Sophos Intercept X OverviewUNIXBusinessApplication

Sophos Intercept X is the #5 ranked solution in EDR tools and #8 ranked solution in endpoint security software. PeerSpot users give Sophos Intercept X an average rating of 8.4 out of 10. Sophos Intercept X is most commonly compared to Microsoft Defender for Endpoint: Sophos Intercept X vs Microsoft Defender for Endpoint. Sophos Intercept X is popular among the large enterprise segment, accounting for 43% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Sophos Intercept X Buyer's Guide

Download the Sophos Intercept X Buyer's Guide including reviews and more. Updated: November 2022

What is Sophos Intercept X?

Sophos Intercept X is an EPP (endpoint protection for business) tool that uses deep learning malware detection, exploit prevention, anti-ransomware, and more, to stop attacks. The solution has key security capabilities to protect your company’s endpoints. Sophos Intercept X is a well-thought-out and designed solution that is comprehensive. Large companies with an IT team and many endpoints to protect are the most suitable for this solution.

Sophos Intercept X Features

Sophos Intercept X has many valuable key features. Some of the most useful ones include:

  • Malware detection: The Sophos Intercept X platform uses artificial intelligence (AI) to proactively identify malware threats.
  • Anti-ransomware and exploit prevention: Sophos Intercept X designed solutions for CryptoGuard and exploit prevention.
  • EDR and managed threat response: The Threat Analysis Center is Sophos Intercept X’s endpoint detection and response product. The Threat Analysis Center breaks down where the threat originated and maps out its attack chain. It also suggests next steps, helping you quickly isolate compromised endpoints to stop an attack from spreading.
  • Central console: The platform comes with Sophos Central, a web-based console centralizing all endpoint security capabilities into one interface. This feature allows you to set security policies, alerts, and other configurations from a single location.
  • Reporting and analytics: Its analytics help IT teams monitor the health of networks and create greater effectiveness in identifying security issues. The reports help proactively flag security flaws, such as unprotected endpoints, before an attack strikes. Some reports include scheduling abilities as well.

Sophos Intercept X Benefits

There are many benefits to implementing Sophos Intercept X. Some of the biggest advantages the solution offers include:

  • Extensive collection of security products: Sophos offers an extensive collection of security products, making it a complete tool for all of your security needs.
  • Separate dashboards: The solution’s separate dashboards can accommodate your company’s diverse products. The dashboards include graphs and alerts detailing the status of your network.
  • Intuitive interface: The solution’s interface is intuitive and clearly labels the platform’s various features. This makes navigation simple and quick when jumping between functionality from endpoint protection to email security management.
  • Useful resources: The Sophos portal provides a lot of help content, including an online self-serve knowledge base with articles and how-to video walkthroughs. In addition, the platform conveniently links you to relevant help content directly within Sophos Central.

Reviews from Real Users

Sophos Intercept X is a solution that stands out when compared to many of its competitors. Some of its major advantages are its ease of management, effective blocking capabilities, and good security.

A President at a tech vendor says, "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."

PeerSpot reviewer Ashis D., Hybrid Cloud Engineer at a tech services company, comments, “So far, the solution has met all our expectations. It's blocked malicious websites effectively and stopped people from going to places online that they shouldn't be going to. It's automatic. We simply took the default settings and we were finding people right away that were going to illicit sites, and we were able to see that easily in the console. The package we use also comes with spam filtering features, which are quite useful.”

Mike P., Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC, states, "The most valuable feature of Intercept X is its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because I could go in and get it back."

An Information Systems Coordinator at an insurance company mentions, “It's very good at security and protection. It offers very good reports.”

Sophos Intercept X was previously known as Intercept X.

Sophos Intercept X Customers

Flexible Systems

Sophos Intercept X Video

Sophos Intercept X Pricing Advice

What users are saying about Sophos Intercept X pricing:
  • "You can pay monthly, but most of our customers choose annual subscriptions because they are less expensive."
  • "There is a license required to use this solution."
  • Sophos Intercept X Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    President at a tech vendor with 1-10 employees
    Reseller
    Top 5
    Great reporting and good training with a pretty straightforward setup
    Pros and Cons
    • "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
    • "The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."

    What is our primary use case?

    We primarily use the solution for malware protection.

    How has it helped my organization?

    Without a doubt, this product has helped our organization. We've been deploying Sophos Firewall for probably 15 years now. We haven't had a lot of trouble, and prior to using the Sophos product, we were using a lot of Symantec products and occasionally some others. We have not had a lot of problems with infections. By that I mean, if we had three attacks over the 15 years I'd be kind of surprised, That's usually due to the fact that somebody was doing something stupid. Otherwise, we've been very well protected. Basically, if a lot of people are looking maliciously at any of our clients, they aren't getting very far.

    What is most valuable?

    The reporting is pretty good up on the Sophos side. We can see if anything's going on, at least from Sophos' perspective. 

    The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer. 

    Occasionally, we do get noticed, however, we don't always get noticed, and I sometimes wonder is that just due to the fact that our client computers are tough to get at? We also deploy the Sophos Firewall on client sites, and it's relatively difficult for a bad guy to get in there.

    We've been happy with it and we've been happy with the training that Sophos has. They keep us up to date on any changes that the solution has.

    What needs improvement?

    I don't know how many infections this protected us from. It might be nice to have a view of what has come at us. You're blocking certain types of traffic. It's not malware per se. You would get a message for this, however, you never really know if this was really a bad guy or just some 16-year-old who knows computers.

    There's always room for improvement in pricing. 

    From a corporate perspective and from a customer perspective, switching is very difficult to do. It's not an easy task. 

    The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them.

    I would like to see a templated selection of items that ought to be implemented, that right out of the gate, you can just turn on. This is what we recommend for standard workstations that are running under normal circumstances. It's not that you can't have a template in there. You can create your own template and stuff like that, however, they haven't yet spent a whole lot of time figuring out if you're in the, I don't know, medical business and you need HIPAA and you need this and that, these are all the standard things you ought to deploy. It would be ideal if you could just flip the switch, and it turns them all on.

    Also, after you've turned this stuff on in mass like that, you sometimes don't immediately know what the problem is if they all of a sudden can't talk to vendor X. Like in banking, they get a lot of offsite services. You should be able to say "Okay, so I blocked them somehow with one of these things. I don't know which one it is, Help me find it so I don't have to turn everything off." Otherwise, I've got to turn off the whole thing and switch them on one by one, which is time-consuming.

    Buyer's Guide
    Sophos Intercept X
    November 2022
    Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    656,474 professionals have used our research since 2012.

    For how long have I used the solution?

    I've been dealing with the solution for a year and a half. The company has been deploying Sophos for 15 years or so.

    What do I think about the stability of the solution?

    Thinking back on it, we only ran into maybe one bug in the whole time we've used the product. One time, when we upgraded Windows, it wasn't compliant and I remembered that my business partner told me that he had to go to Sophos for help. They quickly resolved the problem.

    We've had very few issues. A company should not fear installing it. It's pretty reliable.

    What do I think about the scalability of the solution?

    Our clients are all small businesses generally. The solution seems to be quite easy to scale in the market that we serve, which would be up to a hundred or so users. We haven't had any problems, however, I haven't deployed it for 10,000 users -which would be a totally different thing. Therefore, while it scales well for small businesses, I can't speak to how it would scale at an enterprise-level.

    We do work with a university, and we do some work with a couple of different school districts in the San Diego area. We do some consulting for all three of those. If they asked us to recommend a product, we do recommend a product like this and we help people out with that sort of thing.

    How are customer service and support?

    Technical support could be faster. We can't really get a hold of them when we need to. They really need to improve their services.

    Issues get resolved quick enough. However, there are just issues that cause a lot of unnecessary back and forth. For example, we had a client for who we had installed a temporary license for Intercept X, and then subsequent to that, when we tried to put on the real license, bought it, paid for it, got the key, tried to plug it in, that worked fine. However, all of a sudden it started telling us it was having problems with the temporary license, which was supposed to have been replaced. That was a back and forth. It really took us about two weeks to get that resolved with them. Not a huge problem, not causing alarms that people were getting in, that shouldn't get in, however, I kind of thought somebody would get back to me in a day or two. It didn't take them two weeks to get back to me, but there was a fair amount of back and forth about how to resolve this.

    I would say that the quality of the support when you talk to them is very good. I would rate that a nine out of ten. That said, the lack of availability at times of support is concerning, particularly if we were to have an ongoing hack. Sophos now offers a service where they will jump in there for quite a large fee and mitigate everything quickly. However, when you already have bought a product that's supposed to be doing that same job, it seems strange they would charge you again to actually do the job.

    Having talked to some of those guys on the tech side, they are extreme. Those guys on that side are super knowledgeable and they can jump in there quickly and check a lot of things way faster than I could ever do it, simply due to the fact that they're so much more familiar with the product and with the way that attacks run.

    I don't see them every day so, even though I go to training and I watch it on the training and so forth, it's not something that I fiddle with all the time. I simply don't need to, which is great. It keeps me a step removed from it.

    Which solution did I use previously and why did I switch?

    We previously used Symantec among other products.

    Symantec has changed a lot over the last 10 years. They used to be a totally different company. We were not only concerned about the product and the quality of the product and the availability of support and all of these sorts of things at first. However, they were also beginning to fall behind in terms of their technical capabilities on their product, and then we also already had a relationship with Sophos because of the firewalls, so it was a natural transition away from Symantec.

    We were deploying the UTMs or what they call the SG line, and they've subsequently come out with the XG line, and if you have their cloud-based management solution, you can manage the XG line of firewalls with Intercept X, and they can look at each other's data and make decisions, AI kinds of decisions, or just scripted decisions, based on what the other is finding. It's much more advanced.

    How was the initial setup?

    The initial setup isn't too difficult. Once you learn it, it's pretty straightforward.

    There is a learning curve, and if you haven't learned it, and I would assume this is the same with anybody's product, then you're not really sure what options you want to enable and not enable and so forth. If you turn on too much stuff, let's put it that way, your end user's computer ends up running slowly. You have to be smart about what you're doing.

    What's my experience with pricing, setup cost, and licensing?

    It doesn't have every function that's out there in the universe. However, it's really quite good and it's a reasonable value for the money compared to some of the alternatives that I've seen. However, I'm not super familiar with the alternatives. I know their names, I kind of know what they do, I read the reviews on your site and others, and we're always looking at it, however, I haven't really studied them.

    What other advice do I have?

    We're Sophos partners and resellers.

    We always deploy the latest version of the solution. We deploy the Intercept X Advanced with EDR.

    All the management is done through the cloud. Then there's a client piece you put on, on-premises. We do the management through the cloud and we put the client piece on the premises.

    I like a lot of the things that Sophos is doing. They didn't have one this year, however, they have an annual conference, and one of the things they had done, this was right before they got bought by this other company, is they had hired a lot of really top talent. These guys, when I was at the conference for a few days, just listening to them talk, you're mesmerized with how sharp and bright these guys are and what they're adding into the program. Not to say that others aren't getting some of this stuff too, however, it was really impressive. You felt like they had it together. You trust that by sticking with these guys, you're absolutely going to have minimal, to no issues at all.

    I'd recommend the solution. It's a really good product. I realized that there are other good products out there and it's not that other companies shouldn't take a look at other products. However, it works, it does what it's supposed to do, and, once you learn it, it's easy to manage and the link to the firewall is really good and a great idea. It's smart to implement a single plan across people's networks. It just makes a lot of sense.

    Overall, I would rate the solution nine out of ten.

    Which deployment model are you using for this solution?

    Private Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    PeerSpot user
    Ashis Das - PeerSpot reviewer
    Hybrid Cloud Engineer at a tech services company with 51-200 employees
    Real User
    Top 10
    Good web filtering with an excellent central console and the capability to scale
    Pros and Cons
    • "The package we use also comes with spam filtering features, which are quite useful."
    • "The initial setup can be a bit challenging."

    What is our primary use case?

    We primarily brought on the solution to replace Symantec's product, as Symantec was purchased by Broadcom. The company in question has a lot of stuff, and 40 users, and is a pure Windows environment. They don't do anything on Mac or Linux, for example.

    What is most valuable?

    So far, the solution has been working quite well.

    Sophos offers a manuscript response. 

    The product has three tiers that you can choose from when you buy. The highest is a Managed Threat Response. We chose the middle range, which offers Intercept X and is more than just Malware protection.

    This solution is a kind of Next-Gen anti-virus.

    The product has some web filtering, which blocks people from going to websites they shouldn't be going to. 

    It supports the Windows 10 server platform. 

    The solution offers a centralized view of the status of protection, via a central console for users to check the status or the health of the endpoints.

    So far, the solution has met all our expectations. It's blocked malicious websites effectively and stopped people from going to places online that they shouldn't be going to. It's automatic. We simply took the default settings and we were finding people right away that were going to illicit sites, and we were able to see that easily in the console.

    The package we use also comes with spam filtering features, which are quite useful.

    What needs improvement?

    We're still new to the solution. We haven't come across any weakness yet. There aren't features that are missing.

    The initial setup can be a bit challenging.

    For how long have I used the solution?

    I just deployed the solution a few weeks ago. It's quite new at this point. We've had it now for a little over a month.

    What do I think about the stability of the solution?

    The solution is extremely stable. It doesn't crash or freeze. There aren't bugs and glitches. It's kept us safe. Nothing has gotten through. It's reliable.

    What do I think about the scalability of the solution?

    Currently, the company only has 40 users, and therefore there are no scalability issues so far. However, it's a cloud-based centralized console, so that will help with scaling in the future if the company decides to expand. It wouldn't be hard to do. It's completely achievable.

    How are customer service and technical support?

    Technical support is okay. I'd give them higher scores if I didn't have to contact them about the initial console setup. That said, they were helpful. Their service so far has been about average.

    Which solution did I use previously and why did I switch?

    We previously used Symantec.

    We switched solutions for a few reasons. The first one is that Symantec was bought by Broadcom and there were some unknowns about what would happen with the product. Support typically gets worse when Broadcom buys a product, and we wanted to step away on the off-chance that could happen in the near future. 

    We were also looking to consolidate and to find a replacement but to also get something that had spam protection and something that was easily obtainable for a small business. Sophos ultimately could hit all those checkmarks.

    How was the initial setup?

    The initial setup with the centralized console was a little bit challenging. It wasn't complex per se, however, due to the fact that the instructions weren't clear, you can get stuck at certain points. I opened up a case for support, and at that point, I was able to get under the console. You could say the onboarding of additional administrators was a challenge. The centralized console was also a bit difficult.

    After that, the implementation was pretty easy. You simply remove the old one, add the new one, and then, with the new one, you could send the user an email link, or you could send them a path to where the software is. 

    What's my experience with pricing, setup cost, and licensing?

    I do not know the exact costs offhand, however, it's my understanding that their pricing is listed publicly on their site and would be easy to find. Sophos seemed surprised that their pricing was public. They were shocked that I could just Google it and it came up.

    There are extra add-ons you can purchase over and above this product. The add-ons cost a bit more, however, they offer extra security advantages.

    What other advice do I have?

    We are a reseller.

    We deployed the latest version of the solution. I don't have the version number on hand, however.

    It's a good product to consider if a company is looking to also do spam filtering. What Sophos has as well as a firewall, and it'll give a company a little bit of tighter integration, and that's good. Having those additional security tools as add-ons is an excellent option. We personally haven't gotten their firewall yet, however, it is nice that that is an option.

    I would rate the solution at an eight out of ten. Overall, in the short amount of time we've used it, we've had a positive experience.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Sophos Intercept X
    November 2022
    Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
    656,474 professionals have used our research since 2012.
    Pre-sales manager at National Information Technology Company
    Real User
    Top 5Leaderboard
    Complete solution, scales well, is reliable, has competitive pricing, and has excellent technical support
    Pros and Cons
    • "It is one of the best in terms of technicality."
    • "If we can lower the price, it will be fantastic because it will generate more revenue for us."

    What is our primary use case?

    It's an endpoint, which means it's an antivirus that you must install on your server, laptop, or customer PC. As a result, it can be on-premises for Windows or Linux. You can also install this endpoint if you host a server on that cloud.

    This is a sophisticated antivirus with numerous features. It has AI, (Artificial Intelligence), it can stop viruses, malware, and ransomware, as well as protect the PC you are using, the server you are using, and all of your workstations.

    Intercept X has versions, such as Intercept X, Intercept X Advanced, and Intercept X Advanced with XDR. It requires a long technical explanation, but in brief, it can protect you from being attacked or hacked, because it protects the OS, your operating system, from being compromised. 

    What is most valuable?

    It's a complete antivirus solution that has everything in it.

    It is one of the best in terms of technicality.

    What needs improvement?

    If we can lower the price, it will be fantastic because it will generate more revenue for us.

    For how long have I used the solution?

    We have been working with  Sophos Intercept X for the past eight years.

    What do I think about the stability of the solution?

    Sophos Intercept X is a stable product.

    What do I think about the scalability of the solution?

    It's a scalable product. You can deploy 100, or you can deploy one, or even 1,000. It is very scalable. 

    We have 30 customers and each customer has a different number of users. Some clients have hundreds of Intercept X, some have 50, and yet others have 10. As a result, it is dependent on the company. It depends on the number of computers they have. We have a wide range. One of the clients has 800 users, which is a ministry.

    How are customer service and support?

    I don't have any issues with the technical support. 

    Both the Dubai and UAE teams regularly check in with us to see how we're doing and if we require any assistance. They are constantly monitoring the GCC region. They are doing an excellent job.

    Which solution did I use previously and why did I switch?

    We have other solutions such as Kaspersky, and Heimdal.

    How was the initial setup?

    The setup is simple and straightforward. However, you must have at least an operating system that supports it, if not the most latest version of Windows. I don't mean XP or Vista, but something that is already supported, because Microsoft doesn't even support all of the operating systems. As a result, you won't be able to use it on Windows XP or Windows 7. It must be a current operating system, such as Mac, Linux, or Windows.

    If you have a small environment, you need one person to maintain it. If you have a large environment, you need two or three. It really depends on when you want to complete it. If for example, you have a building and you want to build it in one year, you will need 20 to 40 people to maintain it. 

    If you have a building that you want to be built within 10 years, you can have two to maintain it. It all depends on the environment, the customer, and the deadline set for the project's completion.

    What's my experience with pricing, setup cost, and licensing?

    It is an annual subscription, rather than a monthly one. It's paid annually.

    You can pay monthly, but most of our customers choose annual subscriptions because they are less expensive.

    It could be less expensive. We would be grateful because there are cheaper antivirus solutions and cheaper endpoint solutions on the market, but they do not have the same features. We defend Sophos to our customers and explain why they should choose Sophos.

    There are also products that are more expensive on the market. Sophos is not the cheapest, and it is not the most expensive. It's in the middle.

    What other advice do I have?

    We deploy all Sophos products.

    I would definitely recommend Sophos Intercept and Sophos Intercept X, as well as Sophos Intercept X Advanced and other variants to our customers, this is what we do. We do this for current customers who do not have Sophos and show them the difference and benefits.

    Sophos Intercept X is managed from the cloud. Today, 10 years back, seven years back, or eight years back, you had to have a server to control the Intercept X.

    We haven't had any issues. We have other antivirus solutions, but this is the best-selling product so far. 

    Many customers who had been hacked had abandoned their previous antivirus, and we deployed Sophos Intercept Advanced with XDR for them, including ministries and the public sector in Kuwait.

    Because everything is in the cloud, you can manage your deployed Intercept X from a single console. As a result, my score is 10 out of 10.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
    PeerSpot user
    Mike Parsons - PeerSpot reviewer
    Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
    Reseller
    Top 5
    It can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection
    Pros and Cons
    • "The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
    • "They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."

    What is our primary use case?

    When Intercept X came out, the primary use case was stopping ransomware. It was one of the first products to claim that capability. When I was evaluating them back then, it was the only one I considered effective at analyzing and identifying where the infection started. 

    The synchronized security also helped because the firewall could isolate workstations that had the infection or were in the path of infection.

    What is most valuable?

    The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back. 

    Sophos made such good headway with it because it wasn't traditional endpoint protection. It has a lot of additional capabilities, including web content filtering. It also has the ability to understand the traffic it was seeing at the endpoint, 

    It's sitting on the endpoint, so you don't have to worry about encryption messing up the intelligence that it could get out of the traffic. It was able to pinpoint where the infection was able to get ahead of Intercept X. It was called Intercept X because it can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection.

    What needs improvement?

    It's hard to say what could be improved because we're in the middle of an endpoint protection arms race, and there are constant improvements on all fronts in Fortinet, Sophos, and products.

    They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention.

    For how long have I used the solution?

    I have been using Intercept X since it came out. It hasn't been out that long. Sophos has always had an endpoint client, but Intercept X added new technology. The whole idea of being able to drill down to do a root cause analysis was a novel approach to the endpoint game. 

    What do I think about the stability of the solution?

    Intercept X is highly stable

    What do I think about the scalability of the solution?

    Sophos has the flexibility to scale from one user to a data center, but I've primarily used Sophos for small to medium-sized businesses.

    How are customer service and support?

    I was impressed the last time I called Sophos support. They have a "follow the sun" philosophy with coverage from tech support centers from around the world. Sophos began as a British company, and Fortinet is a Canadian company. 

    Which solution did I use previously and why did I switch?

    Sophos and Fortinet have a firewall solution that can work in small business or home office situations, where you might have only one or two people protected by the techn. Still, yout you can look at it through a single pane of glass and see all of the different work sites you're protecting. 

    Sophos goes one step further with what it calls its RED product, which basically is a hardware firewall that travels with somebody. Say you have an executive in your company and you want to zero in to protect his or her workstation from infection and have control over it to manage its defenses. RED is a great product to do that. Fortinet and Sophos both have strong management capabilities for remote offices and offer centralized management through a cloud application.

    How was the initial setup?

    The basic setup is decent by itself. I have not had to do a lot of tweaking with either one of these products.

    What other advice do I have?

    I rate Sophos Intercept X nine out of 10. Its reporting, alterts, and configuration capabilities make it a formidable product. It's a great product that works as advertised. I haven't seen any serious conflicts between it and other products, whereas I wouldn't put some endpoint protection products on the same endpoint.

    You have to do some work there, but generally speaking, there's always been a case where I've been able to have more than one product. It's probably the best of all the products that I work with because I've had Malwarebytes installed together with Sophos and FortiClient without undue pain. There are some others that I won't mention without that same track record.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    IT Manager at a construction company with 201-500 employees
    Real User
    Top 20
    Excellent at capturing malicious threats together with an aggressive next generation firewall
    Pros and Cons
    • "Anti-virus captures malicious threats and an aggressive next generation firewall."
    • "Deployment on cloud needs to be carried out manually."

    What is our primary use case?

    The main use cases of this solution are for protection from ransomware and malware. Although we don't have EDR because of its high cost, we do have the capability to filter the website. Our use case is more about capturing crypto and the like that can encrypt files. I'm a system administrator and we are customers of Sophos. 

    What is most valuable?

    I've found that the most valuable feature is the anti-virus that captures malicious threats and the next generation firewall which is more aggressive in terms of not only looking for viruses, but also for SaaS and the movement of equipment. If something strange comes up we're automatically notified and it's either blocked or quarantined. It enables you to prevent future viruses and enables us to inform the user of malicious websites they have visited.

    To date, we haven't had any incidents related to viruses or any types of attacks and we barely get any false positives. It's good to know that any malicious anti-virus detected is automatically blocked, although it makes things more difficult for our IT department.

    What needs improvement?

    There is an issue when deploying on cloud because it needs to be done manually. For an enterprise company that can have 10,000 or even 50,000 end users, it's a lot to deploy manually. An additional feature they might include would be the ability to control the lockdown on hardware; to control all the entry points such as a USB, a camera or any external storage. 

    For how long have I used the solution?

    I've been using this solution for three years. 

    What do I think about the stability of the solution?

    I think this solution is stable. It doesn't allow you to do anything that may cause a problem. If you try to download something that is prone to hacking, the solution won't allow it. It's important to use the admin lock to prevent malicious programs being downloaded. It's good at preventing remote users from downloading malware. 

    What do I think about the scalability of the solution?

    The solution is very scalable because they don't generally deal with small size office deployments of 10 or 15 users. The solution can scale to 100,000 or even up to 200,000 users.  

    How are customer service and technical support?

    Initially we didn't have phone support, but now it's part of the enterprise portfolio which we have. We only use the support if we have an issue with the server. It's the benefit of the cloud, there are no concerns about the server whereas on-premise you need to synchronize your server or upgrade the new version to get those features.

    Which solution did I use previously and why did I switch?

    We migrated from Symantec enterprise to Sophos and SentinelOne. The approach is the same for all of them. 

    How was the initial setup?

    Initial setup for the cloud is very straightforward because it's managed by the company. It's just a matter of downloading the agent and installing to your end point. The on-premise implementation is more difficult, particularly if you're not familiar with it but the support is very helpful. I believe there's a way to roll out without the need to visit individual users. I believe they integrate with an active directory, and then post from there. Deployment time depends on availability of the user's desktop or and/or laptop. If it's on premise, you can push that one, it would take less than 15 minutes. To deploy in a company would take less than a month. 

    What's my experience with pricing, setup cost, and licensing?

    If you start with the standard solution, move to Intercept X, and then go to the EDR version, it's almost double the price in comparison to other vendors. It's a choice for any company. Check Point's SandBlast, for example, has two payables but the additional payable includes encrypting your hard drive - not everyone needs that feature. 

    What other advice do I have?

    This is a good product but it comes at a high price. As a result, I would rate this solution an eight out of 10.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Information Systems Coordinator at a insurance company with 51-200 employees
    Real User
    Top 5Leaderboard
    Good ransomware security with an easy initial setup and good scalability potential
    Pros and Cons
    • "The initial setup is simple."
    • "It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."

    What is our primary use case?

    We primarily use the solution as endpoint protection as well as for endpoint detection and response. It's like an EDR. It's basically used to prevent ransomware.

    How has it helped my organization?

    I would say that it's difficult to really say how it's improved our organization. We had never actually been hit by a ransomware attack prior to installing Sophos and never had Sophos tell us that we're experiencing one. That said, it's very important to be protected. Getting attacked would be a disaster.

    What is most valuable?

    We were looking for something that could sense ransomware attempts, to encrypt files, and cut off and reverse attacks as well as alert us to issues. That's what the Intercept X is designed to do. It's very good at security and protection. It offers very good reports.

    The initial setup is simple.

    The biggest feature that's on the server version that we're using, the EDR, is the ability to push data on threats that it's seeing over to another management platform, like a managed detection response service. It's nice that it's possible to do this and we don't have to pay so much attention to the alerts. They can for us.

    What needs improvement?

    It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first. Otherwise, it thinks you're a virus. It would be ideal if there was some sort of setting where you could warn the system it's just you in there doing routine maintenance.

    For how long have I used the solution?

    I've used the solution over the last couple of years. However, I haven't used the product too heavily.

    What do I think about the stability of the solution?

    The stability is relatively good. We've had a few false alarms, however, there's nothing major that's happened so far. It seems free of bugs and glitches. It doesn't crash or freeze. It's good.

    What do I think about the scalability of the solution?

    I haven't personally tried to scale anything. It's probably pretty scalable because you don't have an appliance. Appliances have limitations as they have a set size or capacity. It is a cloud-based console, therefore it can probably scale pretty well.

    We have 80 people in our organization and everybody uses the product.

    How are customer service and technical support?

    I'd rate technical support pretty high. I'd give them an eight out of ten. They're helpful. They are knowledgeable and responsive. We've been satisfied with the level of attention we get when we need them.

    Which solution did I use previously and why did I switch?

    We didn't have anything previously for anti-ransomware. We just had the Kaspersky antivirus. However, it wasn't able to detect ransomware specifically. Therefore, we put Sophos Intercept X on to do that.

    How was the initial setup?

    We've found the initial setup is pretty straightforward. It's not overly complex. We didn't have trouble setting everything up.

    What other advice do I have?

    We're using the latest version of the solution.

    We've got Sophos Intercept X on the notebook computers along with Kaspersky and then on the servers it's only Sophos EDR, which has both antivirus and Intercept X. All are bundled together.

    The console's on the cloud and that's just installed on the clients, however, they all communicate with a self-hosted JIRA cloud console.

    I'd advise those considering the solution to probably just go with the antivirus portion as well. That way, you've got it all under one console. We're juggling two consoles, Kaspersky and Sophos. It would be easier if everything was under one.

    ON a scale from one to ten, I'd rate this product at a nine. We've been very happy with it.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Muzamil Yakub - PeerSpot reviewer
    Chief Executive Officer at Infoview Limited
    Real User
    Top 5
    Beneficial policy management, automatic endpoint updates, simple installation
    Pros and Cons
    • "Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter."
    • "From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."

    What is our primary use case?

    We are using Sophos Intercept X for endpoint protection.

    What is most valuable?

    Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter. 

    Whenever a user gets infected, as an admin, we get notified. We have many options to pick from, the ability to send policies to the endpoints is a very good feature that they have.

    Whenever there is an update all the agents on the end-users systems automatically update.

    We have the option of caching updates on the network, which allows us to save on bandwidth. For example, if we have 100 people in the office, we can deploy an internal caching server or a message link server, so not all computers need a connection to Sophos onto the cloud.

    Sophos Intercept X integrates with their other solution very well, such as the XG Firewall. The feature is called Synchronized Security.

    What needs improvement?

    From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial.

    For how long have I used the solution?

    I have been using Sophos Intercept X for approximately five years.

    What do I think about the stability of the solution?

    Sophos Intercept X is highly stable.

    What do I think about the scalability of the solution?

    I have found Sophos Intercept X to be scalable.

    We have approximately 40 clients using this solution.

    How are customer service and support?

    I'm a Sophos certified architect to myself, and as a partner, from the vendor, we have excellent support. We have not had a problem with the technical support, they are always available for communication, such as online chat or on-call.

    Which solution did I use previously and why did I switch?

    We have used Kaspersky, ESET, Bitdefender, and Symantec solutions.

    How was the initial setup?

    The installation is very easy. If someone is not on the network, you can send them an invite by email and they would only need to install the agent, and everything will work perfectly.

    The time the installation takes depends on the internet connection. Sometimes it takes only five minutes and other times it can take up to 10 minutes. It all depends on the connection because it has to download the installer.

    What about the implementation team?

    The end-user can install the solution themself. It is very easy. It is only a two to three-step process it is complete. 

    Many people are using this solution and some customers don't even have IT managers, we provide them manage services I this case.

    What was our ROI?

    The solution has great protection against anti-ransomware and all of the zero-day threats. The ROI is very good.

    What's my experience with pricing, setup cost, and licensing?

    There is a license required to use this solution.

    If it's a managed services provider contract that we have with the customer, then they pay monthly. Depends on the customer, what the requirements are. They can pay either monthly or annually to us, but we have to pay annually to the vendor.

    Which other solutions did I evaluate?

    Before choosing Sophos Intercept X we evaluated Kaspersky, ESET, Bitdefender, and Symantec. For some of our clients who are using the other products, now they've shifted to Sophos Intercept X.

    What other advice do I have?

    I would recommend this solution to others.

    I rate Sophos Intercept X a ten out of ten.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Peter Forster - PeerSpot reviewer
    Network Administrator at Sechelt Indian Band
    Reseller
    Top 20
    Is easy to install and manage, and has anti-exploit protection
    Pros and Cons
    • "One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
    • "As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."

    What is our primary use case?

    Sophos Intercept X is the antivirus protection of my choice and my client's choice because it does not only malware, antivirus, and Trojan protection but also anti-exploit protection. It has a quarantine process as well. It does all of the usual antivirus plus the anti-exploit and anti-ransomware processes.

    What is most valuable?

    One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it.

    I look at all my network workstations and laptops, and if any one of them has some issues with updates or receives a notification, then the server console in the cloud will send me an email as well.

    I like it's user interface, cloud integration, and the GUI. It's easy to work with it with clients.

    I also like Sophos Intercept X because I can install it on a computer, and if it's set for tamper proof, then nobody can uninstall the program.

    What needs improvement?

    As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of.

    For how long have I used the solution?

    I've been working with Sophos Intercept X ever since it was released three years ago.

    It is a cloud solution. The installation is local on the device, but it communicates to the cloud where the cloud server manages the reports, notifications, and licensing.

    What do I think about the stability of the solution?

    My impressions of the stability of Intercept X is that it's excellent.

    What do I think about the scalability of the solution?

    The scalability is not a problem at all.

    How are customer service and support?

    I've received really good technical support. They're amazing.

    Which solution did I use previously and why did I switch?

    I've had experience with other antivirus programs such as Trend, Norton, and McAfee, and they just flag it and indicate that you are infected. However, Sophos has always taken care of things. This way, if my users don't know what to do with a popup, at least I know that Sophos will just grab it, quarantine it, and protect the user.

    Sophos is easy to install and easy to manage, and I have had no issues with it. I've had better protection and quarantining features with Sophos Intercept X.

    How was the initial setup?

    On a scale from one to five, where one is complex and five is easy, I'd rate the initial setup at four. This is because sometimes you'll get a popup asking you to reboot, but actually, if you've installed it a few times, you know that you have to reboot it after the installation. So, there are a couple of popups that don't make it seamless.

    If I've got 10 new workstations with a new client and I've sold them 10 licenses and one server, I will have that set up in the cloud as soon as I get the license. It will probably take half an hour to set that up. I can then start adding computers instantly. To install 10 computers, it would take about five hours.

    What about the implementation team?

    My team and I implement it. We also, sometimes, walk a client through the process remotely.

    What other advice do I have?

    Sophos Intercept X is a good protection service package for small businesses and large corporations. You can have two computers, five computers, or 5,000 computers, and it'll be just as easy to manage.

    I haven't had any issues with ransomware since I began using anti-exploit. I trust Sophos Intercept X and rate it at ten on a scale from one to ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.
    Updated: November 2022
    Buyer's Guide
    Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.