Sophos EPP Suite Reviews

We use the solution in situations where clients need broad security. We use it as a firewall, HA, and as a VPN.

The solution integrates well with the Sophos Firewall. We have the advantage of better security and blocking capabilities. It can be locked with a firewall even if there's no antivirus. If something is not running, it can still block and quarantine content. 

There are a lot of great features.

There is very effective protection.

We can integrate it with other apps. We integrate it ourselves. The integration process is very easy.

The antivirus and endpoint security are good. It enhances protection.

It is not a heavy product. It's very light on the endpoints. 

The solution is stable. 

Technical support is good. 

The setup is easy.

It offers good pricing. 

There could be enhancements made to the DLP. It should have similar features that CrowdStrike or SentinelOne. They can protect the endpoint more effectively. Both of these solutions are better than Sophos; however, in our region, the pricing of Sophos is better. 

I've used the solution for five years. 

The stability is stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. I'd rate stability eight out of ten. 

I don't have many large customers and therefore did not really test the scalability. That said, Sophos has the ability to place the solution in remote sites to provide more security to distant endpoints. 

We do not implement the solution with big customers. 

We have 13 customers using the solution. 

Sophos' support is good. We haven't had issues when dealing with them.

Positive

I'm also familiar with CrowdStrike and SentinelOne, which are more expensive even though they have more useful features. 

We had used SonicWall as well. However, the pricing was not ideal, and the support was not good. The appliance of SonicWall does not have too much processing power either. It did not meet our needs. Sophos has a smaller footprint. We can use a smaller Sophos appliance compared to SonicWall. This made it cheaper while offering more processing power. 

The deployment in a company of my size takes less than one day. 

The management console is in the cloud, which makes it very easy to access. 

There were approximately seven people involved in the deployment. They found it to be very simple and straightforward. 

My team handled the initial implementation. We did the setup in-house. 

The pricing is pretty decent. It's a good price. I'd rate the solution eight out of ten. 

We do not sell this solution at a regular frequency, and therefore I can't speak to the exact pricing. 

We only really have three options in our region based on price constraints. We've tried SentinelOne or Palo Alto. However, the pricing makes it very difficult. Companies can't invest too much in devices such as these. 

We sell Sophos, among other solutions. 

Sophos is a good solution. We have had very few issues. It's stable and offers good cost-benefit.

The firewall is very secure, and we like that the console is on the cloud. There are a lot of really good points when looking at Sophos. 

I'd rate the solution nine out of ten. 

I am using Sophos EPP Suite for protecting the endpoint.

Sophos EPP Suite's most valuable feature is ease of use.

The solution could improve on the resource management, it is a bit heavy on the resources.

I have been using Sophos EPP Suite for approximately two years.

Sophos EPP Suite is stable.

I have found the solution to be scalable.

We have approximately 20 people using the solution in my organization.

The technical support should try to understand the customer inquiry better. There are times we have already explained the issue to the support and they still ask us to try something that we have already tried.

We previously used Windows Defender.

The installation is straightforward and takes approximately five minutes for one endpoint.

We did the implementation ourselves with a team of three. We have five managers, a technical team, and one admin involved with the solution.

We are on an annual license to use the solution.

I rate Sophos EPP Suite a nine out of ten.

Its primary use is for endpoint protection. 

Reduced our exposure to cyber risk while working from home during the pandemic.

It is doing its job. We use it for standard antivirus purposes and for making sure that people aren't downloading infected attachments. 

Because we use the cloud version, it is easy to maintain. We don't have to do anything to really maintain it. It gets updated automatically.

We use cloud services quite a bit. Therefore, I would like to see integration with other security tools besides endpoint so that I'm not managing different tools separately. I would prefer to have a single security solution for my laptop and for managing other security things like passwords.

I have been using this solution for over two years.

It is quite stable.

We haven't really tested the scalability because we are a small firm. We have just a few installations.

We haven't directly interacted with them. It is easy enough to self administer, so we haven't had the need to contact technical support.

It is very easy to set up.

Its installation is simple enough. We just installed it ourselves.

Price could always be lower of course, but I feel it is good value.

I would recommend this solution. It is a good solution for small firms that don't have very sophisticated requirements. If you are a large firm with a lot of specific requirements, then obviously, you need to do your homework, but for a small firm, it is fine. It is easy to install and administer.

I would rate Sophos EPP Suite an eight out of ten.

We use EPP Suite for a lot of things including DLP, EDR, device management, and application control.

The most valuable feature is data loss prevention.

The rollback feature that SentinelOne has would be a great addition to Sophos.

If we could bypass the first couple of levels of support when we have a problem then it would be easier and quicker when we need an issue resolved.

I have been using the Sophos EPP Suite for about six months.

This product has been very stable and we haven't had any issues.

We have been scaling its use to other parts of the organization and so far, that experience has gone fairly well. We have about 700 people using it at this point. The users include administrations, first-level users, who are reviewers, and the support team. The security team uses it for reporting purposes.

Technical support is very responsive and also very timely in their responses. It does take time to get through the first, second, and third-level calls, but for the most part, they are timely.

This is our first EDR product.

The initial setup is very simple.

Our in-house team deployed it. We did have a conversation with Sophos on how to get it deployed and testing it in our environment.

We purchased a three-year license, which gave us a large discount.

I have seen CarbonBlack and McAfee, although I have not worked with them enough to know the differences.

My advice for anybody who is implementing EPP Suite is to work with their integration team to learn the ins and outs of the product. They have got to spend a lot of time planning the process with Sophos, and Sophos has a team in place to help with that.

Overall, I would say that it is a good endpoint solution. I think that we're using every feature that they have. That said, I'm sure that there are some things that I'm missing.

I would rate this solution a nine out of ten.

We use the Sophos suite for a lot of things. We use it for the DLP and we can use it for the EDR. We use it for mobile device management and in application control as well. Those are some of the main uses of the application.

The solution's most valuable aspect, for us, is the DLP portion of the product. 

It's just a good endpoint solution. I can't say that it's better or worse than any other product, however, it has a pretty good feature set. There are good rules, etc.

That application, so far, is actually able to tell us if there are any issues with the machine and what they are.

I'm not sure if the solution is missing anything. For us, it seems to be covering our needs quite well.

The solution has a strange technical support process where you need to move through all of these tiers before you can get to someone who can help you. They should streamline the process and make it easier to speak to the correct level of support from the outset.

SentinelOne has what they call a rollback feature. It would be great if something similar was added to Sophos.

We've been using the solution for the past six months.

We've only been using the solution for six months. That said, it appears to be stable. We haven't had any issues. There aren't bugs and glitches, at least, not that I've experienced. It doesn't crash. It's been good.

So far, we've been able to scale the solution quite well. In terms of where we are right now, it's scaling quite well to other parts of the organization, and the experience has been pretty painless so far.

We've probably got about 700 to 800 people on it so far. We have administrators, and then first-level users, which I guess are just reviewers or support, and then support teams. That's probably about it. The security team, which is what I'm a part of, too, has access to the solution for reporting purposes.

We've been in touch with technical support.

They're very responsive and very timely in their responses. We find them to be quite knowledgeable as well. That said, you hate everything with the first level call and the second level call and the third level call. However, for the most part, they're very timely.

This is our first EDR solution, I probably don't have much to compare it to.

The initial setup was not complex at all. It was a straightforward implementation. Everything was very simple.

We handled the implementation ourselves completely in-house. We didn't hire any integrators or outside consultants.

I'm not sure of what our licensing costs are. There are two and three-year packages available. I know we took a three-year package with a large discount applied to it. I'm not sure if there are different tiers, like silver or platinum. There might be. I don't know what the differences would be between them if there are.

I've seen other solutions such as SentinalOne, Carbon Black, and McAfee. I've seen them, however, to be truthful, I can't really explain what I'm missing and what features these options offer instead.

We're just a Sophos customer. We don't have a special relationship with the client.

We're using the latest version of the solution.

In terms of adopting this technology, I'd advise other organizations to work with their integration team and know the products in and out before getting started. They will have to spend a lot of time planning the process with Sophos. However, Sophos has a team that will help companies do that, which really helps simplify the process.

We personally didn't use them for the integration piece, but we did have the conversation with how to get it deployed, and testing, and all those kind of things within our environment.

I'd rate the solution nine out of ten.

We primarily use the solution for endpoint protection. We use it as an antivirus and for web filtering.

There isn't an easy way to describe how it's helped our company. It's just a good source of protection.

The anti-malware and web filtering are the solutions most valuable aspects.

The solution has the capability to detect and prevent attacks.

The solution isn't quite accurate enough. It provides a lot of false positives.

For example, if you log onto the portal, you'll be able to see the endpoints. You'll see the health status, but when you click on one, you'll find everything right there, even though it might not be clear from the health status overview. The accuracy of the status needs to be better represented.

I've been using the solution for several years.

The stability is pretty good. the only complaint is the operation of the solution.

The solution is only capable of being used on a Linus or Mac. It's limiting.

We don't plan to increase usage at this time. We already use 80% of its capabilities and we don't plan to expand beyond that.

I'd rate the technical support as average. It's not outstanding, however, it's also not the worst we've dealt with.

I'm not sure if another solution was used previously. By the time I was hired, the company was already using Sophos.

The initial setup is pretty straightforward. It's a typical setup. It's just a regular implied agent.

I don't have any information about the cost or how much we pay. I'm not involved in the finance aspect of managing the solution.

Although I don't know the version number, I'm using the most up to date one.

I'd advise organizations considering implementing the solution to first consider their requirements. They need to know what they are looking for. There are a lot of vendors out there that offer many of the same features. However, if there's just one critical feature that's necessary, you need to be sure it will work correctly for your company.

You also need to make sure you are choosing something that is compatible with other solutions that intersect. We've had experiences where we thought that a certain piece of software would work with Sophos and we realized that it didn't.

I'd rate the solution seven out of ten.

We primarily use the solution on our endpoints for end-user security. We are planning to move to their new product, the XG.

The central management of the anti-virus features for our end user is a very valuable aspect of the solutions. 

We find it very good as a product. 

In the future, we're looking forward to having a new synchronization firewall on the endpoint.

The management console need improvement. 

I'd address the deployment side. If we could upgrade the deployment side to hand it off to the end-user, it would make it easier, as our campuses are far apart.

We'd appreciate if the solution could offer us assistance with a later deployment.

I've been using the solution for three or four years.

The stability is good. Everything is working fine at the moment.

The scalability is good. Our subscriptions are around 1500, and we have 600 to 700 users deployed. We don't plan to expand on-premises usage and will be moving to the cloud.

I was in touch with technical support last week, with the Phillippine country manager in Venado. So far, their assistance has been very helpful.

We previously used Trend Micro. We replaced it with Sophos. Trend Micro just didn't work for us. There were issues with the management file.

From our initial reporting, the system wasn't difficult to install. We didn't face any complexity or have any problems.

We need about four people for maintenance and deployment because we have different campuses.

We're looking forward to moving to the cloud and replacing our existing firewall when we move to Sophos XG.

I'd rate the solution eight out of ten.

The use case is that many businesses are trying to make an effort to secure their IT assets more rigorously. Right now, in 2020, and last year, in 2019, a lot of businesses became aware of the incidents that are happening in digital media with security issues. There were many incidents involving ransomware, hacking attempts, botnet — all those things. This made the people more aware and scared about the security of their systems. That is the reason we are selecting products to try and provide the best security endpoints possible for our clients. 

The main reason why we choose the Sophos EPP Suite is because of its capabilities to stop infections from spreading around the internal network once the problems have infiltrated it. For example, one computer gets infected. When that computer attempts to communicate with another computer — one client to another client — Sophos checks the behavior of the computer. It looks at what it is trying to communicate and what resources the computer is using. If it does something that is suspicious, like move an application that may be a virus, Sophos will stop the activity and disconnect the computer from the rest of the network immediately. It does this automatically without an administrator having to do or even be aware of anything. This is the main thing we like about the Sophos product. It is constantly monitoring all points and has the capability to detect and act on intrusions without other intervention.  

The area improvement is something very specific. Windows firewall security allows an exception where the user of a specific device can turn the firewall on or off. We need to configure our Windows firewall security in an active directory via group policy. We do not want to allow the exception or for individual users to be able to make this change. When using Sophos, instead of doing this in an active directory, we have to create a policy on the Sophos portal itself. In the Sophos policy, we can indicate which port is allowed and which port is not allowed for the Windows firewall and how it is handled.  

Previously, we were using ESET smart security which also has a Windows firewall base. We could control each and every link and port for everything. Like for people taking their desktop remotely, we could allow VNC (Virtual Network Computing) remote connections on a specific port only. All other ports are blocked from this type of access. This feature is something only ESET had. I am pretty much sure Sophos does not have this kind of policy available. They should make this adaptation. The rest of the Sophos product and the technology and utility of the suite is beautiful. I believe all network system administrators would be glad to have this feature. 

What I would also like to see added is information about update compatibilities. This should be included in a notification for upgrades from Sophos as to whether there is any reason to update Windows for Endpoint or not. The problem stems from the fact that Microsoft is releasing these updates and the patches for security every month. A lot of those patches have issues and incompatibilities. After Microsoft releases the updates, they sometimes have to release a fix to the update with patches. They usually do this in the next two to three days. It would be helpful if Sophos did the testing of the updates to inform all their clients so we can be sure these updates are OK. Then, in turn, we can inform our clients if updates are compatible with their servers or not.  

We deploy this solution to clients and have only been deploying it for several months after testing at our facilities.  

I do not have any experience regarding technical support for Sophos EPP directly. But to compare that to the technical support from SonicWall, which I researched on the web, the technical support for Sophos is currently just as good. I don't know personally. From what I have read, they responsive and they are quick to give users a solution. They resolve problems in a few seconds or within five minutes or ten minutes and are as fast and as accurate as SonicWall support. Once we engage in the full licenses, then we'll be able to find out for certain how the Sophos people will respond to help me out for any incidents that we have.  

We did not really previously use a particular solution — for ourselves or our clients — that will take care of all the things that the Sophos suite will as a unified product. We are constantly evaluating different products by checking out demos. We have used Sophos products for ourselves and with clients in the past but we still need to activate the Sophos EPP (Endpoint Protection Platform) for ourselves internally with formal licenses. We previously had a license and it is still valid, but we need to upgrade for more users.  

The solution we are using right now with most clients is ESET (Essential Security against Evolving Threats) Endpoint Security. We are going to Sophos Intercept X to replace this. We had also been looking into how Intercept X works with the endpoint firewall including how well they communicate with each other and how that may impact our infrastructure. So I've been very interested in the concept of adopting Sophos. As soon as possible, we will get the licenses. About 250 client machines and 55 for our actual and virtual servers.  

I very much impressed with the Sophos product called Intercept X. It is  a wonderful concept because it is protecting the end-user in a different way. It is working with a proactive model, not just an active model. So now Sophos will be actively protecting us before some problem is acquired by our systems.  

Our current antivirus solution will expire on the 8th of February in 2020. Before that date, we will activate Sophos for our organization backup systems to do further testing. We are currently using a third-party product called Mimecast for email security. We still have one year on the licenses for that. So Mimecast will expire in 2021. Then we will be ready to adopt the Sophos solution that fills this need. We are starting with the Sophos Endpoint solution first, and in July next year, we will check how everything is going with the Endpoint solution and hopefully we will see everything is going well. Then we will move forward adopting additional Sophos products. We will improve like that, one by one, to unify our solutions into the Sophos Suite.

We are currently checking into the actual licensing costs. We are waiting for a quotation for 250 end-users and 55 service licenses. We are hoping for a reduced contract price by directly contacting the Sophos company for the licenses. Because we are in the UAE, they have a lot of connecting partners for Sophos already, so it is hard to say if they need more partners or that they will want to give a significant discount. We still think we hold significant interest for them.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos as a nine.