"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."
"The most valuable feature is signature-based malware detection."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"The initial setup is simple."
"The deployment is quick. It just depends on the environment and what you may be replacing."
"It is not just a simple virus scanning product. It handles more advanced needs."
"The most valuable feature is the behavioral, non-signature-based threat detection."
"The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit."
"The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
"The solution is scalable."
"The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources."
"Their policy management, their cloud-based dashboard and user interface are very easy to navigate."
"It is very light. It is the only solution that can be installed on a machine that already has an antivirus. It is a pretty complete solution."
"I like that Webroot is very lightweight. It didn't bog down the machine, and more importantly, it had heuristics artificial intelligence to some degree. It wasn't like full-blown artificial intelligence, but something where you have one endpoint recognizing issues because it maintains a cloud database. If one client recognizes a threat, it would add it to the database, and almost immediately, every agent in the world would also know about that threat. That was very appealing to us. However, now it's becoming commonplace, whereas ventures like Symantec and McAfee were based more on the traditional model of definition and updates, and we were always falling behind. Webroot also has pretty good technical support."
"The solution has many features. It is very easy to define and set the policies based on the user groups, it does not take up a lot of resources in operation, and has provided us with a good track record of protection."
"The initial setup was straightforward. It took five minutes. I installed the solution myself."
"Doesn't consume resources or affect the computer performance at all."
"There aren't any features that really stand out — I just want it to keep malware out of my system. To date, I haven't had any malware in my system."
"They have a lot of features integrated from way back, which shows that the product developers know exactly what they're doing."
"The GUI needs improvement, it's not good."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"I would like to see integration with Cisco Analytics."
"It could be improved in connection with artificial intelligence and IoT."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"We had some initial problems with our deployment, and they were more around uninstalling Sophos Basic and installing Sophos Intercept X. We had some challenges with some of the uninstallation scripts. They can improve the deployment of Sophos Intercept X when there is already an existing Sophos version. They can also provide more information in the form of best practices and lessons learned from previous findings. A knowledge base with this type of information would be helpful."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"When I use a proxy, I can bypass Sophos, which is an area that needs improvement."
"The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
"The solution can be expensive, although we do see the value in it."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"Better protection in the endpoint, server, and mobile is needed."
"Its detection capability for certain attacks should be improved. It should have better and wider detection for certain malware attacks. It could also have some sort of RMN."
"There should be a Webroot Business Endpoint Protection mobile app."
"Since they're dealing with multi-core environments now, the best option would be for them to enhance the product so that the product can automatically do an assessment on the machine."
"Reporting system could be improved."
"I did notice that my OS slowed down, but I don't know if that's due to Webroot."
"Webroot is very reactionary. It waits until the threat is active within memory to try and detect it. They need better pre-execution detection and prevention."
"I'm not happy with Webroot Business Endpoint Protection, for only one reason. It seems that it slows down my interface when I'm doing programming in Microsoft Access, tremendously."
"The solution could improve by providing better ransomware protection."
More Webroot Business Endpoint Protection Pricing and Cost Advice →
Sophos Intercept X is ranked 6th in Endpoint Protection for Business (EPP) with 63 reviews while Webroot Business Endpoint Protection is ranked 23rd in Endpoint Protection for Business (EPP) with 11 reviews. Sophos Intercept X is rated 8.6, while Webroot Business Endpoint Protection is rated 7.6. The top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". On the other hand, the top reviewer of Webroot Business Endpoint Protection writes "A scalable lightweight endpoint protection solution with good technical support". Sophos Intercept X is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne and Cortex XDR by Palo Alto Networks, whereas Webroot Business Endpoint Protection is most compared with Microsoft Defender for Endpoint, SentinelOne, Fortinet FortiEDR, Carbon Black CB Defense and Comodo Advanced Endpoint Protection. See our Sophos Intercept X vs. Webroot Business Endpoint Protection report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.