Intercept X Endpoint Reviews

Our primary use case is to enhance existing security.  

The most valuable part of this solution is just the general capability of making security more robust.  

There are a lot of things that can be added based on the user's need for the solution.  

Where this solution has room for improvement generally is in the integration with Sophos Central and firewalls.  

We have been using Sophos Intercept for the last two years.  

Right now I am in the midst of trying to solve a bug, but I think it is generally a stable product. When there is a bug, the solution usually comes down to updating the firmware or endpoint.  

Intercept X is a scalable solution.  

We have worked with technical support due to some issues we experienced. We had some problems with firewall or endpoint issues that we could not solve immediately. While Sophos is helpful technically, their tech support is not so good. Their tech response could be better. They need to do more to deliver support that is as good or than their competition.  

Intercept is easy to install. There is not a lot to do in the setup for a cloud product of this type.  

My advice to people looking at Sophos Intercept X is that it is easy to install and has a lower price than similar solutions. I recommend it.  

On the scale from one to ten (where one is the worst and ten is the best), I would rate Sophos Intercept X as an eight-out-of-ten.  

We primarily use the solution to protect our company from ransomware and malware attacks.

The product is very complete.

There are products that are technically stronger. However, this product has everything in one solution, which makes it a strong endpoint option. 

There are good functionalities for advanced incorporation and good ADI functionalities that work well specifically against dangerous strains of malware and ransomware.

Since 2015, Sophos is trying to integrate its products with synchronized security. The communication from UTM to the agent goes both ways. It allows the platform to gain a very high amount of data about the Endpoint's telemetry and to give the administrators a lot of visibility. A lot of other platforms cannot synchronize with other security ICT solutions and cannot guarantee the same visibility at all. 

The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions. 

Sophos would benefit from a cloud server implementation on top of the cloud provider (whether it's Google, Amazon, Azure, etc.). The solution is great, however, it's still intended for traditional off-cloud usage. It's focused on endpoint protection of the end-user. It's less targeted on servers, especially Linux or newer implementations that have microservices contained within the environment.

I've been using the solution for about five years now.

The stability is good. We haven't seen any issues that would make us believe it is unreliable. We haven't had crashes. I don't really recall bugs or glitches.

The solution really targets medium-sized enterprises. Therefore, it's not a problem to scale until it reaches 5,000 users. Most of the Italian market would fit into this category, and therefore, it works pretty well for most organizations here.

I can say that I'm happy with the level of technical support we've received so far. In my experience, they are quick. There also isn't a language barrier. There is an Italian support team, which means we can speak with them in Italian. It's always easier than trying to explain difficult problems in other languages. They are quite efficient so I'm quite satisfied.

I am a customer, however, I also have a partnership relationship with Sophos due to the fact that we are a security system integrator and post-security system integrator. That means we not only use Sophos, but we also propose it to our clients. 

I'd rate the solution nine out of ten.

I would recommend Sophos as one of the platforms to take into account when looking for a solution that would work for a mid-sized company. Whether it's the ideal solution or not depends on what objectives and goals the organization has. Those need to be taken into account when evaluating a potential solution.  

That said, generally speaking, I would recommend Sophos. If you compare the environment, the scope, objectives, and goals of the organization, you'll be able to decide if Sophos would be right for you.

The forensics within the solution are quite good. The ransomware mitigation is also impressive.

We haven't had any issues with the solution, so I can't speak to any improvements that can be made at this time.

The solution is stable.

The solution is scalable.

The technical support of the solution is satisfactory. We've never had any problems or issues dealing with them.

We're a reseller for Sophos.

The newest release has got the EDR, so I think they're moving in the right direction in terms of the development. 

I'd rate the solution ten out of ten.

The primary use case is for protection. We sell this solution to our customers.

The most valuable features are the range and restriction. This is why our users choose Intercept X.

To be a perfect product, the price would have to be a bit better.

This solution is stable.

We haven't had any issues with Sophos Intercept X and we haven't had any complaints from our customers.

This solution is scalable.

We have one customer who is scaling quickly, increasing by ten to twenty users each month. We sell them new licenses, put them in their client central, and all they have to do is pull it out to their new devices. 

We have contacted Sophos technical support in the past, but not Intercept X.

For our customers, the deployment of Sophos Intercept X is easy and it's easy to manage.

The price is pretty good.

For my customers who do not want the range and restriction features, I instead recommend using Windows Defender.

I would recommend this solution if they want endpoint protection.

Always check the Sophos Central to make sure that the device is activated with the current updates and scanning.

Customers should log onto the portal to see if the scan has been updated.

I would rate this solution an eight out of ten.

Clients primarily use the solution for ransomware.

There isn’t a specific feature; the solution itself secures your infrastructure. We had a partner whose client was using a different solution that was hit by ransomware recently. It was an inferior product and it didn’t protect them. They didn’t buy a license to protect them for ransomware. After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works.

We’ve only been using the solution for two months, so we don’t have a grasp of the full system to comment too much.

They might want to offer an MSP model for licensing, to offer the solution as a software as a service.

The solution is pretty stable.

The solution is easily scalable to thousands of users. It’s very capable.

So far, we haven’t had to deal with technical support at all.

The initial setup is easy.

We are distributors of Sophos.

I’d rate the solution ten out of ten. I think Sophos is at the top of their game and offering a good protection solution.

I work with a number of Sophos products, mainly those managed through Sophos Central.

I provide general support for this solution, and my experience is with deployment and some configuration. I have been using the premium edition at home for more than a year, and have been dealing with training and support for approximately six months.

We are using this solution for cloud-based support, and using a cloud-based deployment.

We provide managed services to Sophos clients as part of our business offering.

The performance of this solution is good. This product does not overload the machine, even on relatively old hardware. It is a good experience in terms of CPU utilization, and how many of the cycles are going to the antivirus scanner.

This solution is easy to install, and it is flexible in terms of configuration.

The centralized management is a great feature for assigning certain policies to machines.

All of the features are very important for anyone who is supporting a large number of computers.

The price of this solution can be improved. The lesser the price, the more people will purchase it in the future, and it will become more popular and more widespread.

I have never seen the "Blue Screen of Death" based on interactions between Sophos and the operating system. Similarly, I have not seen the computer stuck, or frozen during the virus scanning process. My overall impression of stability is very good.

I would rate the technical support for this solution a nine out of ten.

This product works as expected. From the point of view of a Sophos Trainee and Sophos Support Specialist, I admire what this product is doing. It is flexible and the management console is easy to work with.

Overall, this product is doing fine and I have nothing to complain about.

My advice to anybody who is researching similar solutions is that if they are looking for something that is simple and reliable, then this is a good choice. There will be less effort from the local IT support, and they will have well covered and protected endpoints. If they are not willing to spend a lot of time designing policies, precisely tuning everything for maximum performance and protection, then Sophos is the best choice. With very little effort you have a fully functional and very secure system.

Sophos is the best in its class, although there are no perfect systems.

I would rate this solution a nine out of ten.

We are providing this product and support for it in many sectors like health care, retail, sports, and communication sectors. We are also working with Sophos, but with Sophos Endpoint, not XG, or Sophos UTM. We work with Raya (Contact Center) that provides services here in Egypt (they are also using Sophos 550 XG models).

It improves organizations by providing dependable, intelligent attack defenses.

The most valuable feature in Intercept is its engine for machine learning. It is awesome. Its detection capabilities are saving many of our customers' databases from ransomware and other random attacks. The most interesting thing in the Sophos center is the EDR. It is easy to manage and work with. There is no need to have a cyber-security team define its tasks. In the next few years, it will be an agent EDR.

I guess really the best part of the package is the same thing that could use the most improvement. The machine learning is good and it is already developed in the database and its engine. I guess they already have processes to cover more intelligent attacks. I am not sure about the improvements possible in this area. They have developed it to discover new attacks. But it is just an engine. There are no features that users have to look inside it. I think allowing more user modification could improve this at least for purposes of customization. But I don't know if it is possible and it is just to continue to improve on what already works.

As far as added features, I would like to see some type of event management in the product. It should not just depend on the logs only. It would be something to deal with the events on PCs in a similar way to enhance the effectiveness of Intercept X and EDR. 

The stability of the product is very good as is the performance. As it works in the background there is never instability in the form of hanging at the work stations or producing false positives. It is very easy to deploy, very simple to use, very light on the operating systems' resources. But there are some guidelines that customers or anyone making the deployment have to keep in mind. They have to make rules and use the product intelligently to avoid any extra false positives or any performance issues. For example, they will want to make full scanning of the environment in times where there is a lower load on the system — in off-hours and not during the prime-time hours. But that responsibility is on the operator. 

The performance of the product itself is very stable and very good.

Scalability can happen in one click. If you have another device to add to the environment, you just make the deployment from the server on-premises. The customer does not have to depend only on the cloud server to scale. They also have an on-premise server that makes the rules between the cloud and the LAN environment to avoid any internet disconnects, or bandwidth and performance issues. They can depend on the cache server to communicate on behalf of the client to the on-cloud dashboards.

I personally think the company's technical support is perfect. They always address issues satisfactorily.

The initial setup is very straightforward.

I am not just using it in our department, we are also dealing with installations for customers. We play the role of IT. We enable Sophos products for partners. We do all the work if the customer doesn't have a technical team. We make projects for implementation and providing training.

On a scale from one to ten, I would rate Intercept X as a nine out of ten. I don't think I can rate any software security product a ten because nothing in software security is100%. 

We are deploying Intercept X on Cloud, not on-premises. The reason for this is because the previous versions of Sophos made the agents different between the anti-virus, endpoint and the Intercept X. Now with the Cloud, Sophos is making one agent for the three technologies — the endpoint, Intercept X, and EDR (Intelligent Endpoint Detection and Response). The three components are in one agent and managed by one dashboard, Sophos Central.

Our primary use case for this solution is to offer a complete and monitored solution regarding ransomware protection to all my clients & servers.

Sophos improved our organization allowing us to setup a very efficient solution, cloud managed, introducing a new modern concept: Syncronized Security (between Firewall and end-point)

A valuable feature offered by Sophos is called Naked Security and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client. So we have a central management console where we can observe and act and manage all our customers. It's like a proper perfect solution.

Something that could be improved is to better integrate all different platform available at the moment (not only allow pcs, servers but also other o.s. platforms, Android & IOS and so on too). It should be more user-friendly, automated and able to manage and analyze the logging of the operation, provided that Intercept X is one part of a more complete security solution (Syncronized Security - between firewall, endpoint, mobile devs). Logging & reporting is very important for us, especially in Italy.

I am satisfied with the program's stability. There were some maintenance problems, but very rarely. We generally receive an alert from Sophos when there will be maintenance operations, so we can plan accordingly.

The program is very scalable. We have about 300 computers, servers, work stations and mobile devices in our company. We have one staff member who is responsible for maintenance. We are all system integrators in our office and we plan to increase our usage soon.

The support wasn't very good initially, but they became better. Compared to other brands' support, I'm quite satisfied about the support we get now.

We used a few different products to achieve one objective, but now, with Sophos Intercept, we've solved our problem, reducing dramatically manual monitoring activities.

The initial setup was not very user-friendly, but it improved during the evolution. It was rather difficult at first. Our deployment took half a day. Especially if we consider the Intercept X inside the final solution. We had to plan the setup. It all depends on the number of clients, of course. We did everything by ourselves because we are certified partners; we don't need external consultants.

We pay an annual license fee.

My advice to others would be to get certification over time because without certification, it's not so easy to setup and use. Users should familiarize themselves with all the features of the program. On a scale of one to ten, my rating is nine, because of the few missing features that I think should be added in a close future.