"The most valuable feature is signature-based malware detection."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"Technical support is responsive and adept."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"It is very easy to set up and easy to use. It is also not resource-intensive."
"The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are valuable assets."
"This solution is easy to configure."
"Scalability is good."
"The solution is easy to install."
"Their policy management, their cloud-based dashboard and user interface are very easy to navigate."
"Doesn't consume resources or affect the computer performance at all."
"We've not had any issues with scalability. If an organization needs to expand, they can do so quite easily."
"The solution is very simple and straightforward to use."
"I like that Webroot is very lightweight. It didn't bog down the machine, and more importantly, it had heuristics artificial intelligence to some degree. It wasn't like full-blown artificial intelligence, but something where you have one endpoint recognizing issues because it maintains a cloud database. If one client recognizes a threat, it would add it to the database, and almost immediately, every agent in the world would also know about that threat. That was very appealing to us. However, now it's becoming commonplace, whereas ventures like Symantec and McAfee were based more on the traditional model of definition and updates, and we were always falling behind. Webroot also has pretty good technical support."
"The initial setup was straightforward. It took five minutes. I installed the solution myself."
"It is excellent endpoint protection for mobiles that does everything it says it will."
"The initial setup is not complex at all. It's very straightforward."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"The GUI needs improvement, it's not good."
"I would like to see integration with Cisco Analytics."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
"The Data Loss Prevention module can be better. It should also have threat hunting capabilities."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions."
"The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"When I use a proxy, I can bypass Sophos, which is an area that needs improvement."
"We need to have a stronger defense against CryptoLock and other attackers."
"One of the biggest pain points is that it's not really ransomware-oriented. They will be able to catch some, but that's where Sentinel One is a better player compared to Webroot."
"There should be a Webroot Business Endpoint Protection mobile app."
"It would be nice if it had a feature for automatically generating reports on the client end for device status, security status and backup information."
"I did notice that my OS slowed down, but I don't know if that's due to Webroot."
"Webroot is very reactionary. It waits until the threat is active within memory to try and detect it. They need better pre-execution detection and prevention."
"Its detection capability for certain attacks should be improved. It should have better and wider detection for certain malware attacks. It could also have some sort of RMN."
"Technical support is not the best. It's hard to get a hold of them if we need help. It's something that definitely needs improvement."
More Webroot Business Endpoint Protection Pricing and Cost Advice →
Sophos Intercept X is ranked 7th in Endpoint Protection for Business (EPP) with 54 reviews while Webroot Business Endpoint Protection is ranked 20th in Endpoint Protection for Business (EPP) with 11 reviews. Sophos Intercept X is rated 8.6, while Webroot Business Endpoint Protection is rated 7.4. The top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". On the other hand, the top reviewer of Webroot Business Endpoint Protection writes "Keeps mobile devices secure against vulnerabilities or any attacks". Sophos Intercept X is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Kaspersky Endpoint Security for Business, whereas Webroot Business Endpoint Protection is most compared with Microsoft Defender for Endpoint, SentinelOne, Carbon Black CB Defense, Fortinet FortiEDR and Fortinet FortiClient. See our Sophos Intercept X vs. Webroot Business Endpoint Protection report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
