Intercept X Endpoint Reviews

The main use case is to have the reversible ransomware attack aspect of Intercept X. It's more of an antivirus solution rather than an EDR solution - a slightly different product to Carbon Black in that respect.

The scalability capabilities are fine.

The stability on offer is fine.

The initial setup can be a little complex. 

The deployment part needs to be improved. It doesn't feed into our SOCs. That's the only thing we have to try and figure out - how we're going to do that. The SOC is our interface with our security partners who monitor our security events. That's done for us on a 24/7 basis.

I've worked with the solution for five years. It's been a while.

We haven't had any issues with stability. It doesn't crash or freeze. It's reliable. 

The entire organization uses Sophos right now. It's pretty ubiquitous.

The solution can scale well, even on our hardware. it hasn't been an issue. 

We also use Carbon Black, although we use it in a bit of a different way. Carbon Black is also easier to set up than Sophos.

The initial setup is a lot harder than, for example, Carbon Black. It's more difficult and complex. Its implementation isn't exactly easy.

It took us a few months to finally get it set up. We ran into some issues.

We're just a customer and an end-user. We don't have a business relationship with Sophos.

The solution is deployed on hardware as well as virtual machines. 

I would rate the solution at a seven out of ten overall. 

We are using Sophos Intercept X for network and system security.

The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform.

Most of my clients I have central management, they receive updates automatically.

There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device.

I have been using Sophos Intercept X since it has been released, it has been many years.

Sophos Intercept X is very stable. However, we had a few issues when Apple released Big Sur. At the time the version of Sophos Intercept X that was running on the Macs wouldn't work properly with Big Sur. We had to install a beta, but that problem was resolved fairly quickly.

Sophos Intercept X is highly scalable.

I have found the Sophos office staff to be far more responsive than other vendors, such as Sonic Wall which is awful. I dealt with them for a number of years and I finally couldn't stand it anymore. I felt that Dell destroyed them.

I have been very pleased with tech support. As a partner, I have access directly to their engineers and developers. Their technical support is superior.

The initial setup is very straightforward.

In the centrally managed environments, you create a downloadable install that you can either email to the end-user or, can have available on thumb drives for customers to install. Once it's installed, it's automatically kept up to date with the most current version.

The price of Sophos Intercept X is competitive.

I'm looking at moving to the EDR version of Sophos because I have a number of clients that have extremely critical data. One of them handles a lot of money for their clients, and the others are lawyers. The security of not only their own information, but their client information, is critical to them. The Intercept X EDR offering is starting to look like it might be a good solution for several of them because of the live monitoring of the threat attempts on their endpoints.

The EDR is an additional managed service that's a component of the antivirus, where depending upon which level you choose, you either have a team that is monitoring responses from your system, or at a higher level, you have dedicated resources that are monitoring your systems. If there's an alert, they immediately respond to that alert and research it, not only quarantine it, the AV quarantines it, but with the EDR function, it alerts the Sophos team that there has been a potential issue, and they'll immediately begin to research it.

My advice to others would be to use centralized management because it makes it much easier to implement, manage, track the installations, and the day-to-day usage. With the central management, you can see every PC or Mac that's connected, any activity, and any issues. You can narrow any issue down to the computer if it's had to quarantine anything. Additionally, you can tell how long it's been since the computer last communicated. It's a very powerful tool, I would recommend it. To the extent their clients are willing to accept the central manager, it is the best option.

I rate Sophos Intercept X a nine out of ten.

Sophos Intercept X is primarily used as an antivirus. It's a next-generation antivirus solution.

It's quite useful.

The performance is good.

The installation process could be faster.

They can reduce the size of the software that is required. 

It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee.

I have been providing Sophos Intercept X for more than two years.

We began with an on-premises installation, the endpoint devices and PCs on the server, but the console is hosted in the cloud.

Sophos Intercept X is a stable solution.

Sophos Intercept X is scalable.

We have a few hundred users.

Our clients have contacted technical support.

The installation is straightforward, but occasionally, you encounter issues, and you have to perform the installation again.

We have two or three administrators to manage Sophos Intercept X.

Clients have to pay licensing fees. They offer both monthly and yearly licenses.

We sell MSP, manage service provider perpetual licenses.

On top of that, they have the option of purchasing additional features. They now include HDR, endpoint detection, and response features. That is an additional license that you can purchase and use with the same software.

I would recommend this solution to others who are considering using it.

It is cost-effective, I would rate Sophos Intercept X an eight out of ten.

We use the solution for endpoint protection and particularly against ransomware. There is CryptoGuard capability within Intercept X. They're also competitive, so people actually leverage it to test the environment against ransomware. It also has the capability to send a warning in any attack. Say they want to assist in the environment so that we are able to run a case incident. I know what has happened, what's happening right now, and then probably what we need to be concerned about.

We have used the solution on-premise previously, but we currently use it on cloud.

I'm aware the on-premise is fading out, so I'm migrating other clients that are running companies to the cloud.

The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit. It would have actually hit the environment before it was protected and Sophos was able to prevent it from ruining the environment. Sophos does this with the firewall to be able to achieve synchronized security, whereby we are able to see an automatic isolation of infected devices or compromised devices on the network.

The detection and the AI capabilities should be improved upon. I also find it narrow of an attack. Even though we have Sophos running on the network, we still have the system being hit. That was probably because Sophos is not running our data. 

Improvement should actually be made on remote capabilities. I would like to see additional features that provide capabilities that show a lot of sources that the attackers are actually making.

I have been using this solution since it was released. We are working with the latest update.

The solution is stable and reliable.

It is easy to scale.

Technical support is good.

Previously, I worked with McAfee. I also have experience using Kaspersky.

McAfee has a component for exploit prevention which works similarly to Intercept X. I've actually seen Intercept X working better than that, especially because in Intercept X you're also leveraging from machine learning.

It's a big issue that there isn't a way to do remote deployment. It's actually difficult because you have to depend on a third party to make sure it actually works. I'm inexperienced on third party use, and it becomes very tedious and almost unmanageable. We have to start helping customers fix their issues at no cost.

The solution requires maintenance, but it is automated.

It's not bad, but compared to competitors, it's a little bit on the high side. The price could be more competitive.

I would rate this solution 9 out of 10. I would recommend Intercept X to other users.

We are using Sophos Intercept X for endpoint protection.

Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter. 

Whenever a user gets infected, as an admin, we get notified. We have many options to pick from, the ability to send policies to the endpoints is a very good feature that they have.

Whenever there is an update all the agents on the end-users systems automatically update.

We have the option of caching updates on the network, which allows us to save on bandwidth. For example, if we have 100 people in the office, we can deploy an internal caching server or a message link server, so not all computers need a connection to Sophos onto the cloud.

Sophos Intercept X integrates with their other solution very well, such as the XG Firewall. The feature is called Synchronized Security.

From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial.

I have been using Sophos Intercept X for approximately five years.

Sophos Intercept X is highly stable.

I have found Sophos Intercept X to be scalable.

We have approximately 40 clients using this solution.

I'm a Sophos certified architect to myself, and as a partner, from the vendor, we have excellent support. We have not had a problem with the technical support, they are always available for communication, such as online chat or on-call.

We have used Kaspersky, ESET, Bitdefender, and Symantec solutions.

The installation is very easy. If someone is not on the network, you can send them an invite by email and they would only need to install the agent, and everything will work perfectly.

The time the installation takes depends on the internet connection. Sometimes it takes only five minutes and other times it can take up to 10 minutes. It all depends on the connection because it has to download the installer.

The end-user can install the solution themself. It is very easy. It is only a two to three-step process it is complete. 

Many people are using this solution and some customers don't even have IT managers, we provide them manage services I this case.

The solution has great protection against anti-ransomware and all of the zero-day threats. The ROI is very good.

There is a license required to use this solution.

If it's a managed services provider contract that we have with the customer, then they pay monthly. Depends on the customer, what the requirements are. They can pay either monthly or annually to us, but we have to pay annually to the vendor.

Before choosing Sophos Intercept X we evaluated Kaspersky, ESET, Bitdefender, and Symantec. For some of our clients who are using the other products, now they've shifted to Sophos Intercept X.

I would recommend this solution to others.

I rate Sophos Intercept X a ten out of ten.

We currently have about 13 staff using Intercept X. We use it to secure and protect our devices as well as monitor projects and do some product reviews. You can also use it to block devices as needed, like if you just want to block a work point category.

Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files.

Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them. For example, they could add a report that shows me the versions of the devices on the infrastructure server, so I can make sure all the devices are updated. 

I've used Intercept X for three years.

Intercept X is good in terms of both performance and stability. It's not constantly updating the device or using up too many resources.

I would say that Intercept X is easy to scale.

Sophos support is very good. I don't talk to them that much, though. I can usually handle everything because it's not complicated. However, in the past, I have contacted support because there were some features I didn't know how to use or configure. 

The setup was simple. I deployed this by myself. Though my team and I got some help from the vendor for new features that I didn't know about. 

I would rate Intercept X eight out of 10

The solution is useful for protecting against ransomware and malwares.

The performance is very slow and should be faster. 

Data resources will be consumed, affecting the performance, when there is a concurrent login involving a server with multiple RDP users. 

The installation of the solution will start the 17 services involved. 

While the tech support is knowledgeable, it's response time should be faster, as it will only get back to us the day after raising a ticket. 

We have been using Sophos Intercept X for around two years.

Technical support, while knowledgeable, is not adequately responsive, as it will take a day from when the ticket was raised to receive a response. This needs improving. 

The solution is easy to install. Downloading time takes only 15 minutes.

Our technical team consists of a team leader, team manager and administrators.

The solution has around 60 licenses. 

It is cloud-based.

We have around 10 clients making use of the solution.

We would recommend the solution to others.

I rate Sophos Intercept X as a seven out of ten.

The primary use of the solution is to block threats. It contains a quick queries engine that can help us figure out where all threats are coming from.

The most valuable feature of the solution is that it is less hash-based than competitors.

I would like the solution to have more functions and to be more user-friendly. 

In the next release, the solution could have more use cases. For example, protection against ransomware.

I have used the solution for approximately one month. 

I find the solution to be stable and secure. However, there are some operational issues with the hashing algorithm.

We have 7000 uses in our organization using the solution. 

I have used Falcon CrowdStrike and Kaspersky.

The installation of the solution is straightforward and took approximately two days for tuning. 

The solution was deployed by the vendor team, using approximately three administrators.

The solution requires an annual subscription. 

I rate Sophos Intercept X a seven out of ten.