need for this will go away.

    We did not implement the pull down list for data privacy reasons. One customer can be defined by default and will be prefilled, but the rest must be entered

    Best regards

    Thomas

    :40611
  • 0

    Hi Thomas,

    Appreciate you getting back to this post.

    I'll try and pick up on the points in the order raised...

    Point 1: I've voted for this request in the Sophos Features & Ideas Laboratory. Sorry, I wasn't aware that it existed until now. 

    Point 2-3: I've raised these as features requests in the Sophos Features & Ideas Laboratory as suggested.

    Point 4: Apple have forced this, then say no more ;)

    Point 5:  Also voted for in the Sophos Features & Ideas Laboratory

    Point 6. Now this is where I am confused....

    Previously we had 4 different LDAP groups set-up in the SSP for 1 customer. Let's call that customer "Staff". Each LDAP group was populated with users that required different profiles, tasks, compliance settings, etc.

    Two examples being:"Standard_Staff", "VIP_Staff".

    The order of the grouping in the SSP for the "Staff" Customer was:

    1. 'Standard_Staff' LDAP group at the top

    2. 'VIP_Staff' LDAP group below

    3. 'Default' group at the bottom

    NB: We forced the SSP customer selection to "Staff", so that's one piece of information the users didn't need to remember.

    The end result in the SSP was that a member of the "Standard_Staff" LDAP/AD group could log on, but a member of the "VIP_Staff" LDAP/AD group could not. 

    I then trawled through the umpteen guides again, and the Sophos KB's, but could not find any reference to the error. I then noticed a post in the SMC forums pointing out that only one group could be set for a customer.

    Knowing that I wanted to achieve the goals below, I raised a request with Sophos Tech for confirmation:

    GOALS:

    A. Create 4 different LDAP groups and assign a relevant Device Group and Task Bundle to each of them.

    B. Remove the need for the users to remember a customer ID (This is understandably a new concept to them)

    It was then confirmed by Sophos Technical support that a customer can only have 1 group assignment in the SSP, and was referred to section 20.2 in the Admin guide. Apologies if I have quoted the section incorrectly as I'm typing this from memory. Though for the life of me I could not find a note to a limit of 1 group, rather the ability to use wild cards for the groups.

    As a result I was forced to set-up SMC from scratch (again) and created 4 separate customers and assigned the relevant LDAP group to each. Ensuring that when I created the customers that the settings were cloned from the Multi Tenancy admin settings.

    NB: As a side note here. I understand, and had part expected the reason for not providing a drop down box for the customer ID's as being one of data privacy, but still believe that us admins should be given a selectable choice if we want to enable the drop down option.

    It's hard enough for a user to remember their password, let alone a "Customer" ID!? Especially when they are panicking that they have lost their phones.

    Now that we have 4 "Customers" the users will need to remember their Customer ID, and there's no way around it. Having 1 customer with the use of the 4 LDAP groups, each with their own settings, would have been better IMHO.

    For obvious reasons I am not suggesting this 'drop down customer' selection setting be enabled in the SMC SaaS option, but for the customers that have their own onsite installation. I'll take the risk that there is a drop down box called "VIP_Staff", "General_Staff", etc Vs a user having to remember their Customer ID any day.

    Thanks again,

    John

    :40613
  • 0

    Hi.

    Final post to this thread from me...

    I'm glad to say that I was contacted by a member of the SMC team and they cleared the groups / SSP confusion up for me instantly.

    I'm now glad to say that I have 1 LDAP "Access" group and 4 LDAP "Config" groups set-up, and most importantly with 1 "Customer". So now I can force that one customer in the SSP so users don't have to rmember it.

    Happy days. :smileyvery-happy:

    Thanks again Sophos!

    John

    P.S. For those that want to raise a suggestion then I suggest that you use the Sophos Features & Ideas Laboratory mentioned by Thomas above. I did, and it's brilliant!

    :40645
  • 0

    Hi John,

    glad to hear, you have been able to overcome your configuration issues. Based on your feedback, we had a second look at our wording at the LDAP configuration form and will add some more explanatory text. I hope, this will make things easier to understand for future customers

    Best regards

    Thomas

    :40655
Unfiltered HTML