"The most valuable feature is signature-based malware detection."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The only thing that I have found useful is that I have an overview of my systems in the networks."
"There are many features available in this solution, such as asset management."
"In case it works, we are looking to use features like USB blocking, file upload alerts, and other antivirus features as well, but this software has to work first."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"The most valuable features are the cloud administration and the strength of the ransomware protection."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"I like the way it goes beyond the office space. Being a cloud-based solution makes it very easy to manage your endpoints within the office. In this time of COVID, you can also very effectively manage people who are working from home."
"Sophos Intercept X is a complete endpoint solution."
"The solution is scalable."
"It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level. While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best."
"It's a good antivirus software and has a lot of features. It now integrates with their on-premises firewall, which is perfect."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"The GUI needs improvement, it's not good."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"I would like to see integration with Cisco Analytics."
"It could be improved in connection with artificial intelligence and IoT."
"The solution could improve by providing better security and a cloud base version."
"A handbook of known issues and quick fixes should be given so that troubleshooting and frustration are less."
"It should be able to detect and report any ransomware attack but currently, it doesn't detect and it doesn't report any."
"The security is good but the feature set is limited."
"Installing Sophos Intercept X was not as straightforward, as we had to ask support and had to work with an integrator, though the process didn't take much time, e.g. it was completed within one hour."
"When I use a proxy, I can bypass Sophos, which is an area that needs improvement."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"This product does not handle USB drives well."
"I would like to see better support for virtual and desktop infrastructures."
"Should include additional integration."
"The pricing could be a bit lower to match the normal retail pricing."
Seqrite Endpoint Security is ranked 38th in Endpoint Protection for Business (EPP) with 3 reviews while Sophos Intercept X is ranked 6th in Endpoint Protection for Business (EPP) with 63 reviews. Seqrite Endpoint Security is rated 4.6, while Sophos Intercept X is rated 8.6. The top reviewer of Seqrite Endpoint Security writes "Slows Mac machine boot time, many issues with instability, and the support is not helpful ". On the other hand, the top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". Seqrite Endpoint Security is most compared with Kaspersky Endpoint Security for Business, Trend Micro Apex One, Symantec Endpoint Security, ESET Endpoint Security and Sophos EPP Suite, whereas Sophos Intercept X is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Cortex XDR by Palo Alto Networks and Symantec Endpoint Security. See our Seqrite Endpoint Security vs. Sophos Intercept X report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.