Sophos Central Reviews

For me, it's a great solution for endpoint management features like responding to threats and monitoring.

When I worked with large call centers, the most important thing was the device control feature. It provided reports on which devices were being used in the company area, and it prevented unauthorized devices from connecting to the computers. This was especially helpful because certain devices could be dangerous.

The most important feature is definitely the Root Cause Analysis (RCA) tool. It allows us to track malware and other incidents in our environment.

The product feels very complete in terms of providing information and functionality.

Maybe the license pricing could be improved.

I have been using it for a year and a half. 

I would rate the stability a ten out of ten. 

I would rate the scalability a ten out of ten.

I started with the on-premise version, then I switched to the cloud version when it became available. I've been using the cloud version for a year and a half now, and I much prefer it.

The cloud version is definitely easier to set up. The documentation online is also helpful, so we didn't have any trouble getting it up and running.

It was my first product tested in terms of antivirus and firewall. 

I strongly recommend the usage of this product. Have proper licenses in place. Sophos XG Firewall and Sophos Central because those are good products to use.

Overall, I would rate this solution a ten out of ten. 

My customers choose to use Sophos Central for centralized management of their cybersecurity. A key scenario is combining Sophos Endpoint and Sophos Firewall, using features like Synchronized Security. This ensures that if an endpoint is compromised, the information is quickly shared with the firewall, allowing for automatic protection of both endpoints and the network. The convenience of managing these security aspects together is a major benefit for organizations.

I have noticed a significant improvement in how Sophos Central functions for our organization. With recent upgrades, the automatic synchronization of licenses in firewalls stands out. This eliminates the manual hassle of entering license renewal details, making the process seamless and worry-free for our customers.

One of the most valuable features of Sophos Central is its Synchronized Security.

One area I would like to see improvement in Sophos Central is the multi-factor authentication process. Currently, it involves multiple steps with email, phone, and Sophos Authenticator, which can be cumbersome. I faced issues when I lost my phone, making it challenging to log in. Finding a more user-friendly MFA solution would be great. Overall, apart from that, Sophos Central has made significant improvements in the past year and is now a competitive and reliable product.

I have been working with Sophos Central for a year.

We have not had any stability issues so far.

I find Sophos' technical support to be very good. I would rate it as an eight out of ten.

Positive

Besides Sophos, I have worked with Zoho, Check Point, Kaspersky, ESET, and CrowdStrike.

The initial setup process for Sophos Central is straightforward. You sign up at Central.Sophos.com, confirm via email, and provide the required information. It is a quick and simple process, typically taking about 10 to 15 minutes for the initial account creation. One person is sufficient for deployment, and it doesn't require a lot of time or resources. Maintaining Sophos Central is generally straightforward, requiring about 5% maintenance. This includes monitoring events and addressing issues flagged by Sophos Endpoint. The IT admin may need to manually intervene in cases where the endpoint detects a file it cannot remove independently. Overall, maintenance is minimal but involves occasional attention to ensure optimal security.

No, there are no additional fees for creating a Sophos Central account. It depends on the services needed. We can connect a limited number of firewalls to Sophos Central without extra charges. However, for managed endpoint centers with Cisco, there may be auto-query license fees in some scenarios.

My advice for new users would be that for those managing both endpoints and firewalls, especially in scenarios where comprehensive security is crucial, I strongly recommend Sophos Central. The use of Synchronized Security provides data visibility and protection, ensuring that malicious activities on endpoints are promptly detected and isolated by Sophos firewalls. This significantly reduces the burden on IT admins and enhances overall network security. Overall, I would rate Sophos Central as a seven out of ten.

We use it to centralize, manage, and upgrade our security infrastructure. This includes applying policies, revoking access, and working within established guidelines, all without the need for physical access.

It streamlines our operations, allowing us to remotely handle tasks, saving time and eliminating the need for running around to different locations.

The primary benefits include complete control over hardware devices and the valuable assistance provided in log shipment. Additionally, the analytics tools proved instrumental in effectively utilizing and interpreting data related to these aspects.

There were challenges we faced with generating reports for the physical firewall in certain instances. Despite escalating the issue through tickets, we haven't received a fully satisfactory resolution. Additionally, accessing user logs on the central platform is not as straightforward as we'd prefer.

I have been working with it for approximately five years.

I haven't encountered any significant downtime while working, ensuring a stable experience.

I would rate its scalability capabilities nine out of ten. Currently, there are five individuals responsible for overseeing and managing approximately twenty-five to twenty-eight firewalls.

The technical support in India is somewhat slow. They often require a considerable amount of time, and contacting them sometimes involves odd hours, which can be challenging, especially when it falls outside regular business hours.

We collaborate with two other vendors, Fortinet and Palo Alto. We recently adopted Palo Alto about a year ago, and while they make promising claims, we are still in the process of familiarizing ourselves with their offerings. Fortinet, on the other hand, has been part of our operations for the past two years, with our team gaining experience and expertise. Among the three, Sophos is the longest-standing partner.

The initial setup was straightforward and user-friendly.

It offers the most competitive pricing compared to other vendors. When considering security effectiveness, Sophos stands out as a cost-effective choice, especially in comparison to other prominent solutions available in the Indian market. It provides a comprehensive package that includes most features, making it more scalable and accessible for security needs in smaller organizations like ours. I would rate it one out of ten.

Overall, I would rate it nine out of ten.

We use the solution primarily as ransomware. It is a good ransomware. Most organizations tend to choose Sophos Intercept X, which is an endpoint security solution.

The tool improves security and saves time. It shortens the time taken for the management of nodes. It also shortens the time taken to respond to incidents.

Sophos Central is a management panel. We use Sophos Intercept X for endpoints and Intercept X Advanced for servers. If we need extended detection and response, we can take it with EDR. The solution provides good management capabilities. It enables us to manage the firewalls and endpoints. We can change the policies from Sophos Central, which reflects on the firewalls and endpoints.

The product does not have a dedicated MFA. It uses third-party authenticators. We will face challenges if we use a mobile phone because there might be issues with the local carrier. So, we have to use Google Authenticator or any other cloud-based authenticator to shorten the authentication time.

I have been using the solution for six years.

The tool is perfectly stable because it is cloud-based.

The tool is scalable.

The technical support is pretty good. The turnaround time is pretty perfect. It is nice.

Positive

I am a service provider. Different clients have different solutions. We propose solutions based on our customer’s environment. Our clients have used solutions like McAfee and Fortinet and have changed to Sophos.

The initial setup is not really difficult. However, the endpoints are challenging. It cannot be done centrally. We have to go to the individual machines or deploy through an AD. The solution is cloud-based. It takes less than five minutes to deploy the tool.

We create accounts and define the policies. Once the policies are defined, we deploy the individual endpoints. It depends on how many nodes we are working with. If we are working with 1000 nodes, it will take time.

The product is expensive compared to other products like Fortinet and Microsoft Defender.

Trend Micro is a competitor.

Overall, I rate the product a nine out of ten.

While the platform offers a comprehensive suite of security features, its central role in our scenario revolves around safeguarding our extensive network of endpoints.

It is a cloud-based security solution with a flexible deployment that accommodates local servers and updates caches for minimized internet traffic. The user-friendly interface simplifies tasks like configuring exclusions and root cause analysis. The product goes beyond antivirus, offering granular control over peripheral devices, application management, data loss prevention, web filtering, and updates. It ensures a phased update rollout and provides Extended Detection and Response functionality, including a cloud-based data lake for threat hunting. Sophos Central also manages Sophos firewalls, aiming to be a comprehensive security solution with a single-pane-of-glass approach.

The level of protection offered by this antivirus product is highly commendable. One notable aspect is its innovative approach to file scanning, utilizing intelligent HTTPS mechanisms for real-time insights into files. This next-gen antivirus product stands out by eschewing reliance solely on static properties or files, a departure from traditional antivirus models that relied heavily on signatures. The product ensures constant communication with Sophos labs, providing the latest intelligence about files through a feature called "Live Protection." This real-time connection, coupled with the integration of artificial intelligence, specifically deep learning, enhances its effectiveness. Moreover, the ability to export this information into a CSV file, detailing all the relevant files, processes, and other executable-related information, adds a layer of sophistication.

I've encountered minor challenges in grouping endpoints for policy applications. It currently lacks synchronization with centralized identity management platforms, but users can request features, and integration is reportedly in progress. Additionally, Sophos Central can be resource-intensive, demanding servers with a minimum of eight gigabytes of RAM, which may pose considerations for larger organizations dealing with legacy applications tied to specific OS and hardware configurations.

I have been working with it for four years now.

It is generally stable, with very rare issues. In my four years of directly managing it, I can't recall a significant instance where we were unable to access the console or modify settings. If there were any such occurrences, they were likely brief, and Sophos provides a dedicated Sophos Central status page for users to check the infrastructure's status. However, I must be honest about recent experiences—we've encountered some bugs, particularly with threat alerts, such as unknown threats, and we've communicated these issues directly to Sophos. While these bugs are typically version-specific and resolved with upgrades, there has been an uptick in such issues recently, which has been reported to the development team.

It is highly scalable, allowing easy expansion as needed. Creating different service states and consoles is straightforward, and establishing the relationship between a console and its assigned endpoints is simple. The ease of deployment ensures endpoints are efficiently placed in the correct groups, crucial for applying the right policies promptly.

When seeking technical support for Sophos Central, initial interactions typically involve level-one engineers, and may sometimes take time to reach the right experts. There are instances where I proactively provide comprehensive details, yet initial responses request information already shared. Despite such minor issues, specifying the priority of the problem helps streamline the process. If you can connect with the right people promptly, support is generally good. To refine the rating, considering level-one engineers, I would rate the support experience at around seven out of ten.

Deployment in our environment is streamlined through a single source using a compact file. This file is shared with our deployment team for execution. The deployment team requires either internet access, access to the Sophos portal, or an in-house setup for update caching, also known as message relay in certain network configurations. In cases where the network is restricted and lacks internet access, the deployment team utilizes message relay, functioning as a proxy between the endpoints and the Sophos cloud. This deployment approach is flexible, accommodating both on-premises and cloud components. Essentially, we initiate the installation with a small local installer file, and the subsequent files are retrieved either from an update cache or directly from the internet, making it a seamless process for our large-scale deployments. The process is adaptable and caters to various business functions through dedicated consoles. Using a scripted "blank installation" method, deployment is tailored to specific service states, ensuring endpoints align with the correct policies. Policy management during deployment is efficient, allowing for seamless assignment to relevant groups. The maintenance is straightforward due to its cloud-based nature, minimizing on-premises infrastructure needs. Periodic checks and verifications within the console simplify the process, making it hassle-free, especially when no specific network architectures require on-premises components.

Meticulous planning is essential before onboarding devices onto Sophos Central, involving careful grouping and allocation to dedicated consoles or sub-states. Migration from another product requires precise policy migration, facilitated by Sophos's CRT. Mass deployment is streamlined, especially if the old product's central protection is disabled. Sophos Central extends beyond antivirus, offering cloud security and XDR functionalities, seamlessly integrating with SOC teams for effective EDR and XDR. The platform, known for scalability and user-friendliness, supports advanced features like threat hunting and live response. Continuously evolving, it consistently introduces new features through ongoing development. Overall, I would rare it eight out of ten.

We use Sophos Central for Virtual Private Network (VPN), multi-factor authentication (MFA), blocking malicious traffic, and enforcing rules and policies for internal and external network communication between servers.

The product has valuable rules and policies and user-friendly dashboard features.

The product's firewall servers and dashboard need improvement. It isn't easy to read documents and upload data from CSV files using Python code. It is challenging to import user accounts from SAP as well. These particular areas need improvement.

We have been using Sophos Central since 2020.

I rate the product's stability a nine out of ten.

We have 50 organizations as our customers for Sophos Central. We encounter connectivity issues while integrating multiple products or threads. I rate its scalability an eight out of ten.

We are using NSGate, Check Point, and Palo Alto as well.

The initial setup is easy. It takes two years to complete. I rate the process a nine out of ten.

The product is inexpensive.

I rate Sophos Central a ten out of ten. It allows us to analyze endpoint data using efficient rules and policies.

It is primarily used to centrally manage endpoint security solutions on end-user machines. This means organizations can use it to apply and enforce security policies and manage various security features like antivirus, anti-malware, data loss prevention, and other Sophos security components on the endpoint devices used by their employees or users.

The interface, especially when using the software center, is quite user-friendly and easy to navigate. Managing security policies within it is a seamless and straightforward process, offering a smooth experience.

There are situations where manual intervention is necessary, particularly when dealing with certain types of threats. While many security processes run smoothly, in cases of specific attacks that aren't automatically resolved, the need for manual intervention arises. Improving the response time of the customer support team would be beneficial.

I have been working with it for over eight years.

It is quite stable, with only potential issues that might arise when specific Windows updates or packages cause problems, in which case you may need to collaborate with the Sophos Central support team to address them. I would rate it nine out of ten.

It provides excellent scalability. Everything is centralized, and the scalability depends on your licensing. Customers don't have to invest in network infrastructure or data centers to expand their security solutions.

The support is decent but not exceptional, particularly when compared to the capabilities of the software itself. If I were to rate it, I would give it a seven out of ten.

Neutral

I've had experience with both on-premise solutions and Symantec. When it comes to the management aspect, Sophos Central stands out as the better option. However, as a product and considering the overall capabilities of the company, I must say that Symantec is also an excellent product.

The initial setup is quite straightforward.

You can easily set up a user account in Sophos Central, and based on the user's operating system, you can swiftly download the client. Installing it on the machine is a simple step, and it will automatically connect to the central dashboard, displaying all the necessary information. Deployment is hassle-free and user-friendly. Setting up the portal is usually a quick and straightforward task, but it can take longer when dealing with a large user base, like hundreds of thousands. Even with many users, the process is relatively smooth. Managing numerous users can be more challenging, but deploying directly from domain controllers is an option. The primary aim is to ensure the overall system's security. For a case involving around five hundred users, the setup may take approximately three to four days. Maintenance is relatively hassle-free, and overall, it's quite easy to manage.

When compared to the market, it's relatively more cost-effective. You only need to pay for the license, which includes everything. However, if you require managed services, such as MTR with a dedicated support team providing live sessions, there are additional licensing costs involved.

It ultimately comes down to the customer's preferences and budget. If a customer prefers to handle every alert, incident, and threat on their own, that's perfectly acceptable. However, if they require premium support, then they should opt for services like MTR. The choice depends on their specific needs and the resources they're willing to allocate. Overall, I would rate it nine out of ten.

We use Sophos Central for security. 

We used to get malicious attacks from mail before using the solution. 

Sophos Central helps us against intrusions and security. 

The program slows down when you try to control or visualize multiple systems. 

I rate the product an eight out of ten.