Sophos Intercept X Reviews

It's an endpoint, which means it's an antivirus that you must install on your server, laptop, or customer PC. As a result, it can be on-premises for Windows or Linux. You can also install this endpoint if you host a server on that cloud.

This is a sophisticated antivirus with numerous features. It has AI, (Artificial Intelligence), it can stop viruses, malware, and ransomware, as well as protect the PC you are using, the server you are using, and all of your workstations.

Intercept X has versions, such as Intercept X, Intercept X Advanced, and Intercept X Advanced with XDR. It requires a long technical explanation, but in brief, it can protect you from being attacked or hacked, because it protects the OS, your operating system, from being compromised. 

It's a complete antivirus solution that has everything in it.

It is one of the best in terms of technicality.

If we can lower the price, it will be fantastic because it will generate more revenue for us.

We have been working with  Sophos Intercept X for the past eight years.

Sophos Intercept X is a stable product.

It's a scalable product. You can deploy 100, or you can deploy one, or even 1,000. It is very scalable. 

We have 30 customers and each customer has a different number of users. Some clients have hundreds of Intercept X, some have 50, and yet others have 10. As a result, it is dependent on the company. It depends on the number of computers they have. We have a wide range. One of the clients has 800 users, which is a ministry.

I don't have any issues with the technical support. 

Both the Dubai and UAE teams regularly check in with us to see how we're doing and if we require any assistance. They are constantly monitoring the GCC region. They are doing an excellent job.

We have other solutions such as Kaspersky, and Heimdal.

The setup is simple and straightforward. However, you must have at least an operating system that supports it, if not the most latest version of Windows. I don't mean XP or Vista, but something that is already supported, because Microsoft doesn't even support all of the operating systems. As a result, you won't be able to use it on Windows XP or Windows 7. It must be a current operating system, such as Mac, Linux, or Windows.

If you have a small environment, you need one person to maintain it. If you have a large environment, you need two or three. It really depends on when you want to complete it. If for example, you have a building and you want to build it in one year, you will need 20 to 40 people to maintain it. 

If you have a building that you want to be built within 10 years, you can have two to maintain it. It all depends on the environment, the customer, and the deadline set for the project's completion.

It is an annual subscription, rather than a monthly one. It's paid annually.

You can pay monthly, but most of our customers choose annual subscriptions because they are less expensive.

It could be less expensive. We would be grateful because there are cheaper antivirus solutions and cheaper endpoint solutions on the market, but they do not have the same features. We defend Sophos to our customers and explain why they should choose Sophos.

There are also products that are more expensive on the market. Sophos is not the cheapest, and it is not the most expensive. It's in the middle.

We deploy all Sophos products.

I would definitely recommend Sophos Intercept and Sophos Intercept X, as well as Sophos Intercept X Advanced and other variants to our customers, this is what we do. We do this for current customers who do not have Sophos and show them the difference and benefits.

Sophos Intercept X is managed from the cloud. Today, 10 years back, seven years back, or eight years back, you had to have a server to control the Intercept X.

We haven't had any issues. We have other antivirus solutions, but this is the best-selling product so far. 

Many customers who had been hacked had abandoned their previous antivirus, and we deployed Sophos Intercept Advanced with XDR for them, including ministries and the public sector in Kuwait.

Because everything is in the cloud, you can manage your deployed Intercept X from a single console. As a result, my score is 10 out of 10.

When Intercept X came out, the primary use case was stopping ransomware. It was one of the first products to claim that capability. When I was evaluating them back then, it was the only one I considered effective at analyzing and identifying where the infection started. 

The synchronized security also helped because the firewall could isolate workstations that had the infection or were in the path of infection.

The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back. 

Sophos made such good headway with it because it wasn't traditional endpoint protection. It has a lot of additional capabilities, including web content filtering. It also has the ability to understand the traffic it was seeing at the endpoint, 

It's sitting on the endpoint, so you don't have to worry about encryption messing up the intelligence that it could get out of the traffic. It was able to pinpoint where the infection was able to get ahead of Intercept X. It was called Intercept X because it can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection.

It's hard to say what could be improved because we're in the middle of an endpoint protection arms race, and there are constant improvements on all fronts in Fortinet, Sophos, and products.

They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention.

I have been using Intercept X since it came out. It hasn't been out that long. Sophos has always had an endpoint client, but Intercept X added new technology. The whole idea of being able to drill down to do a root cause analysis was a novel approach to the endpoint game. 

Intercept X is highly stable

Sophos has the flexibility to scale from one user to a data center, but I've primarily used Sophos for small to medium-sized businesses.

I was impressed the last time I called Sophos support. They have a "follow the sun" philosophy with coverage from tech support centers from around the world. Sophos began as a British company, and Fortinet is a Canadian company. 

Sophos and Fortinet have a firewall solution that can work in small business or home office situations, where you might have only one or two people protected by the techn. Still, yout you can look at it through a single pane of glass and see all of the different work sites you're protecting. 

Sophos goes one step further with what it calls its RED product, which basically is a hardware firewall that travels with somebody. Say you have an executive in your company and you want to zero in to protect his or her workstation from infection and have control over it to manage its defenses. RED is a great product to do that. Fortinet and Sophos both have strong management capabilities for remote offices and offer centralized management through a cloud application.

The basic setup is decent by itself. I have not had to do a lot of tweaking with either one of these products.

I rate Sophos Intercept X nine out of 10. Its reporting, alterts, and configuration capabilities make it a formidable product. It's a great product that works as advertised. I haven't seen any serious conflicts between it and other products, whereas I wouldn't put some endpoint protection products on the same endpoint.

You have to do some work there, but generally speaking, there's always been a case where I've been able to have more than one product. It's probably the best of all the products that I work with because I've had Malwarebytes installed together with Sophos and FortiClient without undue pain. There are some others that I won't mention without that same track record.

We are using Sophos Intercept X for endpoint protection.

Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter. 

Whenever a user gets infected, as an admin, we get notified. We have many options to pick from, the ability to send policies to the endpoints is a very good feature that they have.

Whenever there is an update all the agents on the end-users systems automatically update.

We have the option of caching updates on the network, which allows us to save on bandwidth. For example, if we have 100 people in the office, we can deploy an internal caching server or a message link server, so not all computers need a connection to Sophos onto the cloud.

Sophos Intercept X integrates with their other solution very well, such as the XG Firewall. The feature is called Synchronized Security.

From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial.

I have been using Sophos Intercept X for approximately five years.

Sophos Intercept X is highly stable.

I have found Sophos Intercept X to be scalable.

We have approximately 40 clients using this solution.

I'm a Sophos certified architect to myself, and as a partner, from the vendor, we have excellent support. We have not had a problem with the technical support, they are always available for communication, such as online chat or on-call.

We have used Kaspersky, ESET, Bitdefender, and Symantec solutions.

The installation is very easy. If someone is not on the network, you can send them an invite by email and they would only need to install the agent, and everything will work perfectly.

The time the installation takes depends on the internet connection. Sometimes it takes only five minutes and other times it can take up to 10 minutes. It all depends on the connection because it has to download the installer.

The end-user can install the solution themself. It is very easy. It is only a two to three-step process it is complete. 

Many people are using this solution and some customers don't even have IT managers, we provide them manage services I this case.

The solution has great protection against anti-ransomware and all of the zero-day threats. The ROI is very good.

There is a license required to use this solution.

If it's a managed services provider contract that we have with the customer, then they pay monthly. Depends on the customer, what the requirements are. They can pay either monthly or annually to us, but we have to pay annually to the vendor.

Before choosing Sophos Intercept X we evaluated Kaspersky, ESET, Bitdefender, and Symantec. For some of our clients who are using the other products, now they've shifted to Sophos Intercept X.

I would recommend this solution to others.

I rate Sophos Intercept X a ten out of ten.

Sophos Intercept X is the antivirus protection of my choice and my client's choice because it does not only malware, antivirus, and Trojan protection but also anti-exploit protection. It has a quarantine process as well. It does all of the usual antivirus plus the anti-exploit and anti-ransomware processes.

One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it.

I look at all my network workstations and laptops, and if any one of them has some issues with updates or receives a notification, then the server console in the cloud will send me an email as well.

I like it's user interface, cloud integration, and the GUI. It's easy to work with it with clients.

I also like Sophos Intercept X because I can install it on a computer, and if it's set for tamper proof, then nobody can uninstall the program.

As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of.

I've been working with Sophos Intercept X ever since it was released three years ago.

It is a cloud solution. The installation is local on the device, but it communicates to the cloud where the cloud server manages the reports, notifications, and licensing.

My impressions of the stability of Intercept X is that it's excellent.

The scalability is not a problem at all.

I've received really good technical support. They're amazing.

I've had experience with other antivirus programs such as Trend, Norton, and McAfee, and they just flag it and indicate that you are infected. However, Sophos has always taken care of things. This way, if my users don't know what to do with a popup, at least I know that Sophos will just grab it, quarantine it, and protect the user.

Sophos is easy to install and easy to manage, and I have had no issues with it. I've had better protection and quarantining features with Sophos Intercept X.

On a scale from one to five, where one is complex and five is easy, I'd rate the initial setup at four. This is because sometimes you'll get a popup asking you to reboot, but actually, if you've installed it a few times, you know that you have to reboot it after the installation. So, there are a couple of popups that don't make it seamless.

If I've got 10 new workstations with a new client and I've sold them 10 licenses and one server, I will have that set up in the cloud as soon as I get the license. It will probably take half an hour to set that up. I can then start adding computers instantly. To install 10 computers, it would take about five hours.

My team and I implement it. We also, sometimes, walk a client through the process remotely.

Sophos Intercept X is a good protection service package for small businesses and large corporations. You can have two computers, five computers, or 5,000 computers, and it'll be just as easy to manage.

I haven't had any issues with ransomware since I began using anti-exploit. I trust Sophos Intercept X and rate it at ten on a scale from one to ten.

We are using Sophos Intercept X for network and system security.

The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform.

Most of my clients I have central management, they receive updates automatically.

There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device.

I have been using Sophos Intercept X since it has been released, it has been many years.

Sophos Intercept X is very stable. However, we had a few issues when Apple released Big Sur. At the time the version of Sophos Intercept X that was running on the Macs wouldn't work properly with Big Sur. We had to install a beta, but that problem was resolved fairly quickly.

Sophos Intercept X is highly scalable.

I have found the Sophos office staff to be far more responsive than other vendors, such as Sonic Wall which is awful. I dealt with them for a number of years and I finally couldn't stand it anymore. I felt that Dell destroyed them.

I have been very pleased with tech support. As a partner, I have access directly to their engineers and developers. Their technical support is superior.

The initial setup is very straightforward.

In the centrally managed environments, you create a downloadable install that you can either email to the end-user or, can have available on thumb drives for customers to install. Once it's installed, it's automatically kept up to date with the most current version.

The price of Sophos Intercept X is competitive.

I'm looking at moving to the EDR version of Sophos because I have a number of clients that have extremely critical data. One of them handles a lot of money for their clients, and the others are lawyers. The security of not only their own information, but their client information, is critical to them. The Intercept X EDR offering is starting to look like it might be a good solution for several of them because of the live monitoring of the threat attempts on their endpoints.

The EDR is an additional managed service that's a component of the antivirus, where depending upon which level you choose, you either have a team that is monitoring responses from your system, or at a higher level, you have dedicated resources that are monitoring your systems. If there's an alert, they immediately respond to that alert and research it, not only quarantine it, the AV quarantines it, but with the EDR function, it alerts the Sophos team that there has been a potential issue, and they'll immediately begin to research it.

My advice to others would be to use centralized management because it makes it much easier to implement, manage, track the installations, and the day-to-day usage. With the central management, you can see every PC or Mac that's connected, any activity, and any issues. You can narrow any issue down to the computer if it's had to quarantine anything. Additionally, you can tell how long it's been since the computer last communicated. It's a very powerful tool, I would recommend it. To the extent their clients are willing to accept the central manager, it is the best option.

I rate Sophos Intercept X a nine out of ten.

We primarily use the solution for security. We protect the computer network from threats as some users had some kinds of malicious threats. We have some policies for web control. and have used this solution to find some unwanted traffic and some unwanted site access by some users. 

The server protection has been great. That's been the best thing for us.

The reporting has been very useful.

 We have found that the EDR functionality has been very good.

The setup process has been very simple. 

The solution has been very stable so far.

You can scale the solution if you need to, and it is an easy process.

We have found the pricing to be reasonable.

We would like the solution to be more complete so that we don't have to involve so many third parties.

We would like more application control in order to be able to schedule times and access. For example, we'd like to set it so that certain documents can only be accessed between 8 AM and 4 PM.

We did a POC with the solution that lasted six months. It's been in the production environment for three months. Therefore, for almost nine months we have been running on Sophos.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We have about 450 devices on this solution.

Currently, we have 3 administrators. There are only 2 super admins and 2 other users for the control panels, et cetera.

We use this solution on a daily basis.

The product is scalable. After we purchased only one user license, we decided to do an installed service also. It's a one or two-minute process in order to provide a temporary license for 1 month and, after that, we hope to stay covered. Therefore, we do have plans to increase usage.

Technical support has been good. During the installation process, we had the principal change, and it didn't affect the process. They have been very helpful so far. We have no complaints. 

We did use Kaspersky.

There were ultimately some issues with the Kaspersky team in Sri Lanka and with the principal in Kenya. We didn't have support from the principal. We had issues for two or three years. We ended up having to change the product and we were with Kaspersky for maybe 8 years.

The initial setup is not difficult to manage. It's very easy and very straightforward. 

With six people we were able to complete the setup.

So far, the maintenance has been little to now. The deployment that is connected to the internet automatically updates, and sort of maintains itself.

We did have some external help for the implementation process. 

The pricing is good.

For testing purposes, we did try a variety of solutions. This product, however, was simple, the cloud was good, and the pricing was reasonable. 

We are using the latest version of the solution.

We are using the cloud version of Sophos, however, there are some computers that are not connected to the internet, so we have to install something locally on-site as well. We are half on-premise and half in the cloud.

I would recommend the solution to other companies.

We've been satisfied with its capabilities. I would rate it at a nine out of ten.

We use Sophos Intercept X to protect the endpoint devices in our organization, such as PCs and MacBooks.

Sophos Intercept X is a full package. It's more than only an antivirus solution to find the malicious code. We also use it to filter malicious websites and detect applications that have been outlined in our corporate policy.

The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features.

The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle.

The majority of our systems are Apple-based, this issue is more noticeable on the Apple platforms.

I have been using Sophos Intercept X for approximately two years.

The stability or performance of Sophos Intercept X is good. However, sometimes users have needed to have their configuration fine-tuned to allow better performance.

We have approximately 50 users using this solution.

We use Sophos Intercept X extensively and we use everything the solutions offer.

The support I have experienced from Sophos Intercept X was great.

I would rate the support from Sophos Intercept X a five out of five.

I have used other solutions other than Sophos Intercept X in other organizations but it has been over two years ago.

I have been using Sophos Intercept X for over two years, in the beginning, the initial setup was straightforward but because they do not fully support the Apple platform, or they're pretty slow at supporting the Apple platform, the latest version supporting Apple is a little bit cumbersome to use. You need to walk the user through the process with some specific instructions or help the user directly. It's not as easy as it used to be.

I would rate the implementation process of Sophos Intercept X a four out of five.

We did the implementation of Sophos Intercept X in-house.

I do the maintenance of the solution. We are a smaller company and I am sufficient for the maintenance of the solution.

I have found the price of Sophos Intercept X to be reasonable.

I would advise others that they have to look at their environment to determine if this solution would be best suited. Sophos Intercept X for a small business that has a mix of PCs, MacBooks, and has the need for multiple security controls, this tool fits us well. For different environments, the organization might need other or additional tools. For example, if they may need threat protection. There are different vendors that may have an edge in certain areas than Sophos Intercept X has. For us, we need a balanced, multi-pronged approach for securing in our environment, Sophos Intercept X works well.

I rate Sophos Intercept X an eight out of ten.

This product is basically used for detecting ransomware. It will monitor all of the ransomware threats. Since the first ransomware attack happened in 2017, WannaCry, it has been a global threat. It is a vulnerability that is impacting a lot of devices and computers in the network.

Ransomware threats have been identified as one of the first priorities in the entire info security segment. Information security consists of various things including endpoint detection, threat detection, and then your SIEMs like QRadar or ArcSight.

At the early point of detection, Sopho is going to stop the ransomware. The question that has been there since 2017 is how it will identify the ransomware and how does it stop the attack from happening to the network. WannaCry was the first large ransomware attack, which has impacted various regions and is a very high severity threat. Since then, a lot of things have been lined up for mitigating the risk, like WannaCry.

improved considerably

Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities. There is no human intervention in some cases, which is the trend that is happening with most of these products. High-end products and sophisticated products include machine learning capabilities for detecting the threats.

There are hackers who hack the artificial intelligence component using artificial intelligence itself. These sophisticated hackers are using AI capabilities, and the problem is that with no human intervention, machine learning can be defeated. The consequence is that somebody still has to keep watch and monitor the detection from the threat scanning.

Better protection in the endpoint, server, and mobile is needed. Those three areas should be fully protected. It should stop ransomware from installing, it should stop it from deploying, and it should also block unauthorized file encryption. In summary, it should have more protection, better detection, and better response.

We have been using Sophos Intercept X for more than two and a half years.

Sophos Intercept-X is a stable solution and we plan to continue using it in the future.

This is a scalable product and we have more than 7,500 devices connected to the network.

The technical support is 24x7 and it is good. They have different points of contact within the support regions like India, Singapore, and various other regions.

We have Sophos running in parallel with Sophos Cloud, in some of the regions.

The initial setup is quite simple and it will take a couple of hours.

I and my team deploy and maintain this solution. The deployment happens on the cloud.

This is a good solution but that said, there are breaches that are happening, and they are happening using AI. So, the attackers are also that sophisticated and it means that somebody has to sit and do the human check as well.

Ultimately, what happens is that the threats are found, and then the response action is taken based on the outcome of all these steps.

This is a product that I can recommend to others. The DR has better capabilities, as it's powered by machine learning.

I would rate this solution a seven out of ten.