Sophos Intercept X OverviewUNIXBusinessApplication

Sophos Intercept X is the #6 ranked solution in EDR tools and #9 ranked solution in endpoint security software. PeerSpot users give Sophos Intercept X an average rating of 8.4 out of 10. Sophos Intercept X is most commonly compared to Microsoft Defender for Endpoint: Sophos Intercept X vs Microsoft Defender for Endpoint. Sophos Intercept X is popular among the large enterprise segment, accounting for 43% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Sophos Intercept X Buyer's Guide

Download the Sophos Intercept X Buyer's Guide including reviews and more. Updated: March 2023

What is Sophos Intercept X?

Sophos Intercept X is an EPP (endpoint protection for business) tool that uses deep learning malware detection, exploit prevention, anti-ransomware, and more, to stop attacks. The solution has key security capabilities to protect your company’s endpoints. Sophos Intercept X is a well-thought-out and designed solution that is comprehensive. Large companies with an IT team and many endpoints to protect are the most suitable for this solution.

Sophos Intercept X Features

Sophos Intercept X has many valuable key features. Some of the most useful ones include:

  • Malware detection: The Sophos Intercept X platform uses artificial intelligence (AI) to proactively identify malware threats.
  • Anti-ransomware and exploit prevention: Sophos Intercept X designed solutions for CryptoGuard and exploit prevention.
  • EDR and managed threat response: The Threat Analysis Center is Sophos Intercept X’s endpoint detection and response product. The Threat Analysis Center breaks down where the threat originated and maps out its attack chain. It also suggests next steps, helping you quickly isolate compromised endpoints to stop an attack from spreading.
  • Central console: The platform comes with Sophos Central, a web-based console centralizing all endpoint security capabilities into one interface. This feature allows you to set security policies, alerts, and other configurations from a single location.
  • Reporting and analytics: Its analytics help IT teams monitor the health of networks and create greater effectiveness in identifying security issues. The reports help proactively flag security flaws, such as unprotected endpoints, before an attack strikes. Some reports include scheduling abilities as well.

Sophos Intercept X Benefits

There are many benefits to implementing Sophos Intercept X. Some of the biggest advantages the solution offers include:

  • Extensive collection of security products: Sophos offers an extensive collection of security products, making it a complete tool for all of your security needs.
  • Separate dashboards: The solution’s separate dashboards can accommodate your company’s diverse products. The dashboards include graphs and alerts detailing the status of your network.
  • Intuitive interface: The solution’s interface is intuitive and clearly labels the platform’s various features. This makes navigation simple and quick when jumping between functionality from endpoint protection to email security management.
  • Useful resources: The Sophos portal provides a lot of help content, including an online self-serve knowledge base with articles and how-to video walkthroughs. In addition, the platform conveniently links you to relevant help content directly within Sophos Central.

Reviews from Real Users

Sophos Intercept X is a solution that stands out when compared to many of its competitors. Some of its major advantages are its ease of management, effective blocking capabilities, and good security.

A President at a tech vendor says, "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."

PeerSpot reviewer Ashis D., Hybrid Cloud Engineer at a tech services company, comments, “So far, the solution has met all our expectations. It's blocked malicious websites effectively and stopped people from going to places online that they shouldn't be going to. It's automatic. We simply took the default settings and we were finding people right away that were going to illicit sites, and we were able to see that easily in the console. The package we use also comes with spam filtering features, which are quite useful.”

Mike P., Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC, states, "The most valuable feature of Intercept X is its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because I could go in and get it back."

An Information Systems Coordinator at an insurance company mentions, “It's very good at security and protection. It offers very good reports.”

Sophos Intercept X was previously known as Intercept X.

Sophos Intercept X Customers

Flexible Systems

Sophos Intercept X Video

Sophos Intercept X Pricing Advice

What users are saying about Sophos Intercept X pricing:
  • "You can pay monthly, but most of our customers choose annual subscriptions because they are less expensive."
  • "There is a license required to use this solution."
  • "The price of Sophos Intercept X is competitive."
  • "I have found the price of Sophos Intercept X to be reasonable."
  • Sophos Intercept X Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Pre-sales manager at National Information Technology Company
    Real User
    Top 5Leaderboard
    Complete solution, scales well, is reliable, has competitive pricing, and has excellent technical support
    Pros and Cons
    • "It is one of the best in terms of technicality."
    • "If we can lower the price, it will be fantastic because it will generate more revenue for us."

    What is our primary use case?

    It's an endpoint, which means it's an antivirus that you must install on your server, laptop, or customer PC. As a result, it can be on-premises for Windows or Linux. You can also install this endpoint if you host a server on that cloud.

    This is a sophisticated antivirus with numerous features. It has AI, (Artificial Intelligence), it can stop viruses, malware, and ransomware, as well as protect the PC you are using, the server you are using, and all of your workstations.

    Intercept X has versions, such as Intercept X, Intercept X Advanced, and Intercept X Advanced with XDR. It requires a long technical explanation, but in brief, it can protect you from being attacked or hacked, because it protects the OS, your operating system, from being compromised. 

    What is most valuable?

    It's a complete antivirus solution that has everything in it.

    It is one of the best in terms of technicality.

    What needs improvement?

    If we can lower the price, it will be fantastic because it will generate more revenue for us.

    For how long have I used the solution?

    We have been working with  Sophos Intercept X for the past eight years.

    Buyer's Guide
    Sophos Intercept X
    March 2023
    Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
    690,226 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    Sophos Intercept X is a stable product.

    What do I think about the scalability of the solution?

    It's a scalable product. You can deploy 100, or you can deploy one, or even 1,000. It is very scalable. 

    We have 30 customers and each customer has a different number of users. Some clients have hundreds of Intercept X, some have 50, and yet others have 10. As a result, it is dependent on the company. It depends on the number of computers they have. We have a wide range. One of the clients has 800 users, which is a ministry.

    How are customer service and support?

    I don't have any issues with the technical support. 

    Both the Dubai and UAE teams regularly check in with us to see how we're doing and if we require any assistance. They are constantly monitoring the GCC region. They are doing an excellent job.

    Which solution did I use previously and why did I switch?

    We have other solutions such as Kaspersky, and Heimdal.

    How was the initial setup?

    The setup is simple and straightforward. However, you must have at least an operating system that supports it, if not the most latest version of Windows. I don't mean XP or Vista, but something that is already supported, because Microsoft doesn't even support all of the operating systems. As a result, you won't be able to use it on Windows XP or Windows 7. It must be a current operating system, such as Mac, Linux, or Windows.

    If you have a small environment, you need one person to maintain it. If you have a large environment, you need two or three. It really depends on when you want to complete it. If for example, you have a building and you want to build it in one year, you will need 20 to 40 people to maintain it. 

    If you have a building that you want to be built within 10 years, you can have two to maintain it. It all depends on the environment, the customer, and the deadline set for the project's completion.

    What's my experience with pricing, setup cost, and licensing?

    It is an annual subscription, rather than a monthly one. It's paid annually.

    You can pay monthly, but most of our customers choose annual subscriptions because they are less expensive.

    It could be less expensive. We would be grateful because there are cheaper antivirus solutions and cheaper endpoint solutions on the market, but they do not have the same features. We defend Sophos to our customers and explain why they should choose Sophos.

    There are also products that are more expensive on the market. Sophos is not the cheapest, and it is not the most expensive. It's in the middle.

    What other advice do I have?

    We deploy all Sophos products.

    I would definitely recommend Sophos Intercept and Sophos Intercept X, as well as Sophos Intercept X Advanced and other variants to our customers, this is what we do. We do this for current customers who do not have Sophos and show them the difference and benefits.

    Sophos Intercept X is managed from the cloud. Today, 10 years back, seven years back, or eight years back, you had to have a server to control the Intercept X.

    We haven't had any issues. We have other antivirus solutions, but this is the best-selling product so far. 

    Many customers who had been hacked had abandoned their previous antivirus, and we deployed Sophos Intercept Advanced with XDR for them, including ministries and the public sector in Kuwait.

    Because everything is in the cloud, you can manage your deployed Intercept X from a single console. As a result, my score is 10 out of 10.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    PeerSpot user
    Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
    Reseller
    Top 5
    It can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection
    Pros and Cons
    • "The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
    • "They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."

    What is our primary use case?

    When Intercept X came out, the primary use case was stopping ransomware. It was one of the first products to claim that capability. When I was evaluating them back then, it was the only one I considered effective at analyzing and identifying where the infection started. 

    The synchronized security also helped because the firewall could isolate workstations that had the infection or were in the path of infection.

    What is most valuable?

    The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back. 

    Sophos made such good headway with it because it wasn't traditional endpoint protection. It has a lot of additional capabilities, including web content filtering. It also has the ability to understand the traffic it was seeing at the endpoint, 

    It's sitting on the endpoint, so you don't have to worry about encryption messing up the intelligence that it could get out of the traffic. It was able to pinpoint where the infection was able to get ahead of Intercept X. It was called Intercept X because it can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection.

    What needs improvement?

    It's hard to say what could be improved because we're in the middle of an endpoint protection arms race, and there are constant improvements on all fronts in Fortinet, Sophos, and products.

    They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention.

    For how long have I used the solution?

    I have been using Intercept X since it came out. It hasn't been out that long. Sophos has always had an endpoint client, but Intercept X added new technology. The whole idea of being able to drill down to do a root cause analysis was a novel approach to the endpoint game. 

    What do I think about the stability of the solution?

    Intercept X is highly stable

    What do I think about the scalability of the solution?

    Sophos has the flexibility to scale from one user to a data center, but I've primarily used Sophos for small to medium-sized businesses.

    How are customer service and support?

    I was impressed the last time I called Sophos support. They have a "follow the sun" philosophy with coverage from tech support centers from around the world. Sophos began as a British company, and Fortinet is a Canadian company. 

    Which solution did I use previously and why did I switch?

    Sophos and Fortinet have a firewall solution that can work in small business or home office situations, where you might have only one or two people protected by the techn. Still, yout you can look at it through a single pane of glass and see all of the different work sites you're protecting. 

    Sophos goes one step further with what it calls its RED product, which basically is a hardware firewall that travels with somebody. Say you have an executive in your company and you want to zero in to protect his or her workstation from infection and have control over it to manage its defenses. RED is a great product to do that. Fortinet and Sophos both have strong management capabilities for remote offices and offer centralized management through a cloud application.

    How was the initial setup?

    The basic setup is decent by itself. I have not had to do a lot of tweaking with either one of these products.

    What other advice do I have?

    I rate Sophos Intercept X nine out of 10. Its reporting, alterts, and configuration capabilities make it a formidable product. It's a great product that works as advertised. I haven't seen any serious conflicts between it and other products, whereas I wouldn't put some endpoint protection products on the same endpoint.

    You have to do some work there, but generally speaking, there's always been a case where I've been able to have more than one product. It's probably the best of all the products that I work with because I've had Malwarebytes installed together with Sophos and FortiClient without undue pain. There are some others that I won't mention without that same track record.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Sophos Intercept X
    March 2023
    Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
    690,226 professionals have used our research since 2012.
    Muzamil Yakub - PeerSpot reviewer
    Chief Executive Officer at Infoview Limited
    Real User
    Top 5
    Beneficial policy management, automatic endpoint updates, simple installation
    Pros and Cons
    • "Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter."
    • "From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."

    What is our primary use case?

    We are using Sophos Intercept X for endpoint protection.

    What is most valuable?

    Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter. 

    Whenever a user gets infected, as an admin, we get notified. We have many options to pick from, the ability to send policies to the endpoints is a very good feature that they have.

    Whenever there is an update all the agents on the end-users systems automatically update.

    We have the option of caching updates on the network, which allows us to save on bandwidth. For example, if we have 100 people in the office, we can deploy an internal caching server or a message link server, so not all computers need a connection to Sophos onto the cloud.

    Sophos Intercept X integrates with their other solution very well, such as the XG Firewall. The feature is called Synchronized Security.

    What needs improvement?

    From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial.

    For how long have I used the solution?

    I have been using Sophos Intercept X for approximately five years.

    What do I think about the stability of the solution?

    Sophos Intercept X is highly stable.

    What do I think about the scalability of the solution?

    I have found Sophos Intercept X to be scalable.

    We have approximately 40 clients using this solution.

    How are customer service and support?

    I'm a Sophos certified architect to myself, and as a partner, from the vendor, we have excellent support. We have not had a problem with the technical support, they are always available for communication, such as online chat or on-call.

    Which solution did I use previously and why did I switch?

    We have used Kaspersky, ESET, Bitdefender, and Symantec solutions.

    How was the initial setup?

    The installation is very easy. If someone is not on the network, you can send them an invite by email and they would only need to install the agent, and everything will work perfectly.

    The time the installation takes depends on the internet connection. Sometimes it takes only five minutes and other times it can take up to 10 minutes. It all depends on the connection because it has to download the installer.

    What about the implementation team?

    The end-user can install the solution themself. It is very easy. It is only a two to three-step process it is complete. 

    Many people are using this solution and some customers don't even have IT managers, we provide them manage services I this case.

    What was our ROI?

    The solution has great protection against anti-ransomware and all of the zero-day threats. The ROI is very good.

    What's my experience with pricing, setup cost, and licensing?

    There is a license required to use this solution.

    If it's a managed services provider contract that we have with the customer, then they pay monthly. Depends on the customer, what the requirements are. They can pay either monthly or annually to us, but we have to pay annually to the vendor.

    Which other solutions did I evaluate?

    Before choosing Sophos Intercept X we evaluated Kaspersky, ESET, Bitdefender, and Symantec. For some of our clients who are using the other products, now they've shifted to Sophos Intercept X.

    What other advice do I have?

    I would recommend this solution to others.

    I rate Sophos Intercept X a ten out of ten.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Peter Forster - PeerSpot reviewer
    Network Administrator at Sechelt Indian Band
    Reseller
    Top 20
    Is easy to install and manage, and has anti-exploit protection
    Pros and Cons
    • "One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
    • "As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."

    What is our primary use case?

    Sophos Intercept X is the antivirus protection of my choice and my client's choice because it does not only malware, antivirus, and Trojan protection but also anti-exploit protection. It has a quarantine process as well. It does all of the usual antivirus plus the anti-exploit and anti-ransomware processes.

    What is most valuable?

    One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it.

    I look at all my network workstations and laptops, and if any one of them has some issues with updates or receives a notification, then the server console in the cloud will send me an email as well.

    I like it's user interface, cloud integration, and the GUI. It's easy to work with it with clients.

    I also like Sophos Intercept X because I can install it on a computer, and if it's set for tamper proof, then nobody can uninstall the program.

    What needs improvement?

    As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of.

    For how long have I used the solution?

    I've been working with Sophos Intercept X ever since it was released three years ago.

    It is a cloud solution. The installation is local on the device, but it communicates to the cloud where the cloud server manages the reports, notifications, and licensing.

    What do I think about the stability of the solution?

    My impressions of the stability of Intercept X is that it's excellent.

    What do I think about the scalability of the solution?

    The scalability is not a problem at all.

    How are customer service and support?

    I've received really good technical support. They're amazing.

    Which solution did I use previously and why did I switch?

    I've had experience with other antivirus programs such as Trend, Norton, and McAfee, and they just flag it and indicate that you are infected. However, Sophos has always taken care of things. This way, if my users don't know what to do with a popup, at least I know that Sophos will just grab it, quarantine it, and protect the user.

    Sophos is easy to install and easy to manage, and I have had no issues with it. I've had better protection and quarantining features with Sophos Intercept X.

    How was the initial setup?

    On a scale from one to five, where one is complex and five is easy, I'd rate the initial setup at four. This is because sometimes you'll get a popup asking you to reboot, but actually, if you've installed it a few times, you know that you have to reboot it after the installation. So, there are a couple of popups that don't make it seamless.

    If I've got 10 new workstations with a new client and I've sold them 10 licenses and one server, I will have that set up in the cloud as soon as I get the license. It will probably take half an hour to set that up. I can then start adding computers instantly. To install 10 computers, it would take about five hours.

    What about the implementation team?

    My team and I implement it. We also, sometimes, walk a client through the process remotely.

    What other advice do I have?

    Sophos Intercept X is a good protection service package for small businesses and large corporations. You can have two computers, five computers, or 5,000 computers, and it'll be just as easy to manage.

    I haven't had any issues with ransomware since I began using anti-exploit. I trust Sophos Intercept X and rate it at ten on a scale from one to ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer:
    PeerSpot user
    Founder and Managing Partner at a tech services company with 1-10 employees
    Real User
    Top 20
    Responsive support, compatible with multi-platforms, and highly scalable
    Pros and Cons
    • "The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
    • "There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device."

    What is our primary use case?

    We are using Sophos Intercept X for network and system security.

    What is most valuable?

    The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform.

    Most of my clients I have central management, they receive updates automatically.

    What needs improvement?

    There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device.

    For how long have I used the solution?

    I have been using Sophos Intercept X since it has been released, it has been many years.

    What do I think about the stability of the solution?

    Sophos Intercept X is very stable. However, we had a few issues when Apple released Big Sur. At the time the version of Sophos Intercept X that was running on the Macs wouldn't work properly with Big Sur. We had to install a beta, but that problem was resolved fairly quickly.

    What do I think about the scalability of the solution?

    Sophos Intercept X is highly scalable.

    How are customer service and support?

    I have found the Sophos office staff to be far more responsive than other vendors, such as Sonic Wall which is awful. I dealt with them for a number of years and I finally couldn't stand it anymore. I felt that Dell destroyed them.

    I have been very pleased with tech support. As a partner, I have access directly to their engineers and developers. Their technical support is superior.

    How was the initial setup?

    The initial setup is very straightforward.

    In the centrally managed environments, you create a downloadable install that you can either email to the end-user or, can have available on thumb drives for customers to install. Once it's installed, it's automatically kept up to date with the most current version.

    What's my experience with pricing, setup cost, and licensing?

    The price of Sophos Intercept X is competitive.

    What other advice do I have?

    I'm looking at moving to the EDR version of Sophos because I have a number of clients that have extremely critical data. One of them handles a lot of money for their clients, and the others are lawyers. The security of not only their own information, but their client information, is critical to them. The Intercept X EDR offering is starting to look like it might be a good solution for several of them because of the live monitoring of the threat attempts on their endpoints.

    The EDR is an additional managed service that's a component of the antivirus, where depending upon which level you choose, you either have a team that is monitoring responses from your system, or at a higher level, you have dedicated resources that are monitoring your systems. If there's an alert, they immediately respond to that alert and research it, not only quarantine it, the AV quarantines it, but with the EDR function, it alerts the Sophos team that there has been a potential issue, and they'll immediately begin to research it.

    My advice to others would be to use centralized management because it makes it much easier to implement, manage, track the installations, and the day-to-day usage. With the central management, you can see every PC or Mac that's connected, any activity, and any issues. You can narrow any issue down to the computer if it's had to quarantine anything. Additionally, you can tell how long it's been since the computer last communicated. It's a very powerful tool, I would recommend it. To the extent their clients are willing to accept the central manager, it is the best option.

    I rate Sophos Intercept X a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Kasun Weerasekara - PeerSpot reviewer
    Assistant Manager - Network Communication and Server Management at D-Tech Sri Lanka
    Real User
    Reasonable pricing, good stability, and has a simple setup process
    Pros and Cons
    • "We have found the pricing to be reasonable."
    • "We would like more application control in order to be able to schedule times and access."

    What is our primary use case?

    We primarily use the solution for security. We protect the computer network from threats as some users had some kinds of malicious threats. We have some policies for web control. and have used this solution to find some unwanted traffic and some unwanted site access by some users. 

    What is most valuable?

    The server protection has been great. That's been the best thing for us.

    The reporting has been very useful.

     We have found that the EDR functionality has been very good.

    The setup process has been very simple. 

    The solution has been very stable so far.

    You can scale the solution if you need to, and it is an easy process.

    We have found the pricing to be reasonable.

    What needs improvement?

    We would like the solution to be more complete so that we don't have to involve so many third parties.

    We would like more application control in order to be able to schedule times and access. For example, we'd like to set it so that certain documents can only be accessed between 8 AM and 4 PM.

    For how long have I used the solution?

    We did a POC with the solution that lasted six months. It's been in the production environment for three months. Therefore, for almost nine months we have been running on Sophos.

    What do I think about the stability of the solution?

    The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

    What do I think about the scalability of the solution?

    We have about 450 devices on this solution.

    Currently, we have 3 administrators. There are only 2 super admins and 2 other users for the control panels, et cetera.

    We use this solution on a daily basis.

    The product is scalable. After we purchased only one user license, we decided to do an installed service also. It's a one or two-minute process in order to provide a temporary license for 1 month and, after that, we hope to stay covered. Therefore, we do have plans to increase usage.

    How are customer service and technical support?

    Technical support has been good. During the installation process, we had the principal change, and it didn't affect the process. They have been very helpful so far. We have no complaints. 

    Which solution did I use previously and why did I switch?

    We did use Kaspersky.

    There were ultimately some issues with the Kaspersky team in Sri Lanka and with the principal in Kenya. We didn't have support from the principal. We had issues for two or three years. We ended up having to change the product and we were with Kaspersky for maybe 8 years.

    How was the initial setup?

    The initial setup is not difficult to manage. It's very easy and very straightforward. 

    With six people we were able to complete the setup.

    So far, the maintenance has been little to now. The deployment that is connected to the internet automatically updates, and sort of maintains itself.

    What about the implementation team?

    We did have some external help for the implementation process. 

    What's my experience with pricing, setup cost, and licensing?

    The pricing is good.

    Which other solutions did I evaluate?

    For testing purposes, we did try a variety of solutions. This product, however, was simple, the cloud was good, and the pricing was reasonable. 

    What other advice do I have?

    We are using the latest version of the solution.

    We are using the cloud version of Sophos, however, there are some computers that are not connected to the internet, so we have to install something locally on-site as well. We are half on-premise and half in the cloud.

    I would recommend the solution to other companies.

    We've been satisfied with its capabilities. I would rate it at a nine out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Director of Platform and Information Security at a computer software company with 1-10 employees
    Real User
    Top 5
    Useful web filtering, effective URL sanity checks, and excellent support
    Pros and Cons
    • "The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features."
    • "The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle."

    What is our primary use case?

    We use Sophos Intercept X to protect the endpoint devices in our organization, such as PCs and MacBooks.

    How has it helped my organization?

    Sophos Intercept X is a full package. It's more than only an antivirus solution to find the malicious code. We also use it to filter malicious websites and detect applications that have been outlined in our corporate policy.

    What is most valuable?

    The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features.

    What needs improvement?

    The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle.

    The majority of our systems are Apple-based, this issue is more noticeable on the Apple platforms.

    For how long have I used the solution?

    I have been using Sophos Intercept X for approximately two years.

    What do I think about the stability of the solution?

    The stability or performance of Sophos Intercept X is good. However, sometimes users have needed to have their configuration fine-tuned to allow better performance.

    What do I think about the scalability of the solution?

    We have approximately 50 users using this solution.

    We use Sophos Intercept X extensively and we use everything the solutions offer.

    How are customer service and support?

    The support I have experienced from Sophos Intercept X was great.

    I would rate the support from Sophos Intercept X a five out of five.

    Which solution did I use previously and why did I switch?

    I have used other solutions other than Sophos Intercept X in other organizations but it has been over two years ago.

    How was the initial setup?

    I have been using Sophos Intercept X for over two years, in the beginning, the initial setup was straightforward but because they do not fully support the Apple platform, or they're pretty slow at supporting the Apple platform, the latest version supporting Apple is a little bit cumbersome to use. You need to walk the user through the process with some specific instructions or help the user directly. It's not as easy as it used to be.

    I would rate the implementation process of Sophos Intercept X a four out of five.

    What about the implementation team?

    We did the implementation of Sophos Intercept X in-house.

    I do the maintenance of the solution. We are a smaller company and I am sufficient for the maintenance of the solution.

    What's my experience with pricing, setup cost, and licensing?

    I have found the price of Sophos Intercept X to be reasonable.

    What other advice do I have?

    I would advise others that they have to look at their environment to determine if this solution would be best suited. Sophos Intercept X for a small business that has a mix of PCs, MacBooks, and has the need for multiple security controls, this tool fits us well. For different environments, the organization might need other or additional tools. For example, if they may need threat protection. There are different vendors that may have an edge in certain areas than Sophos Intercept X has. For us, we need a balanced, multi-pronged approach for securing in our environment, Sophos Intercept X works well.

    I rate Sophos Intercept X an eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Abbasi Poonawala - PeerSpot reviewer
    Chief Enterprise Architect at a financial services firm with 10,001+ employees
    Real User
    Top 5Leaderboard
    Good support and uses AI to detect ransomware, but human monitoring is still required for sophisticated threats
    Pros and Cons
    • "Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities."
    • "Better protection in the endpoint, server, and mobile is needed."

    What is our primary use case?

    This product is basically used for detecting ransomware. It will monitor all of the ransomware threats. Since the first ransomware attack happened in 2017, WannaCry, it has been a global threat. It is a vulnerability that is impacting a lot of devices and computers in the network.

    Ransomware threats have been identified as one of the first priorities in the entire info security segment. Information security consists of various things including endpoint detection, threat detection, and then your SIEMs like QRadar or ArcSight.

    At the early point of detection, Sopho is going to stop the ransomware. The question that has been there since 2017 is how it will identify the ransomware and how does it stop the attack from happening to the network. WannaCry was the first large ransomware attack, which has impacted various regions and is a very high severity threat. Since then, a lot of things have been lined up for mitigating the risk, like WannaCry.

    How has it helped my organization?

    improved considerably

    What is most valuable?

    Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities. There is no human intervention in some cases, which is the trend that is happening with most of these products. High-end products and sophisticated products include machine learning capabilities for detecting the threats.

    What needs improvement?

    There are hackers who hack the artificial intelligence component using artificial intelligence itself. These sophisticated hackers are using AI capabilities, and the problem is that with no human intervention, machine learning can be defeated. The consequence is that somebody still has to keep watch and monitor the detection from the threat scanning.

    Better protection in the endpoint, server, and mobile is needed. Those three areas should be fully protected. It should stop ransomware from installing, it should stop it from deploying, and it should also block unauthorized file encryption. In summary, it should have more protection, better detection, and better response.

    For how long have I used the solution?

    We have been using Sophos Intercept X for more than two and a half years.

    What do I think about the stability of the solution?

    Sophos Intercept-X is a stable solution and we plan to continue using it in the future.

    What do I think about the scalability of the solution?

    This is a scalable product and we have more than 7,500 devices connected to the network.

    How are customer service and support?

    The technical support is 24x7 and it is good. They have different points of contact within the support regions like India, Singapore, and various other regions.

    Which solution did I use previously and why did I switch?

    We have Sophos running in parallel with Sophos Cloud, in some of the regions.

    How was the initial setup?

    The initial setup is quite simple and it will take a couple of hours.

    What about the implementation team?

    I and my team deploy and maintain this solution. The deployment happens on the cloud.

    What other advice do I have?

    This is a good solution but that said, there are breaches that are happening, and they are happening using AI. So, the attackers are also that sophisticated and it means that somebody has to sit and do the human check as well.

    Ultimately, what happens is that the threats are found, and then the response action is taken based on the outcome of all these steps.

    This is a product that I can recommend to others. The DR has better capabilities, as it's powered by machine learning.

    I would rate this solution a seven out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.
    Updated: March 2023
    Buyer's Guide
    Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.