Sophos Intercept X Room for Improvement

President at a tech vendor with 1-10 employees

I don't know how many infections this protected us from. It might be nice to have a view of what has come at us. You're blocking certain types of traffic. It's not malware per se. You would get a message for this, however, you never really know if this was really a bad guy or just some 16-year-old who knows computers.

There's always room for improvement in pricing. 

From a corporate perspective and from a customer perspective, switching is very difficult to do. It's not an easy task. 

The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them.

I would like to see a templated selection of items that ought to be implemented, that right out of the gate, you can just turn on. This is what we recommend for standard workstations that are running under normal circumstances. It's not that you can't have a template in there. You can create your own template and stuff like that, however, they haven't yet spent a whole lot of time figuring out if you're in the, I don't know, medical business and you need HIPAA and you need this and that, these are all the standard things you ought to deploy. It would be ideal if you could just flip the switch, and it turns them all on.

Also, after you've turned this stuff on in mass like that, you sometimes don't immediately know what the problem is if they all of a sudden can't talk to vendor X. Like in banking, they get a lot of offsite services. You should be able to say "Okay, so I blocked them somehow with one of these things. I don't know which one it is, Help me find it so I don't have to turn everything off." Otherwise, I've got to turn off the whole thing and switch them on one by one, which is time-consuming.

View full review »
Ashis Das - PeerSpot reviewer
Hybrid Cloud Engineer at a tech services company with 51-200 employees

We're still new to the solution. We haven't come across any weakness yet. There aren't features that are missing.

The initial setup can be a bit challenging.

View full review »
Pre-sales manager at National Information Technology Company

If we can lower the price, it will be fantastic because it will generate more revenue for us.

View full review »
Buyer's Guide
Sophos Intercept X
November 2022
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
655,113 professionals have used our research since 2012.
Mike Parsons - PeerSpot reviewer
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC

It's hard to say what could be improved because we're in the middle of an endpoint protection arms race, and there are constant improvements on all fronts in Fortinet, Sophos, and products.

They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention.

View full review »
IT Manager at a construction company with 201-500 employees

There is an issue when deploying on cloud because it needs to be done manually. For an enterprise company that can have 10,000 or even 50,000 end users, it's a lot to deploy manually. An additional feature they might include would be the ability to control the lockdown on hardware; to control all the entry points such as a USB, a camera or any external storage. 

View full review »
Information Systems Coordinator at a insurance company with 51-200 employees

It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first. Otherwise, it thinks you're a virus. It would be ideal if there was some sort of setting where you could warn the system it's just you in there doing routine maintenance.

View full review »
Muzamil Yakub - PeerSpot reviewer
Chief Executive Officer at Infoview Limited

From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial.

View full review »
Peter Forster - PeerSpot reviewer
Network Administrator at Sechelt Indian Band

As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of.

View full review »
Chief Information Officer/Senior Vice President at a tech services company with 51-200 employees

We had some initial problems with our deployment, and they were more around uninstalling Sophos Basic and installing Sophos Intercept X. We had some challenges with some of the uninstallation scripts. They can improve the deployment of Sophos Intercept X when there is already an existing Sophos version. They can also provide more information in the form of best practices and lessons learned from previous findings. A knowledge base with this type of information would be helpful.

View full review »
Founder and Managing Partner at a tech services company with 1-10 employees

There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device.

View full review »
Kasun Weerasekara - PeerSpot reviewer
Assistant Manager Network and Data Center at D-Tech Sri Lanka

We would like the solution to be more complete so that we don't have to involve so many third parties.

We would like more application control in order to be able to schedule times and access. For example, we'd like to set it so that certain documents can only be accessed between 8 AM and 4 PM.

View full review »
Diego Ferruz - PeerSpot reviewer
Country Manager at a tech services company with 1-10 employees

The solution is pretty complete and works well for our organization. I can't recall not having any specific feature on hand.

The initial setup can be difficult if you don't come in with at least some knowledge about the product.

The solution can run slower on older computers. When you do a scan, you need to configure the scan to run in the time not when your traffic is high. The performance can be affected if the traffic is high and you are trying to scan. This isn't really the solution's fault. It may be an issue with the robustness of the machine

View full review »
Director of Platform and Information Security at a computer software company with 1-10 employees

The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle.

The majority of our systems are Apple-based, this issue is more noticeable on the Apple platforms.

View full review »
Abbasi Poonawala - PeerSpot reviewer
Chief Enterprise Architect at a financial services firm with 10,001+ employees

There are hackers who hack the artificial intelligence component using artificial intelligence itself. These sophisticated hackers are using AI capabilities, and the problem is that with no human intervention, machine learning can be defeated. The consequence is that somebody still has to keep watch and monitor the detection from the threat scanning.

Better protection in the endpoint, server, and mobile is needed. Those three areas should be fully protected. It should stop ransomware from installing, it should stop it from deploying, and it should also block unauthorized file encryption. In summary, it should have more protection, better detection, and better response.

View full review »
Service Delivery Engineer - Network Security Lead at a tech services company with 51-200 employees

When comparing the security, I feel that Fortinet has more features as compared to Sophos Intercept X. As such, the feature set needs improvement. They should offer more with the firewall.

For example, Fortinet has a web application, it has application control, it has antivirus, and it has anti-malware. It offers many features.

Sophos is a bit behind when it comes to the features of the firewall itself.

The security is good but the feature set is limited.

They can up their marketing strategies. They need to increase their marketing efforts.

View full review »
System Integrator, Sr Security Engineer at a tech services company with 51-200 employees

It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day.

We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person.

View full review »
Rajesh-Singh - PeerSpot reviewer
CEO & MD at Gurjartech

They need to focus on their SLA or technical support. They also need to focus on their UI.

They should also improve their content filtering tool and update it so that correct categories are there. Sometimes, when I want to block an online gaming website, it is not shown under the correct category. It is shown under another category. They need to review their content filtering tool on a bi-weekly or monthly basis and update the sites and categories. This will be really helpful for them.

View full review »
Victor Bayedo - PeerSpot reviewer
Cloud Solution Architect at Reliance Industries Ltd

The detection and the AI capabilities should be improved upon. I also find it narrow of an attack. Even though we have Sophos running on the network, we still have the system being hit. That was probably because Sophos is not running our data. 

Improvement should actually be made on remote capabilities. I would like to see additional features that provide capabilities that show a lot of sources that the attackers are actually making.

View full review »
Darshil Sanghvi - PeerSpot reviewer
Consultant at a tech services company with 501-1,000 employees

Features that should be improved in the upgrade involve the excessive consumption of the the solution's processor, RAM and resources. 

We have often encountered pain points, such as field users having insufficient resources at their disposal. Their system may offer, say, i3 processor or four GB of RAM, and become slow, owing to the large number of features. While it is okay that this results in the system slowing down, it remains a challenge for us, as our users and employees are complaining that it is becoming progressively slower.

In the next release it would be great to also see VPN integrated or in-built in the solution.

View full review »
Head Of Information Security at a manufacturing company with 1,001-5,000 employees

The challenge with Sophos is whenever there's an escalation to a level 3 or level 4 or a certain kind of important issue, or if you want to reach out to the leadership, it's difficult to do so.

They don't have the full stack of offerings as compared to the other competitive products that we see.

View full review »
Cliff Matonda - PeerSpot reviewer
System Administrator at Finlays

I have not done it, but integrating it with authenticating the users on the Windows system looks a bit complicated to me. It could be because I don't understand it.

Its installation takes a bit longer for each of the vendors. I don't know whether it is because of the internet connection. I don't know if it is just for me or it is the same for every other user.

View full review »
Founder and General Manager at a tech services company with 11-50 employees

I can't think of any features that are lacking.

The solution needs to ensure it is keeping up with the latest malware defenses and security advancements.

It could be a bit easier to implement. 

View full review »
Founder, Director at a tech services company with 1-10 employees

At present, the solution meets the needs of our business scale. Perhaps in the future, as we grow and face increased challenges, there would be a need to explore other options. 

View full review »
Manager of Information Security at a healthcare company with 1,001-5,000 employees

Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it.

View full review »
KurhulaMaluleka - PeerSpot reviewer
Managing Director at Behold IT

I'm mostly quite happy with the solution. I haven't had any issues with it. 

From the firewall side, from the Intercept X to endpoint protection, everything is there, so there's nothing much that I can complain about.

The solution can be expensive, although we do see the value in it.

View full review »
CIO at a financial services firm with 11-50 employees

It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources.

We're interested in some behavioral analysis regarding activities on all of our networks so that we can anticipate intrusions and problems before they occur. My understanding is that Sophos doesn't provide such a facility. Darktrace seems to offer an artificial intelligence solution along these lines. 

View full review »
Abrar Khan - PeerSpot reviewer
IT Coordinator at a pharma/biotech company with 51-200 employees

This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it. I do not think a lot of companies know about this solution, it could be a lack of marketing that is the reason why it is not at the top.

View full review »
IT Manager at a financial services firm with 51-200 employees

The initial setup can be a little complex. 

The deployment part needs to be improved. It doesn't feed into our SOCs. That's the only thing we have to try and figure out - how we're going to do that. The SOC is our interface with our security partners who monitor our security events. That's done for us on a 24/7 basis.

View full review »
Technology Infrastructure Manager at a non-profit with 201-500 employees

Sophos has a lot of different features. Some of them are tied to different clients, which may mean that different prices or licenses have to be added on. It can be a little bit confusing if you're not familiar with the logic of how they work. They can make it a little bit clearer.

View full review »
Inside Solutions Architect at a tech services company with 1,001-5,000 employees

Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention.

View full review »
Mike Ignacio - PeerSpot reviewer
Associate Vice President - IT Corporate Support, IT Security, and Data Privacy at a outsourcing company with 10,001+ employees

We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely. Due to this issue, when we installed Intercept X, we had installation conflicts. The company needs to figure out a way to make installing their old products easier and more complete.

View full review »
AbedEl-HamidAl-Wahidy - PeerSpot reviewer
Technical Support at a tech services company with 11-50 employees

Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them. For example, they could add a report that shows me the versions of the devices on the infrastructure server, so I can make sure all the devices are updated. 

View full review »
Vuli Moyo - PeerSpot reviewer
IT Technician at Zimbabwe School of MInes

Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others. This way I could know if a virus or issue is a result of an identifiable program that the user may have downloaded. 

Also, while the tamper protection is a very good feature, it requires of me to first login to Sophos Central and then look for the Sophos protection password for the particular machine I wish to use. While this is definitely good, this could pose an issue when the internet connection is not working up to speed, something which is occasionally problematic for some of us here in Africa. 

View full review »
Terry Cheung - PeerSpot reviewer
Managing Director at TopSOC

The installation process could be faster.

They can reduce the size of the software that is required. 

It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee.

View full review »
Team leader Modern Workplace, Senior Solution Architect at a tech services company with 11-50 employees

It could be updated less frequently.

I would like to see better support for virtual and desktop infrastructures.

View full review »
Manager at a real estate/law firm with 1,001-5,000 employees

The EDR could be improved, and perhaps the User Interface. EDR machine learning could be included.

View full review »

The app control in respect of the user interface could be improved, The choices offered for the on-premises and cloud-based platforms are the reverse of each other, such as the one responsible for allowing or denying access. This can be confusing initially, even though I later discovered that it is possible to set it back. 

View full review »
EmanTaky - PeerSpot reviewer
Senior System Administrator at KnowledgeNet

The main real-time scanning is taking most of the processing power of my notebook. This is a big problem.

It would be nice if Sophos Intercept X could provide some of their other features for free. For example, when I wanted to add another feature, like zero-day attack, I was told that I would need to add the license.

Also, it would be good to have a lot more resources.

View full review »
Engineering Manager at a manufacturing company with 51-200 employees

While the solution does not seem to lack any features, it should offer better security updates. It could be more secure, something which holds true for any solution. 

Also, the support could be faster. 

View full review »
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees

I would like the solution to have more functions and to be more user-friendly. 

In the next release, the solution could have more use cases. For example, protection against ransomware.

View full review »
Technical Director at a tech services company with 11-50 employees

The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future.

View full review »
Director at a comms service provider with 201-500 employees

The after sales service and support could be improved, particularly on the technical side. The solution has room for additional features. 

View full review »
Technical Manager at Digital World

When I use a proxy, I can bypass Sophos, which is an area that needs improvement.

View full review »
Head IT (Infrastructure) at Nilkamal Ltd

It consumes a lot of resources, and something needs to be done for that.

View full review »
Creative Head/Director at a marketing services firm with 1-10 employees

The performance is very slow and should be faster. 

Data resources will be consumed, affecting the performance, when there is a concurrent login involving a server with multiple RDP users. 

The installation of the solution will start the 17 services involved. 

While the tech support is knowledgeable, it's response time should be faster, as it will only get back to us the day after raising a ticket. 

View full review »
eResearch Solution Architect at a educational organization with 1,001-5,000 employees

We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR.

We are not talking about issues with the installation, documentation or interface, but with the existing combination between Sophos Intercept X and our firewalls. This is why we are considering other options. 

Moreover, the solution does not offer support for a legacy SAN. However, as this is a legacy issue, it will likely resolve itself eventually. 

View full review »
Amir Kasem - PeerSpot reviewer
Technical manager at Andalusia Hai Aljamea Hospital

I'd like to see more integration in the solution. 

View full review »
Technical Director at a security firm with 1-10 employees

I think this solution needs more flexible reporting, particularly for medium to large size companies and I'd like to see some varied options for making reports. Communication with all the antivirus vendors could be improved. We need lateral communication with other antivirus and security products. We need to communicate from one site to the other, possibly nothing will be required as a result, but it would be good to have this information and to have it easily transferred. 

View full review »
Mandar Raut - PeerSpot reviewer
Technical Engineer at a tech services company with 10,001+ employees

When we load Intercept X, it puts a load on the device. When it is scanning, it slows down the device. A system with basic specifications completely slows down till the scan is complete. They should improve this part.

View full review »
Alexander Gatheca - PeerSpot reviewer
IT Security Manager at a financial services firm with 10,001+ employees

The Data Loss Prevention module can be better. It should also have threat hunting capabilities.

View full review »
Buyer's Guide
Sophos Intercept X
November 2022
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
655,113 professionals have used our research since 2012.