HIGH Alert - Real time protection disabled... and Sophos is always wrong.

Question

Getting pretty annoyed by these false HIGH ALERTS from Sophos. Here's a log from only a single computer over the past week: 
 
 Notice how there's an update that's pushed through which probably takes 2 minutes to actually install on the users computer. Since the update is being applied, most likely the Sophos services have to quickly restart, so Sophos stupidly thinks that REAL TIME PROTECTION HAS BEEN DISABLED, OH MY GOD BETTER SEND AN ALERT! This is pretty idiotic behavior. 
 The user doesn't have the ability to disable Real Time Protection anyway and based on the log files, it's very clear that the update itself is what's disabling the protection, and it's only disabling it for as long as it takes to apply the update. 
 Why does this happen? 
 As far as the alert itself, I'd love to disable these email alerts but as noted in my other thread at: 
 https://community.sophos.com/products/sophos-central/f/sophos-central/96169/email-notifications-for-different-alerts-to-different-groups---not-possible 
 Sophos central doesn't give you a way to disable these alerts or send them to different people! These design decisions are baffling and frustrating.

plochner · Answer

Nope, no resolution to this. It still happens occasionally, about once every couple of weeks to a random computer. I actually just ignore these alert emails now. It's still incredibly stupid that you have no control over who gets what emails sent to them from Sophos Central. Everyone gets everything regardless of the severity - it's just so low-rent and stupid. We probably won't be re-upping with Sophos when our contract is up because of little stuff like this. 
 Sophos Support is laughably bad, I think in my post history you'll see my complaints about them. I made such a big stink about how unhappy we are with Sophos Support with our reseller that I actually got the personal email address of one of the head support guys. I've haven't had a big enough problem to use it and I'm not entirely confident it'll get me anywhere either.