Sophos EPP Suite Reviews

We are using Sophos EPP Suite for web and application control, and antivirus

The most valuable feature Sophos EPP Suite is that it protects the computer beyond the premise. Whether the user is at home, in the office, or traveling, you are able to apply the policies as the user moves.

Sophos EPP Suite could improve the way it can be installed. They used to have one installer and now they have two, one for the server and one for the client. I don't know the difference, it brings confusion.

I have been using Sophos EPP Suite for approximately five years.

Sophos EPP Suite is stable because once we do the deployment, rarely do you receive corruptions. Additionally, once you deploy something on the cloud, it automatically applies to the client as long as the system is online.

Sophos EPP Suite is highly scalable. We have close to 40 computers using this solution.

I have contacted the support and I am satisfied with the speed of the answers.

Sophos EPP Suite could be easier to implement and it is slow with the web installer. However, it depends on the internet speed.

There are licenses to use this solution and we are on a three-year license.

I would recommend this solution to others. The solution is highly scalable and we are using it in two companies and it works very well. You have control of what you want to be done or applied within your multiple sites.

I rate Sophos EPP Suite a nine out of ten.

The use case is that many businesses are trying to make an effort to secure their IT assets more rigorously. Right now, in 2020, and last year, in 2019, a lot of businesses became aware of the incidents that are happening in digital media with security issues. There were many incidents involving ransomware, hacking attempts, botnet — all those things. This made the people more aware and scared about the security of their systems. That is the reason we are selecting products to try and provide the best security endpoints possible for our clients. 

The main reason why we choose the Sophos EPP Suite is because of its capabilities to stop infections from spreading around the internal network once the problems have infiltrated it. For example, one computer gets infected. When that computer attempts to communicate with another computer — one client to another client — Sophos checks the behavior of the computer. It looks at what it is trying to communicate and what resources the computer is using. If it does something that is suspicious, like move an application that may be a virus, Sophos will stop the activity and disconnect the computer from the rest of the network immediately. It does this automatically without an administrator having to do or even be aware of anything. This is the main thing we like about the Sophos product. It is constantly monitoring all points and has the capability to detect and act on intrusions without other intervention.  

The area improvement is something very specific. Windows firewall security allows an exception where the user of a specific device can turn the firewall on or off. We need to configure our Windows firewall security in an active directory via group policy. We do not want to allow the exception or for individual users to be able to make this change. When using Sophos, instead of doing this in an active directory, we have to create a policy on the Sophos portal itself. In the Sophos policy, we can indicate which port is allowed and which port is not allowed for the Windows firewall and how it is handled.  

Previously, we were using ESET smart security which also has a Windows firewall base. We could control each and every link and port for everything. Like for people taking their desktop remotely, we could allow VNC (Virtual Network Computing) remote connections on a specific port only. All other ports are blocked from this type of access. This feature is something only ESET had. I am pretty much sure Sophos does not have this kind of policy available. They should make this adaptation. The rest of the Sophos product and the technology and utility of the suite is beautiful. I believe all network system administrators would be glad to have this feature. 

What I would also like to see added is information about update compatibilities. This should be included in a notification for upgrades from Sophos as to whether there is any reason to update Windows for Endpoint or not. The problem stems from the fact that Microsoft is releasing these updates and the patches for security every month. A lot of those patches have issues and incompatibilities. After Microsoft releases the updates, they sometimes have to release a fix to the update with patches. They usually do this in the next two to three days. It would be helpful if Sophos did the testing of the updates to inform all their clients so we can be sure these updates are OK. Then, in turn, we can inform our clients if updates are compatible with their servers or not.  

We deploy this solution to clients and have only been deploying it for several months after testing at our facilities.  

I do not have any experience regarding technical support for Sophos EPP directly. But to compare that to the technical support from SonicWall, which I researched on the web, the technical support for Sophos is currently just as good. I don't know personally. From what I have read, they responsive and they are quick to give users a solution. They resolve problems in a few seconds or within five minutes or ten minutes and are as fast and as accurate as SonicWall support. Once we engage in the full licenses, then we'll be able to find out for certain how the Sophos people will respond to help me out for any incidents that we have.  

We did not really previously use a particular solution — for ourselves or our clients — that will take care of all the things that the Sophos suite will as a unified product. We are constantly evaluating different products by checking out demos. We have used Sophos products for ourselves and with clients in the past but we still need to activate the Sophos EPP (Endpoint Protection Platform) for ourselves internally with formal licenses. We previously had a license and it is still valid, but we need to upgrade for more users.  

The solution we are using right now with most clients is ESET (Essential Security against Evolving Threats) Endpoint Security. We are going to Sophos Intercept X to replace this. We had also been looking into how Intercept X works with the endpoint firewall including how well they communicate with each other and how that may impact our infrastructure. So I've been very interested in the concept of adopting Sophos. As soon as possible, we will get the licenses. About 250 client machines and 55 for our actual and virtual servers.  

I very much impressed with the Sophos product called Intercept X. It is  a wonderful concept because it is protecting the end-user in a different way. It is working with a proactive model, not just an active model. So now Sophos will be actively protecting us before some problem is acquired by our systems.  

Our current antivirus solution will expire on the 8th of February in 2020. Before that date, we will activate Sophos for our organization backup systems to do further testing. We are currently using a third-party product called Mimecast for email security. We still have one year on the licenses for that. So Mimecast will expire in 2021. Then we will be ready to adopt the Sophos solution that fills this need. We are starting with the Sophos Endpoint solution first, and in July next year, we will check how everything is going with the Endpoint solution and hopefully we will see everything is going well. Then we will move forward adopting additional Sophos products. We will improve like that, one by one, to unify our solutions into the Sophos Suite.

We are currently checking into the actual licensing costs. We are waiting for a quotation for 250 end-users and 55 service licenses. We are hoping for a reduced contract price by directly contacting the Sophos company for the licenses. Because we are in the UAE, they have a lot of connecting partners for Sophos already, so it is hard to say if they need more partners or that they will want to give a significant discount. We still think we hold significant interest for them.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos as a nine.  

We use the solution for endpoint security to protect critical positions within our organization. This involves securing connectivity and network access for these positions. Due to the pandemic, we had to limit on-site operations, but now we plan to extend this security to other users as well, including normal users. This expansion will include firewall protection for endpoints to ensure comprehensive network security.

We were concerned about the threat posed by malware. The product's effectiveness in addressing this threat and capturing it within the network has been quite helpful.

The product's resource utilization is a concern, especially regarding memory usage on systems with older specifications such as lower memory and less powerful processors. Installing the product on these systems can lead to slowdowns due to resource consumption. If the product's resource demands can be reduced, it would greatly improve the user experience, especially for end users with less powerful hardware. 

I have worked with Sophos EPP Suite for almost five years.

I would rate the stability eight out of ten. 

There are no issues with scalability, so I will rate it an eight out of ten.

We seek support for the product through a local vendor who in turn contacts Sophos.

Sophos is quite cost-effective for our organization’s needs. It also has local support and that is why we use it, compared to other software like Cisco. 

The initial setup is straightforward. 

While currently, we don’t need assistance, in the future, we might require assistance from integrators or other solution providers due to the increasing complexity of our organization. As we move towards face-to-face setups, additional requirements might arise.

I would rate the price a seven out of ten, for its cost-effectiveness.

I would rate the product an eight out of ten, overall. 

We primarily use it for endpoint protection. 

The anti-ransomware engine and the crypto-guard capability are most valuable. 

DeepGuard and CryptoGuard, those engines, basically shield against encryption attempts. They detect and block suspicious behavior before your files get locked.

The network isolation feature is brilliant. Sophos firewalls work seamlessly with the endpoint suite. If a threat pops up anywhere on the network, the firewalls and endpoints communicate instantly, allowing us to isolate the infected device and stop it from spreading.

The solution needs to perform better or update its anti-ransomware and anti-malware engines to keep up with the latest hacking techniques.

So, I would like to see a better update on the anti-malware engine.

I have been using it for three years now. 

It is a stable solution. I would rate the stability a ten out of ten. 

It is very scalable. I would rate the scalability a nine out of ten. 

My clients are a mix of small, medium, or enterprise businesses.

There is room for improvement in the support. More easily available contact numbers would be good.

Positive

I would rate the initial setup experience a nine out of ten, with ten being very easy.

The deployment time depends on your environment. For a full site, it will take eight hours using Group Policy Objects (GPOs) to push it through as long as all machines are on the network simultaneously. Otherwise, it'll take longer.

The pricing is reasonable. The license cost depends on the number of employees you cover.

I would suggest opting for a fully cloud environment, as it's a cloud-based infrastructure.

Overall, I would rate the solution an eight out of ten.

I mainly use this software for managing my business operations and enabling efficient port forwarding to make my applications accessible on the Internet. It helps me handle my portfolio needs and occasionally aids in device management for monitoring network traffic.

Sophos EPP Suite stands out with its user-friendly dashboard and strong web filtering features for enhanced online security.

In terms of improvement, the main challenge is setting up VPN connections. I have tried online resources and even turned to Kubernetes for help, but the primary issue I face is the complexity of creating VPN connections, and I'm seeking ways to make this process easier. Additionally, I have also faced difficulties with web filtering. In future Sophos releases, I would like to see simplified processes. For example, make port forwarding setup take just two or three clicks, streamline web filtering to two or three steps, and ease the separation of PCs from mobile devices within five clicks. The aim is to make these tasks more user-friendly and less time-consuming.

I have been working with Sophos EPP Suite for a few years.

It is a stable solution. I would give it an eight out of ten for stability.

In my personal usage, I have set up Sophos EPP Suite for two scenarios. The first has over 50 users, and the second, in a hospital, has fewer than 60 users. The second deployment is still in the testing phase, with around 15 active machines on the network currently.

I usually turn to internet searches and Sophos documentation from their website for help when I face issues or have specific needs, so I haven't needed to contact Sophos technical support directly.

I have experience with SonicWall. I used it about twelve years ago.

The initial deployment is quite easy and it takes less than an hour to deploy the solution. Setting up the basic installation and getting internet access is straightforward. However, complexity arises when trying to apply specific rules to the system, which can be a real challenge. I'm not currently handling maintenance for this product in the client's environment. In the past, I attempted to do so by trying to renew licenses for two devices, but the response was negative. I'm considering trying again and hoping for a better outcome in the future.

I find the pricing of the product to vary in different ranges. While it is not overly expensive, it can be a significant cost from the client's perspective, which makes me cautious about spending the money. I would rate it as a seven out of ten in terms of affordability.

I would definitely recommend Sophos EPP Suite to others. Overall, I would rate it as an eight out of ten.

We use the product to protect our endpoints, including PCs, laptops, and servers, from threats like malware, viruses, and grayware. It is a smart and well-integrated solution. 

The most valuable aspect of the product is stability, particularly when properly sized for endpoint use.

There could be more integration included in Sophos EPP Suite.

I rate the platform's stability a ten out of ten.

We have ten companies as our customers for Sophos EPP Suite. It is a scalable platform.

The technical team is very smart, intelligent, and helpful.

I followed the step-by-step on cloud implementation process mentioned in their technical documentation.

We've explored various vendors like Sophos and Kaspersky, among others, to meet our security needs.

Our experience with Sophos has been notable; it's database-driven and efficiently integrates to inspect and protect us against biases, malware, and attacks. It is a good solution for smaller companies. One key feature is the seamless integration between Sophos EPP Suite and the firewall. When a compromised host is identified, this information is swiftly relayed to the firewall, enabling proactive protection for other endpoints and machines across our network.

I rate Sophos EPP Suite a ten out of ten. It is a useful tool in terms of availability. We can renew or buy new licenses within a minute.

We use Sophos EPP Suite to prevent our clients from getting malware.

It was successful in preventing malware distribution. We have a large number of clients, over 13,000 in total, and we serve the majority of them.

Sophos EPP Suite doesn't really have a lot of features.

This signature-based malware prevention method is a little out of date. We are currently attempting to migrate to a newer, cloud-based solution in which we not only use signature-based antivirus scanning but also EDR with processes and similar tools to better recognize potential attacks, which is what the actual version cannot do.

It has not been developed in the last few years.

There are also issues with the compatibility of the OS. When using Sophos with Windows and devices, most of them work well, but as soon as we work with macOS and Linux, many issues arise that we do not want to have.

macOS is incompatible.

I have been working with Sophos EPP Suite for 10 years. It was already in place when I joined the company.

The server has never been as stable as we would have liked. It is one of the reasons why we would like to move away from Sophos and toward a completely new solution.

The support is deteriorating.

We use the previous version, which will be phased out next year, the Sophos Central console. It's Intercept X's on-premises version.

The initial deployment was completed entirely in-house, either through our software distribution, Barramundi or through the use of any custom script.

The infrastructure is currently maintained by myself, a single person, under the current solution. We have a central server console to which all clients connect, but we also have 14 support groups with their own admins for each department, where they manage their own devices.

In terms of pricing, it's not because I don't care about the cost; I simply tell them what we require, and someone else will obtain the necessary license.

This problem is that it is no longer implementable because, as previously stated, it was out of sale last year and will be obsolete by next year. If they have to go to the new central solution intercept one, which I have only had limited experience with up to now, So there's nothing I could really say to other potential customers.

Keeping in mind our environment, I must say that we have a very complex environment at our university. And from that perspective, I would rate Sophos EPP Suite a five out of ten.

We use the Sophos suite for a lot of things. We use it for the DLP and we can use it for the EDR. We use it for mobile device management and in application control as well. Those are some of the main uses of the application.

The solution's most valuable aspect, for us, is the DLP portion of the product. 

It's just a good endpoint solution. I can't say that it's better or worse than any other product, however, it has a pretty good feature set. There are good rules, etc.

That application, so far, is actually able to tell us if there are any issues with the machine and what they are.

I'm not sure if the solution is missing anything. For us, it seems to be covering our needs quite well.

The solution has a strange technical support process where you need to move through all of these tiers before you can get to someone who can help you. They should streamline the process and make it easier to speak to the correct level of support from the outset.

SentinelOne has what they call a rollback feature. It would be great if something similar was added to Sophos.

We've been using the solution for the past six months.

We've only been using the solution for six months. That said, it appears to be stable. We haven't had any issues. There aren't bugs and glitches, at least, not that I've experienced. It doesn't crash. It's been good.

So far, we've been able to scale the solution quite well. In terms of where we are right now, it's scaling quite well to other parts of the organization, and the experience has been pretty painless so far.

We've probably got about 700 to 800 people on it so far. We have administrators, and then first-level users, which I guess are just reviewers or support, and then support teams. That's probably about it. The security team, which is what I'm a part of, too, has access to the solution for reporting purposes.

We've been in touch with technical support.

They're very responsive and very timely in their responses. We find them to be quite knowledgeable as well. That said, you hate everything with the first level call and the second level call and the third level call. However, for the most part, they're very timely.

This is our first EDR solution, I probably don't have much to compare it to.

The initial setup was not complex at all. It was a straightforward implementation. Everything was very simple.

We handled the implementation ourselves completely in-house. We didn't hire any integrators or outside consultants.

I'm not sure of what our licensing costs are. There are two and three-year packages available. I know we took a three-year package with a large discount applied to it. I'm not sure if there are different tiers, like silver or platinum. There might be. I don't know what the differences would be between them if there are.

I've seen other solutions such as SentinalOne, Carbon Black, and McAfee. I've seen them, however, to be truthful, I can't really explain what I'm missing and what features these options offer instead.

We're just a Sophos customer. We don't have a special relationship with the client.

We're using the latest version of the solution.

In terms of adopting this technology, I'd advise other organizations to work with their integration team and know the products in and out before getting started. They will have to spend a lot of time planning the process with Sophos. However, Sophos has a team that will help companies do that, which really helps simplify the process.

We personally didn't use them for the integration piece, but we did have the conversation with how to get it deployed, and testing, and all those kind of things within our environment.

I'd rate the solution nine out of ten.