We use it for advanced antivirus protection. It is primarily used for protecting the workstations and servers from Zero-Day and other emerging threats.
I am using its latest cloud-enabled version. Its deployment model varies. We recommend the full cloud version, so we try to get everybody moved over to the cloud. Most of the time, it is a hybrid for a while, until you get moved fully into the cloud.