Intercept X Endpoint Reviews

The main use cases of this solution are for protection from ransomware and malware. Although we don't have EDR because of its high cost, we do have the capability to filter the website. Our use case is more about capturing crypto and the like that can encrypt files. I'm a system administrator and we are customers of Sophos. 

I've found that the most valuable feature is the anti-virus that captures malicious threats and the next generation firewall which is more aggressive in terms of not only looking for viruses, but also for SaaS and the movement of equipment. If something strange comes up we're automatically notified and it's either blocked or quarantined. It enables you to prevent future viruses and enables us to inform the user of malicious websites they have visited.

To date, we haven't had any incidents related to viruses or any types of attacks and we barely get any false positives. It's good to know that any malicious anti-virus detected is automatically blocked, although it makes things more difficult for our IT department.

There is an issue when deploying on cloud because it needs to be done manually. For an enterprise company that can have 10,000 or even 50,000 end users, it's a lot to deploy manually. An additional feature they might include would be the ability to control the lockdown on hardware; to control all the entry points such as a USB, a camera or any external storage. 

I've been using this solution for three years. 

I think this solution is stable. It doesn't allow you to do anything that may cause a problem. If you try to download something that is prone to hacking, the solution won't allow it. It's important to use the admin lock to prevent malicious programs being downloaded. It's good at preventing remote users from downloading malware. 

The solution is very scalable because they don't generally deal with small size office deployments of 10 or 15 users. The solution can scale to 100,000 or even up to 200,000 users.  

Initially we didn't have phone support, but now it's part of the enterprise portfolio which we have. We only use the support if we have an issue with the server. It's the benefit of the cloud, there are no concerns about the server whereas on-premise you need to synchronize your server or upgrade the new version to get those features.

We migrated from Symantec enterprise to Sophos and SentinelOne. The approach is the same for all of them. 

Initial setup for the cloud is very straightforward because it's managed by the company. It's just a matter of downloading the agent and installing to your end point. The on-premise implementation is more difficult, particularly if you're not familiar with it but the support is very helpful. I believe there's a way to roll out without the need to visit individual users. I believe they integrate with an active directory, and then post from there. Deployment time depends on availability of the user's desktop or and/or laptop. If it's on premise, you can push that one, it would take less than 15 minutes. To deploy in a company would take less than a month. 

If you start with the standard solution, move to Intercept X, and then go to the EDR version, it's almost double the price in comparison to other vendors. It's a choice for any company. Check Point's SandBlast, for example, has two payables but the additional payable includes encrypting your hard drive - not everyone needs that feature. 

This is a good product but it comes at a high price. As a result, I would rate this solution an eight out of 10.

The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring. Server lockdown prevents malware installation and automatically removes any unauthorized software. Auto-remediation reverses encryption attempts by malware, ensuring data integrity.

In terms of improvements, Intercept X could enhance its support services, particularly in terms of response time and resource allocation. While the product itself is solid, better support documentation and faster response times would be beneficial.

I have been working with Intercept X Endpoint for four years.

I would rate the stability of the solution as a nine out of ten.

I would rate the scalability of the solution as a ten out of ten.

I would rate the technical support as a seven out of ten.

Neutral

While I found Symantec easier to implement and manage, it is not a fair comparison to say it is better than Sophos. My experience with Symantec's interface was good, but both products have their strengths.

Configuring Intercept X is generally straightforward and user-friendly. It is designed to be easy to understand and use. I would rate the easiness of the initial setup as an eight out of ten.

The deployment time for Intercept X varies depending on factors like network complexity and organizational policies. Typically, for around 100 users, it can be completed in a day or two. Maintenance is generally straightforward unless support assistance is required, which can sometimes be challenging to coordinate.

Intercept X falls within the average price range compared to other solutions on the market. While not the cheapest option available, it also isn't considered expensive.

Intercept X has enhanced our ability to prevent malware and ransomware infections. It is a top-notch product, providing robust protection against various threats, including zero-day attacks, while also monitoring encryption levels.

Intercept X has been instrumental in managing and responding to ransomware attacks. I have witnessed multiple organizations using Intercept X remain completely secure when ransomware incidents hit the news. 

Deep learning technology enhances our security posture by providing a deeper analysis of malware behavior. It monitors and analyzes malware actions in real time, leveraging extensive threat intelligence data collected since 1985. This comprehensive approach improves our ability to detect and respond to malware threats effectively.

The exploit prevention capabilities of Intercept X effectively safeguard against various attack methods, including SQL injection and CodeSight scripting. It continuously monitors system vulnerabilities and application processes to prevent exploitation attempts. 

For those considering Intercept X Endpoint, I would recommend prioritizing its comprehensive protection and user-friendly experience. Even after transitioning from server management, I continue to use Intercept X for mobile security, highlighting its effectiveness and versatility.

Overall, I would rate Intercept X as an eight out of ten.

It is an endpoint. So it's antivirus and DLP, and all those integrated in one.

It is like an antivirus. So it stops viruses. DLP stops data leaks in the organization.

It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution. 

I have been using this solution for two to three years now. We use the latest version. 

It is a stable solution. I would rate the stability a nine out of ten. 

It is quite scalable. You can always add more users.  I would rate the scalability a nine out of ten.

The initial setup is easy. The server, the main server, is online. And then the agent is on the premises. 

After online configuration, the agent installation takes only ten minutes. It is a very quick installation. 

The configuration takes around two hours. 

I do maintenance for this solution. A team of four engineers handles the maintenance and deployment. 

The pricing is quite expensive compared to the rest. I would rate the pricing a four out of ten; one is expensive, and ten is cheap. 

It's a good product. So, link it with the security policies because you can link it with the firewall. The endpoint can communicate with the hardware firewall. So that's one of its strong points.  

Overall, I would rate the solution an eight out of ten. 

We use the product to protect endpoints and cloud-based servers.

The product efficiently prevents data leakages.

There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness.

I have been using Intercept X Endpoint for two years. We are using the latest version.

Around 200 people are using Intercept X Endpoint in our organization.

The technical support is good.

Positive

We have used Microsoft before. We switched to Sophos servers for security purposes.

There are always some glitches during the initial setup process, but the product has a strong technical team to handle the issues.

In case of any malicious attacks, there should be some scheduled report, like, weekly, monthly, or daily. It will help me see the number of attacks.

I rate Intercept X Endpoint a seven out of ten.

This product is basically used for detecting ransomware. It will monitor all of the ransomware threats. Since the first ransomware attack happened in 2017, WannaCry, it has been a global threat. It is a vulnerability that is impacting a lot of devices and computers in the network.

Ransomware threats have been identified as one of the first priorities in the entire info security segment. Information security consists of various things including endpoint detection, threat detection, and then your SIEMs like QRadar or ArcSight.

At the early point of detection, Sopho is going to stop the ransomware. The question that has been there since 2017 is how it will identify the ransomware and how does it stop the attack from happening to the network. WannaCry was the first large ransomware attack, which has impacted various regions and is a very high severity threat. Since then, a lot of things have been lined up for mitigating the risk, like WannaCry.

improved considerably

Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities. There is no human intervention in some cases, which is the trend that is happening with most of these products. High-end products and sophisticated products include machine learning capabilities for detecting the threats.

There are hackers who hack the artificial intelligence component using artificial intelligence itself. These sophisticated hackers are using AI capabilities, and the problem is that with no human intervention, machine learning can be defeated. The consequence is that somebody still has to keep watch and monitor the detection from the threat scanning.

Better protection in the endpoint, server, and mobile is needed. Those three areas should be fully protected. It should stop ransomware from installing, it should stop it from deploying, and it should also block unauthorized file encryption. In summary, it should have more protection, better detection, and better response.

We have been using Sophos Intercept X for more than two and a half years.

Sophos Intercept-X is a stable solution and we plan to continue using it in the future.

This is a scalable product and we have more than 7,500 devices connected to the network.

The technical support is 24x7 and it is good. They have different points of contact within the support regions like India, Singapore, and various other regions.

We have Sophos running in parallel with Sophos Cloud, in some of the regions.

The initial setup is quite simple and it will take a couple of hours.

I and my team deploy and maintain this solution. The deployment happens on the cloud.

This is a good solution but that said, there are breaches that are happening, and they are happening using AI. So, the attackers are also that sophisticated and it means that somebody has to sit and do the human check as well.

Ultimately, what happens is that the threats are found, and then the response action is taken based on the outcome of all these steps.

This is a product that I can recommend to others. The DR has better capabilities, as it's powered by machine learning.

I would rate this solution a seven out of ten.

Sophos Intercept X is the antivirus protection of my choice and my client's choice because it does not only malware, antivirus, and Trojan protection but also anti-exploit protection. It has a quarantine process as well. It does all of the usual antivirus plus the anti-exploit and anti-ransomware processes.

One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it.

I look at all my network workstations and laptops, and if any one of them has some issues with updates or receives a notification, then the server console in the cloud will send me an email as well.

I like it's user interface, cloud integration, and the GUI. It's easy to work with it with clients.

I also like Sophos Intercept X because I can install it on a computer, and if it's set for tamper proof, then nobody can uninstall the program.

As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of.

I've been working with Sophos Intercept X ever since it was released three years ago.

It is a cloud solution. The installation is local on the device, but it communicates to the cloud where the cloud server manages the reports, notifications, and licensing.

My impressions of the stability of Intercept X is that it's excellent.

The scalability is not a problem at all.

I've received really good technical support. They're amazing.

I've had experience with other antivirus programs such as Trend, Norton, and McAfee, and they just flag it and indicate that you are infected. However, Sophos has always taken care of things. This way, if my users don't know what to do with a popup, at least I know that Sophos will just grab it, quarantine it, and protect the user.

Sophos is easy to install and easy to manage, and I have had no issues with it. I've had better protection and quarantining features with Sophos Intercept X.

On a scale from one to five, where one is complex and five is easy, I'd rate the initial setup at four. This is because sometimes you'll get a popup asking you to reboot, but actually, if you've installed it a few times, you know that you have to reboot it after the installation. So, there are a couple of popups that don't make it seamless.

If I've got 10 new workstations with a new client and I've sold them 10 licenses and one server, I will have that set up in the cloud as soon as I get the license. It will probably take half an hour to set that up. I can then start adding computers instantly. To install 10 computers, it would take about five hours.

My team and I implement it. We also, sometimes, walk a client through the process remotely.

Sophos Intercept X is a good protection service package for small businesses and large corporations. You can have two computers, five computers, or 5,000 computers, and it'll be just as easy to manage.

I haven't had any issues with ransomware since I began using anti-exploit. I trust Sophos Intercept X and rate it at ten on a scale from one to ten.

We use a normal EDR solution in the office: Sophos Intercept X, for endpoint detection and response, email protection, and data loss prevention.

I've been using Sophos Intercept X for a long time, and I'm currently in my second year of using the solution.

Sophos Intercept X is a very stable solution.

My impression of Sophos Intercept X is that it's a scalable solution.

For the installation of Sophos Intercept X, we had to ask support from their sales staff. The installation process didn't take much time, as it was completed within an hour.

We implemented the solution through an integrator.

We pay for the Sophos Intercept X license annually.

We were initially using ESET.

I'm not yet satisfied with Sophos Intercept X, but I know how to use it. It's good for now, so I can't think of what I'd like to change in the solution.

We have up to 25 users of Sophos Intercept X, and one person in charge of the deployment and maintenance of the solution. For the installation, that person works with an external consultant.

I'm recommending this solution to others who may want to start using it.

I'm rating Sophos Intercept X an eight out of ten.

The main use case is to have the reversible ransomware attack aspect of Intercept X. It's more of an antivirus solution rather than an EDR solution - a slightly different product to Carbon Black in that respect.

The scalability capabilities are fine.

The stability on offer is fine.

The initial setup can be a little complex. 

The deployment part needs to be improved. It doesn't feed into our SOCs. That's the only thing we have to try and figure out - how we're going to do that. The SOC is our interface with our security partners who monitor our security events. That's done for us on a 24/7 basis.

I've worked with the solution for five years. It's been a while.

We haven't had any issues with stability. It doesn't crash or freeze. It's reliable. 

The entire organization uses Sophos right now. It's pretty ubiquitous.

The solution can scale well, even on our hardware. it hasn't been an issue. 

We also use Carbon Black, although we use it in a bit of a different way. Carbon Black is also easier to set up than Sophos.

The initial setup is a lot harder than, for example, Carbon Black. It's more difficult and complex. Its implementation isn't exactly easy.

It took us a few months to finally get it set up. We ran into some issues.

We're just a customer and an end-user. We don't have a business relationship with Sophos.

The solution is deployed on hardware as well as virtual machines. 

I would rate the solution at a seven out of ten overall.