Sophos Intercept X OverviewUNIXBusinessApplication

Sophos Intercept X is the #5 ranked solution in EDR tools and #8 ranked solution in endpoint security software. PeerSpot users give Sophos Intercept X an average rating of 8.4 out of 10. Sophos Intercept X is most commonly compared to Microsoft Defender for Endpoint: Sophos Intercept X vs Microsoft Defender for Endpoint. Sophos Intercept X is popular among the large enterprise segment, accounting for 43% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
Sophos Intercept X Buyer's Guide

Download the Sophos Intercept X Buyer's Guide including reviews and more. Updated: November 2022

What is Sophos Intercept X?

Sophos Intercept X is an EPP (endpoint protection for business) tool that uses deep learning malware detection, exploit prevention, anti-ransomware, and more, to stop attacks. The solution has key security capabilities to protect your company’s endpoints. Sophos Intercept X is a well-thought-out and designed solution that is comprehensive. Large companies with an IT team and many endpoints to protect are the most suitable for this solution.

Sophos Intercept X Features

Sophos Intercept X has many valuable key features. Some of the most useful ones include:

  • Malware detection: The Sophos Intercept X platform uses artificial intelligence (AI) to proactively identify malware threats.
  • Anti-ransomware and exploit prevention: Sophos Intercept X designed solutions for CryptoGuard and exploit prevention.
  • EDR and managed threat response: The Threat Analysis Center is Sophos Intercept X’s endpoint detection and response product. The Threat Analysis Center breaks down where the threat originated and maps out its attack chain. It also suggests next steps, helping you quickly isolate compromised endpoints to stop an attack from spreading.
  • Central console: The platform comes with Sophos Central, a web-based console centralizing all endpoint security capabilities into one interface. This feature allows you to set security policies, alerts, and other configurations from a single location.
  • Reporting and analytics: Its analytics help IT teams monitor the health of networks and create greater effectiveness in identifying security issues. The reports help proactively flag security flaws, such as unprotected endpoints, before an attack strikes. Some reports include scheduling abilities as well.

Sophos Intercept X Benefits

There are many benefits to implementing Sophos Intercept X. Some of the biggest advantages the solution offers include:

  • Extensive collection of security products: Sophos offers an extensive collection of security products, making it a complete tool for all of your security needs.
  • Separate dashboards: The solution’s separate dashboards can accommodate your company’s diverse products. The dashboards include graphs and alerts detailing the status of your network.
  • Intuitive interface: The solution’s interface is intuitive and clearly labels the platform’s various features. This makes navigation simple and quick when jumping between functionality from endpoint protection to email security management.
  • Useful resources: The Sophos portal provides a lot of help content, including an online self-serve knowledge base with articles and how-to video walkthroughs. In addition, the platform conveniently links you to relevant help content directly within Sophos Central.

Reviews from Real Users

Sophos Intercept X is a solution that stands out when compared to many of its competitors. Some of its major advantages are its ease of management, effective blocking capabilities, and good security.

A President at a tech vendor says, "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."

PeerSpot reviewer Ashis D., Hybrid Cloud Engineer at a tech services company, comments, “So far, the solution has met all our expectations. It's blocked malicious websites effectively and stopped people from going to places online that they shouldn't be going to. It's automatic. We simply took the default settings and we were finding people right away that were going to illicit sites, and we were able to see that easily in the console. The package we use also comes with spam filtering features, which are quite useful.”

Mike P., Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC, states, "The most valuable feature of Intercept X is its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because I could go in and get it back."

An Information Systems Coordinator at an insurance company mentions, “It's very good at security and protection. It offers very good reports.”

Sophos Intercept X was previously known as Intercept X.

Sophos Intercept X Customers

Flexible Systems

Sophos Intercept X Video

Archived Sophos Intercept X Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Manager at a real estate/law firm with 1,001-5,000 employees
Real User
Top 20
The setup was simple, the EDR could be improved, and perhaps the user interface.

What is our primary use case?

We use it mostly for software protection. 

What is most valuable?

It's quite simple to use and user friendly.

What needs improvement?

The EDR could be improved, and perhaps the User Interface. EDR machine learning could be included.

For how long have I used the solution?

We have been using Sophos Intercept X for about two years. It is the latest cloud version. We have about 200 people using it, daily. We are a Sophos customer.

Buyer's Guide
Sophos Intercept X
November 2022
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
657,849 professionals have used our research since 2012.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

It is reasonable scalable. So, somewhere in the middle in terms of scalability.

How are customer service and support?

We have not needed to use support so far.

Which solution did I use previously and why did I switch?

We have been using Sophos since day one.

How was the initial setup?

The setup was simple. It took us about one day to set up and configure the software.

What about the implementation team?

The setup was done internally. We also perform maintenance internally.

What's my experience with pricing, setup cost, and licensing?

The pricing is average for software like this, but you can purchase additional services if you wish.

Which other solutions did I evaluate?

In the future, we may evaluate SentinelOne.

What other advice do I have?

I would recommend this to other users, and I would give the product 7 out of 10.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Infrastructure Manager at a tech services company with 51-200 employees
Real User
Top 20
Easy to configure, good threat detection capability, and the support is perfect
Pros and Cons
  • "This solution is easy to configure."
  • "The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays."

What is our primary use case?

This product is primarily used for endpoint security.

What is most valuable?

The most valuable feature is the threat detection capability.

This solution is easy to configure.

What needs improvement?

The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays. It's not sufficient.

I would like to see remote desktop support. For example, if you have a problem with your device, maybe the support team can log in and help to fix the problem using a remote connection.

For how long have I used the solution?

I have been using Sophos Intercept X for the past year and a half, and have just renewed my subscription for another year.

What do I think about the stability of the solution?

Stability-wise, Sophos Intercept X is good. I have not experienced any bugs or problems with it.

What do I think about the scalability of the solution?

The scalability is very good. We have 130 users.

How are customer service and technical support?

I would rate the technical support and ten out of ten. They are perfect.

How was the initial setup?

The initial setup is easy.

What about the implementation team?

I deployed this product myself and the process took about two months.

What other advice do I have?

My advice for anybody who is looking into implementing this product is that it is easy to implement, quick to deploy, and has a lot of tools to detect malicious behavior. I can recommend it to others.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Sophos Intercept X
November 2022
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
657,849 professionals have used our research since 2012.
Project Manager at a tech services company with 11-50 employees
Real User
Easy to use, straightforward to set up, and it's effective against critical problems including ransomware
Pros and Cons
  • "The most valuable features are ease of use and the GUI."
  • "We would like to deploy across a variety of machines simultaneously through the network."

What is our primary use case?

This security solution covers most of the critical problems such as ransomware.

What is most valuable?

The most valuable features are ease of use and the GUI. The interface is very subjective. Personally, I am fine with it. However, some people don't like it. Generally speaking, I would say that it is easy to use.

They have a free version that is installed on mobile phones, which is very good.

The integration with my AP works well.

What needs improvement?

The price of this product should be reduced because it is a little high.

We would like to deploy across a variety of machines simultaneously through the network.

For how long have I used the solution?

We have been using Sophos Intercept X for the past month.

What do I think about the stability of the solution?

So far, I haven't seen any bugs in this product, so the stability is good.

What do I think about the scalability of the solution?

Scalability-wise, Sophos Intercept X is good. We have close to 100 users, who are mostly salespeople.

How are customer service and technical support?

We have not engaged with technical support.

How was the initial setup?

The initial setup is straightforward and not complicated. Deployment-wise, this solution is okay. It is easy to get the agents up.

One problem is that we want to know if there is a way to deploy the agent without going to every machine if I am upgrading from another product. Locally, I have to go machine by machine to complete the installation.

What about the implementation team?

We deployed by ourselves.

What other advice do I have?

My advice for anybody who is considering this product is that if you want ease of use for a good price, and something that addresses most of the endpoint protection needs, then this is the best solution to implement.

Generally, I like this product compared to other endpoint solutions and I don't have many complaints. The vendor just has to keep it up or continue to improve. That said, it cannot stop every virus so it is not perfect.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Head-Information Technology at a real estate/law firm with 201-500 employees
Real User
Utilizes machine learning functionality and provides good cloud-based administration
Pros and Cons
  • "The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability."
  • "I would like to have a built-in firewall, rather than having to integrate one."

What is our primary use case?

Our primary use case is endpoint protection.

What is most valuable?

The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability.

What needs improvement?

I would like to have a built-in firewall, rather than having to integrate one. Having both a personal firewall and an endpoint firewall would be an improvement. It does have firewall monitoring capability but it is integrated with the Windows firewall. Having their own endpoint firewall would be better.

For how long have I used the solution?

We have been working with Sophos Intercept X for about two weeks.

What do I think about the stability of the solution?

With respect to stability, given that we have only been using it for a couple of weeks, it is too early to tell. That said, we have not experienced any issues so far.

What do I think about the scalability of the solution?

Scalability has not been a problem.

How are customer service and technical support?

I have not had any issues, yet, that necessitated contacting technical support.

Which solution did I use previously and why did I switch?

Prior to Sophos, we were using a product by Symantec. The first difference is the deep learning or machine learning aspect. The second is the cloud administration capabilities. They both support cloud but the administration is better in Sophos.

How was the initial setup?

The initial setup is straightforward.

What's my experience with pricing, setup cost, and licensing?

I find the pricing to be a little bit expensive, although it is acceptable, for now.

What other advice do I have?

The suitability of this product depends on the company and its environment, but for a company like us, I recommend Sophos. 

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Manager of Information Security at a healthcare company with 1,001-5,000 employees
Real User
Top 20
Excelling in this competitive product category with more features than users put to task
Pros and Cons
  • "The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are valuable assets."
  • "Scalability is good."
  • "Technical support is responsive and adept."
  • "There is some issue with the reporting and refreshing information on resources that have been eliminated."

What is our primary use case?

The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are probably the biggest areas of the product that we employ. We also make use of web content filtering and application control as well.  

What is most valuable?

I would probably say that the DLP portion of the product is the most valuable for what we do. That just happens to be the side of the house I sit in. But the EDR alerting is also relevant when talking about valuable features.  

What needs improvement?

Refreshing the reports could be improved. It looks like sometimes when systems no longer exist those systems can still show up on the reporting.  

For example, if you spin up a virtual desktop and a virtual server, and then you change the name of that virtual server, what happens is Intercept X still maintains a record of the device by the old name. It does that even though it no longer exists in the system because the name has been changed. So, refreshing the data is probably something that needs to be addressed.  

I can not really address what I think needs to be added to the product right now because I still think our organization is focusing on learning what the product can do and discovering the capabilities. I have been so involved with it from the perspective of understanding what it does currently that I am still trying to figure out what else we would like to see.  

For how long have I used the solution?

We have been using Sophos Intercept X for probably a little over six months now.  

What do I think about the scalability of the solution?

We have about 1500 endpoints. That is a pretty good volume. While I do not know exactly how to rate it, the scalability is excellent from the standpoint of adding endpoints. We have not run across any issues with the scalability of it. I would tell you that it is very applicable to this company right now and certainly is up to the task of matching our needs.  

How are customer service and technical support?

To this point-in-time, we have found that the technical support is very responsive. We can reach them by phone and by email, and we get answers to the issues and questions we bring up.  

How was the initial setup?

I think the initial installation and setup were very straightforward.  

Once the rollout started, we had to incorporate 1500 devices — and that is just the desktops alone. It probably took about two months. The amount of time it took was because of the scale of resources dedicated to onboarding the solution. It was not because of distribution.  

What about the implementation team?

We did not need to use an integrator or consultant for deployment. It was all done internally.  

Which other solutions did I evaluate?

We did evaluate other options before choosing Sophos. For example, we looked at Sentinel One. We also looked at a couple of different solutions like Trend Micro and CrowdStrike. Looking at those four seems to have been a good enough comparison of products in the category.  

What other advice do I have?

My biggest bit of advice for people taking on Intercept X is to train your staff on all of the functions of that solution. There are a number of solutions within the one product and it is best to know how to use them all and if they apply to your circumstances.  

The biggest lesson we have learned from using Sophos is that the product can be a bit overwhelming with information and data. That is the situation where your training and your resources come into play.  

Make sure you have a complete plan to utilize the tool or you will have pieces that are just sitting there and nothing is happening to utilize them. There are a lot of capabilities that the solution has and you need to make the effort to discover them.  

On a scale of one to ten (where one is the worst and ten is the best), I would rate Sophos Intercept X as probably about a nine-out-of-ten. It is not until you see other applications like CrowdStrike and do a comparison to see what they can do that you really have an idea of what applications in the category are capable of.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Founder at a tech services company with 1-10 employees
Real User
Cloud administration, strong ransomware protection, and firewall integration make this a standout
Pros and Cons
  • "The most valuable features are the cloud administration and the strength of the ransomware protection."
  • "There do not seem to be any limitations to the scalability of this product."
  • "The deployment is quick. It just depends on the environment and what you may be replacing."
  • "This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
  • "The technical support is the lone sore-point when dealing with this product."

What is our primary use case?

We are a small consulting group. We are not really end-users but we sell to them. We are primarily recommending Sophos Central Intercept X as a client solution for endpoint security. They are going to be using it for the security apps, their desktops, and there is a server version as well. I would think that someone buying the server product would expect that to include endpoint security, including ransomware protection, advanced threat protection, and zero-day threat protection.  

Many of our users also use Sophos firewalls and the solutions integrate with each other nicely.  

What is most valuable?

I would say that the most valuable features are the cloud administration and the strength of the ransomware protection.  

What needs improvement?

The one thing that I think probably needs the most attention with this product is the technical support. Some of our customers are starting to complain about that.  

It is a good product, generally. I can not really give it any criticism or go on about missing or broken features. I have got nothing to say that needs improvement other than the support.  

For how long have I used the solution?

We have been recommending Sophos to users for maybe four years. The proper product name is actually Sophos Central Intercept X Advanced.  

What do I think about the scalability of the solution?

I do not know of any limitations having to do with the scalability of this product. We are a small company so the number of clients that we have is not that large. The total would be maybe around 10 clients. The number of endpoints under management for those clients that we are involved with is about 1000. I do not see that we are even close to any limitations in scaling this product with those numbers.  

How are customer service and technical support?

The one thing that needs the most attention according to our customers is the product's technical support. We do not really hear anything about the product having larger issues but there have been a few comments on the gaps in tech support.  

How was the initial setup?

The initial setup is probably straightforward but there are times when it could be difficult. We are about to do a project where we are going to have to replace a Symantec product. We will see how hard that is to do. The potential problems have more to do with a question of how difficult it is to remove Symantec completely than it is about installing Sophos. There is a tool from Sophos for doing a replacement. We had not used it before so we will get to see how well it works.  

The deployment is quick. It just depends on the environment. If you have a lot of remote sites, that could take more time. If you got to replace something, you never know how hard it is going to be because of how another product sets down its roots. There is a point where you have to just do as well as you can and then deal with issues if any arise.  

What about the implementation team?

When we deploy it into client sites we are the integrators and consultants for the deployment. It deploys as you would expect and there are no surprises. Again, it could be hard to remove an existing solution.  

What's my experience with pricing, setup cost, and licensing?

Intercept X for endpoints is around $35 per user per year. The server version is $95 per server per year.  

What other advice do I have?

I would advise anybody who is using a Sophos firewall and is looking to migrate to another solution to give Intercept X the serious consideration it deserves because the Sophos firewall integrates well with the Intercept X solution and that is an advantage.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this solution as a nine-out-of-ten.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Chief Information Security Officer and Founder at a insurance company with 201-500 employees
Real User
Top 5Leaderboard
Analyzes APTs and the endpoint behavior and provides detailed information
Pros and Cons
  • "It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level. While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best."
  • "It would be a value-add if they can include integration with other technologies or solutions, like Fortinet, Blue Coat, etc."

What is most valuable?

It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level.

While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best.

What needs improvement?

It would be a value-add if they can include integration with other technologies or solutions, like Fortinet, Blue Coat, etc.

For how long have I used the solution?

We have been using this solution for two years. 

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is scalable. We have 250 users in our company.

How are customer service and technical support?

Sophos technical support is very helpful. There are many ways to contact them. When I worked with Cyberoam, in the console, you can directly contact technical support through chat. A consultant joins the chat, and you can give them the control to your appliance to verify the configuration and do other checks and troubleshooting for resolving your issue. This is a strong point in Sophos technologies.

Which solution did I use previously and why did I switch?

We migrated from Kaspersky to Sophos Intercept X. While deploying Sophos Intercept X, we found a lot of vulnerability and risky endpoints that Kaspersky didn't cover.

How was the initial setup?

The initial setup is not complex. The deployment and testing took us one month.

You start by deploying the server, and then you can install or deploy an endpoint. There are many ways to deploy endpoints. A roaming user can use just the email with the link, or the support team can move the endpoint or assist the user by phone. 

What about the implementation team?

We had consultants. For implementation, I coordinated with a consultant from Atos and a consultant from Sophos. Atos is our infrastructure manager and service provider. 

What's my experience with pricing, setup cost, and licensing?

Licensing is based on the number of users. They give a discount for editors who are considered as important members. From what I know, Sophos products are not expensive. If you have a license extension, you just need to contact the editor or partner to change the mode of licensing or extend the license to cover more people.

What other advice do I have?

I would recommend using this solution. It is an antivirus and anti-ransomware solution. It has many functions and features. Antivirus is its major feature. The anti-ransomware module is its advanced function.

It has been a good solution so far. It has a very good score in NSS Labs, which is a laboratory that tries and tests all security solutions and gives them a scoring. Many other companies have also started to deploy this solution.

We plan to continue using Sophos solutions. I am in touch with new users, and they appreciate this solution. We have a meeting tomorrow with Sophos to share with our technology roadmap and choose the new technologies to deploy in our company. We will do a proper proof of concept of the solution to evaluate technical aspects, technical features, offerings, limitations, and strong points. 

I would rate Sophos Intercept X a nine out of ten. It is a good product.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Infrastracture Consultant at a healthcare company with 201-500 employees
Consultant
Behavioral-based protection that is user-friendly and easy to deploy
Pros and Cons
  • "The most valuable feature is the behavioral, non-signature-based threat detection."
  • "When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two."

What is our primary use case?

We were recently the target of a ransomware attack and we used this product to clean it from our environment. Our in-place endpoint protection is just signature-based and it was not able to identify which device had passed the malware.

I am in charge of monitoring at this time.

How has it helped my organization?

Once we installed Intercept X, it was able to detect and remove malware that could not be found by the simple endpoint security solution.

What is most valuable?

The most valuable feature is the behavioral, non-signature-based threat detection.

We like Sophos Central, where you have access to a security console. It provides you with information such as recommendations on what to do next. Using this, we were able to trace the affected devices, which were then cleaned. If new alerts are given then we know which devices are still affected and we can take the appropriate action.

Sophos Central also shows us which alerts have not yet been attended to, which is nice.

What needs improvement?

Sophos Central does not provide all of the information that is available, so it requires us to take the additional step of retrieving details from the firewall. It would be more productive if the information between Sophos products were automatically correlated and updated in Sophos Central.

When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two. Automatically correlating these events would save us time.

For how long have I used the solution?

We began using Sophos Intercept X a few days ago.

What do I think about the stability of the solution?

We use Intercept X on a daily basis and it is quite stable.

What do I think about the scalability of the solution?

My impression is that this product is scalable.

We have only deployed Intercept X at one hospital, which has about 300 people that it protects. We have approximately six hospitals for which we are recommending its use.

How are customer service and technical support?

We have only dealt with the sales team in the Philippines. Our concerns were commercial in nature, for the most part, rather than technical.

Which solution did I use previously and why did I switch?

Prior to Intercept X, we were using the signature-based endpoint protection by Sophos. Our license was just recently up for renewal and we are in the process of upgrading to Intercept X.

In my previous company, we were using Cisco AMP. The beauty of Sophos Intercept X is that it does both signature-based on behavioral threat protection in one agent. With some other solutions, you have to install a different product for each approach.

How was the initial setup?

The initial setup is very simple. We were able to install it in a few minutes and then it automatically begins detection. Completing the initial scan involves rebooting the computer a couple of times, so it takes a little while to complete and clean out the malware if it is there.

What about the implementation team?

The interface is very user-friendly and we were able to deploy and operate it ourselves.

Our company does not have 24/7 monitoring, so we are now looking at a managed SOC that we can subscribe to. Ideally, this type of service will give recommendations, above simply alerting us to problems.

What's my experience with pricing, setup cost, and licensing?

We were able to eliminate the ransomware using the one-month, full-featured trial license. Our intention now is to upgrade our systems to the full product. We were given a corporate rate.

Our licensing includes local support for each of our offices, nationwide. This something that we like.

What other advice do I have?

Overall, this is a good product that seems to address our concerns and I can recommend it.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at a tech services company with 201-500 employees
Real User
If improving existing security measures is a goal, this product fits your model
Pros and Cons
  • "Sophos Intercept X is easy to install and has a lower price than similar solutions."
  • "Integration with firewall solutions could be better."

What is our primary use case?

Our primary use case is to enhance existing security.  

What is most valuable?

The most valuable part of this solution is just the general capability of making security more robust.  

What needs improvement?

There are a lot of things that can be added based on the user's need for the solution.  

Where this solution has room for improvement generally is in the integration with Sophos Central and firewalls.  

For how long have I used the solution?

We have been using Sophos Intercept for the last two years.  

What do I think about the stability of the solution?

Right now I am in the midst of trying to solve a bug, but I think it is generally a stable product. When there is a bug, the solution usually comes down to updating the firmware or endpoint.  

What do I think about the scalability of the solution?

Intercept X is a scalable solution.  

How are customer service and technical support?

We have worked with technical support due to some issues we experienced. We had some problems with firewall or endpoint issues that we could not solve immediately. While Sophos is helpful technically, their tech support is not so good. Their tech response could be better. They need to do more to deliver support that is as good or than their competition.  

How was the initial setup?

Intercept is easy to install. There is not a lot to do in the setup for a cloud product of this type.  

What other advice do I have?

My advice to people looking at Sophos Intercept X is that it is easy to install and has a lower price than similar solutions. I recommend it.  

On the scale from one to ten (where one is the worst and ten is the best), I would rate Sophos Intercept X as an eight-out-of-ten.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Mike Parsons - PeerSpot reviewer
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
Reseller
Top 5
Reliable, scalable and very simple to set up
Pros and Cons
  • "The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this."
  • "The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""

What is our primary use case?

The primary use case is basically having a synchronized perspective on what's going on between endpoints, firewalls, and whatever other types of preventative measures the customer has. 

How has it helped my organization?

The fewer panes of glass you've got to go to to try to investigate an event, the better off you are. If there's some automation that goes on within the fabric, or whatever you want to call it, this coordinated effort, then you're going to come out ahead as a small organization. Sophos has one pane of glass, so it gives good visibility. There's less time spent in front of the screen because I have confidence in the automation that's going on.

What is most valuable?

It's been pretty reliable. There's been a few times when it hasn't just taken care of problems. The automation is very convenient.

There's Sophos Central where the customer has a single pane of glass. You can manage everything. 

The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this.

It has a Linux version that's available. 

What I look for in dealing with small businesses, is for something that is not going to add to their staffing requirements significantly in terms of management. That's true with both Sophos as with Fortinet. 

There's great situational awareness within all the other components. If I have a workstation, usually they're just taking care of everything without me even knowing about it unless I go into the logs and see what's been cleaned up. I don't care if something gets cleaned up, I do care if something doesn't get cleaned up. My reporting is set to an on exception basis to ensure I don't have a firehose of information pointed at me to overwhelm me. Customers don't generally want to know every little thing that's happening on their network. What they want to know is if something has happened that puts their environment or their infrastructure in jeopardy. Sophos does this exceptionally well.

The pricing of the solution is quite good.

What needs improvement?

The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?" I see that all the time. That's a question I always have in the reports I give my customers. "Okay. So this happened last month. And as you can see, there were all these attacks knocking at the door, but none were allowed through." If someone got through, then I'm going to be concerned.

For how long have I used the solution?

I've been working with this solution alongside a customer for two years now.

What do I think about the stability of the solution?

The stability is great. We've never had issues with its reliability. It doesn't crash or freeze. There aren't bugs or glitches. It protects us well.

What do I think about the scalability of the solution?

The solution scales really well. They have great resources on hand for managing it within the cloud. I haven't found any issues with capacity. I've never heard of anyone ever having issues in that regard.

Typically we deal with small businesses. When I say "small business" I am referring to a company of around 250 people.

How are customer service and technical support?

Technical support has been very, very good. They're reliable and knowledgable. We've been satisfied with the level of service provided. 

Which solution did I use previously and why did I switch?

We also have experience with Fortinet. Fortinet has what they call their security fabric, which does about the same thing. Basically you have a number of different products, different solutions, and it's all under a single pane of glass and everything's coordinated so that any member or any component of that fabric or synchronized security is aware, has situational awareness of what other components are experiencing. If there's an attack that breaks out in one place, then there's going to be the opportunity for basically isolating that particular component so that it doesn't allow lateral movement.

I've used other solutions. The reason that I like Sophos is mostly due to the synchronized security and cloud management. Other solutions that I've dealt with have been point solutions. I've needed to figure out how to get that situational awareness between the different points. You have to do that. The name of the game these days is to evade the parameter. I have to not only protect the endpoint as if there was no firewall, but I also have to make sure that I've got as much intelligence going on about the state of my internal network so that everybody knows what's happening next door to them.

How was the initial setup?

The initial setup was a piece of cake. It wasn't complex at all. It's very straightforward.

What's my experience with pricing, setup cost, and licensing?

I can justify the pricing for customers and I can explain what they're doing from a pricing standpoint in terms of the different risks that they're handling. I'm all about risk management. Unfortunately, we lose awareness of that, the calculus that goes into that when nothing's going wrong. 

You have to ask: what are you trying to protect? What are you willing to spend to protect that, and what's your expected loss if something happens? You have to look at all things and then decide if the number is fair. I'd argue that it is.

What other advice do I have?

We're partners with Sophos. We're a consulting company and we provide some managed services. Sophos products are some that I deploy and manage for my customers.

I don't have the EDR or any of the really sophisticated stuff. The client doesn't think that they have a need to go to another level. 

I don't have EDR or MTR deployed for the customer. I work primarily with small businesses. So sometimes it's kind of hard to get them to invest more than what they feel comfortable doing.

Other organizations should give it serious consideration if they are looking for a solution. The price point is not unreasonable and the management and the continued evolution that I see within the product means that they're not sitting on their haunches waiting for the next big thing. They're constantly moving forward, trying to keep abreast of what's going on. 

We're in an arms race when it comes to cybersecurity. When you look at SophosLabs out of the UK and the work that they're doing in their blogs like Naked Security and whatnot, they're constantly in the forefront, constantly trying to find different threats. It's impressive, to say the least. All of that percolates down into their product because that's what drives their product.

I'd rate the solution at eight out of ten. The solution is consistently showing me that it has a very effective rubric that it follows through on in terms of identifying and remediating, particularly in the area of ransomware. They can handle everything without having to have somebody get down in the weeds and recover things. I like the automation that it brings into the work that's done. That was the wow factor that drew me to them, to begin with.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Security Consultant at a tech services company with 1,001-5,000 employees
Consultant
Comes with an option to switch off an endpoint, and does what it's supposed to do and better than anyone else
Pros and Cons
  • "I find the security heartbeat feature with synchronized security very useful. It's a very nice feature that allows you to basically switch off an endpoint. When an endpoint has got a virus or something like that, or it's infected or compromised, you can isolate it from the network, but only if you've got an XG Firewall as well. It also provides ease of use. It is the only antivirus that can recognize 25 out of the 36 ransomware and virus techniques that have been often used in terms of the behavior base using heuristics. It's beautiful, utterly amazing. No other antivirus can do that."
  • "The pricing could be a bit lower to match the normal retail pricing."

What is most valuable?

I find the security heartbeat feature with synchronized security very useful. It's a very nice feature that allows you to basically switch off an endpoint. When an endpoint has got a virus or something like that, or it's infected or compromised, you can isolate it from the network, but only if you've got an XG Firewall as well. 

It also provides ease of use. It is the only antivirus that can recognize 25 out of the 36 ransomware and virus techniques that have been often used in terms of the behavior base using heuristics. It's beautiful, utterly amazing. No other antivirus can do that. 

What needs improvement?

The pricing could be a bit lower to match the normal retail pricing.

For how long have I used the solution?

I have been using this solution for the last four months. Currently, I am using the latest version.

What do I think about the scalability of the solution?

It's really scalable. We easily did 5,000 installations in six hours. It's good at scalability.

Some of our SMB clients have 20 users, and some have around 200 to 300 users. A big enterprise client has around 5,000 users.

How was the initial setup?

I don't set these products up, but they look pretty straightforward and simple to set up. The deployment of 5,000 users happened in around six hours. The deployment was obviously automated a little bit.

What's my experience with pricing, setup cost, and licensing?

When you start going to the EDR technologies and the MTR, it is a little bit expensive. It's a very good technology, and obviously, you're going to pay for it, but the pricing could do a little bit of work.

What other advice do I have?

I would definitely recommend Sophos Intercept X. It's the number one product in my go-to-market strategy. 

I haven't used it so much, but from what I've seen and played around with, it's a brilliant product. It has already got everything. It does what it's supposed to do and does it better than anyone else out there. If you look at Gartner Quadrants, they are at number three in terms of leaders. The Microsoft Defender ATP is number one.

I would rate Sophos Intercept X a nine out of ten. It is a beautiful product, and I love it.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Network Administrator at a tech services company with 51-200 employees
Reseller
Not just another simple virus-scanning product, but it does not handle removable USB drives well
Pros and Cons
  • "It is not just a simple virus scanning product. It handles more advanced needs."
  • "This product does not handle USB drives well."

What is our primary use case?

We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response).  

We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product.  

We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.  

What is most valuable?

The most valuable part of the solution in our use case is client isolation. It is a good feature.  

What needs improvement?

What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs.  

For how long have I used the solution?

We started using Sophos Intercept X in December of 2019.  

What do I think about the stability of the solution?

We have not had a problem at all with the stability.  

What do I think about the scalability of the solution?

It is easy to scale this product. As far as the typical organization size that it fits, I would say it is suited for smaller and medium-sized companies. We have not yet installed it at a large customer site, so I cannot answer about large or enterprise companies specifically.  

How are customer service and technical support?

To this point, I have not had a need to use Sophos support for Intercept X specifically.  

I have used Sophos support for other products that we use. Sophos support for XG is okay if it is just regarding questions about the product. I did not have any problems with them in getting a good answer to questions about the product or installations. But when it comes to device defects, then it can take four to six weeks to get a solution. In that case, the support is really not satisfactory. It does not satisfy me and it is really unacceptable.  

Which solution did I use previously and why did I switch?

We did use other solutions in the past, including Trend Micro, Symantec, and Kaspersky. The main difference between Sophos Intercept X and the other products is the client reservation feature. I believe that is a standalone point for Sophos as it is the only product that has it. It allows particular hosts to always use the same IP address which is sometimes desirable.  

The administration of Trend Micro is one thing which I like about that product. It is very easy to use. I would say that Trend Micro is better than Sophos on that point.  

We switched to Sophos because we are selling Sophos firewalls already. The Sophos Intercept X product works better with these firewall solutions than other virus scanning products from different vendors. We decided to keep to the same vendor for a more unified solution.  

We started to work with Sophos Endpoint Protection originally and we are on Bonfire XG as well. It is convenient to expand out working with the brand as a partner.  

How was the initial setup?

The initial setup for the product is not simple. It is medium to complex to install and setup.  

After deploying it takes only me and the customer team for maintenance. Really one person can do it. So there is just one person at my company and I have communication with one colleague at the customer site.  

What about the implementation team?

We did not need outside help from a vendor to handle the deployment. I did it myself and we are a partner with Sophos.  

What other advice do I have?

Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my experience with the data loss feature and how it behaves with USB drives.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
CTO & CISO at a tech vendor with 51-200 employees
Real User
A very complete solution with good functionalities and the capability to scale
Pros and Cons
  • "There are products that are technically stronger. However, this product has everything in one solution, which makes it a strong endpoint option."
  • "The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions."

What is our primary use case?

We primarily use the solution to protect our company from ransomware and malware attacks.

What is most valuable?

The product is very complete.

There are products that are technically stronger. However, this product has everything in one solution, which makes it a strong endpoint option. 

There are good functionalities for advanced incorporation and good ADI functionalities that work well specifically against dangerous strains of malware and ransomware.

Since 2015, Sophos is trying to integrate its products with synchronized security. The communication from UTM to the agent goes both ways. It allows the platform to gain a very high amount of data about the Endpoint's telemetry and to give the administrators a lot of visibility. A lot of other platforms cannot synchronize with other security ICT solutions and cannot guarantee the same visibility at all. 

What needs improvement?

The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions. 

Sophos would benefit from a cloud server implementation on top of the cloud provider (whether it's Google, Amazon, Azure, etc.). The solution is great, however, it's still intended for traditional off-cloud usage. It's focused on endpoint protection of the end-user. It's less targeted on servers, especially Linux or newer implementations that have microservices contained within the environment.

For how long have I used the solution?

I've been using the solution for about five years now.

What do I think about the stability of the solution?

The stability is good. We haven't seen any issues that would make us believe it is unreliable. We haven't had crashes. I don't really recall bugs or glitches.

What do I think about the scalability of the solution?

The solution really targets medium-sized enterprises. Therefore, it's not a problem to scale until it reaches 5,000 users. Most of the Italian market would fit into this category, and therefore, it works pretty well for most organizations here.

How are customer service and technical support?

I can say that I'm happy with the level of technical support we've received so far. In my experience, they are quick. There also isn't a language barrier. There is an Italian support team, which means we can speak with them in Italian. It's always easier than trying to explain difficult problems in other languages. They are quite efficient so I'm quite satisfied.

What other advice do I have?

I am a customer, however, I also have a partnership relationship with Sophos due to the fact that we are a security system integrator and post-security system integrator. That means we not only use Sophos, but we also propose it to our clients. 

I'd rate the solution nine out of ten.

I would recommend Sophos as one of the platforms to take into account when looking for a solution that would work for a mid-sized company. Whether it's the ideal solution or not depends on what objectives and goals the organization has. Those need to be taken into account when evaluating a potential solution.  

That said, generally speaking, I would recommend Sophos. If you compare the environment, the scope, objectives, and goals of the organization, you'll be able to decide if Sophos would be right for you.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
PeerSpot user
Senior Security Consultant - Checkpoint Technologies at a tech services company with 11-50 employees
Consultant
A solution that offers good forensics, good ransomware mitigation, and good stability

What is most valuable?

The forensics within the solution are quite good. The ransomware mitigation is also impressive.

What needs improvement?

We haven't had any issues with the solution, so I can't speak to any improvements that can be made at this time.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and technical support?

The technical support of the solution is satisfactory. We've never had any problems or issues dealing with them.

What other advice do I have?

We're a reseller for Sophos.

The newest release has got the EDR, so I think they're moving in the right direction in terms of the development. 

I'd rate the solution ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
LuukRos - PeerSpot reviewer
Consultant at a tech services company with 5,001-10,000 employees
Consultant
Range and restriction features make this a good choice for customers who want endpoint protection
Pros and Cons
  • "The most valuable features are the range and restriction."
  • "To be a perfect product, the price would have to be a bit better."

What is our primary use case?

The primary use case is for protection. We sell this solution to our customers.

What is most valuable?

The most valuable features are the range and restriction. This is why our users choose Intercept X.

What needs improvement?

To be a perfect product, the price would have to be a bit better.

For how long have I used the solution?

I have been using this solution for two years.

What do I think about the stability of the solution?

This solution is stable.

We haven't had any issues with Sophos Intercept X and we haven't had any complaints from our customers.

What do I think about the scalability of the solution?

This solution is scalable.

We have one customer who is scaling quickly, increasing by ten to twenty users each month. We sell them new licenses, put them in their client central, and all they have to do is pull it out to their new devices. 

How are customer service and technical support?

We have contacted Sophos technical support in the past, but not Intercept X.

How was the initial setup?

For our customers, the deployment of Sophos Intercept X is easy and it's easy to manage.

What's my experience with pricing, setup cost, and licensing?

The price is pretty good.

Which other solutions did I evaluate?

For my customers who do not want the range and restriction features, I instead recommend using Windows Defender.

What other advice do I have?

I would recommend this solution if they want endpoint protection.

Always check the Sophos Central to make sure that the device is activated with the current updates and scanning.

Customers should log onto the portal to see if the scan has been updated.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1156602 - PeerSpot reviewer
Technology Solutions Specialist at a tech services company with 501-1,000 employees
Reseller
An excellent protection against ransomware that’s stable and easily scalable
Pros and Cons
  • "After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works."
  • "They might want to offer an MSP model for licensing, to offer the solution as a software as a service."

What is our primary use case?

Clients primarily use the solution for ransomware.

What is most valuable?

There isn’t a specific feature; the solution itself secures your infrastructure. We had a partner whose client was using a different solution that was hit by ransomware recently. It was an inferior product and it didn’t protect them. They didn’t buy a license to protect them for ransomware. After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works.

What needs improvement?

We’ve only been using the solution for two months, so we don’t have a grasp of the full system to comment too much.

They might want to offer an MSP model for licensing, to offer the solution as a software as a service.

For how long have I used the solution?

We’ve been a distributor of the solution for two months.

What do I think about the stability of the solution?

The solution is pretty stable.

What do I think about the scalability of the solution?

The solution is easily scalable to thousands of users. It’s very capable.

How are customer service and technical support?

So far, we haven’t had to deal with technical support at all.

How was the initial setup?

The initial setup is easy.

What other advice do I have?

We are distributors of Sophos.

I’d rate the solution ten out of ten. I think Sophos is at the top of their game and offering a good protection solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Engineer at a tech services company with 51-200 employees
MSP
Good performance, flexible, and powerful centralized policy management
Pros and Cons
  • "All of the features are very important for anyone who is supporting a large number of computers."
  • "The price of this solution can be improved."

What is our primary use case?

I work with a number of Sophos products, mainly those managed through Sophos Central.

I provide general support for this solution, and my experience is with deployment and some configuration. I have been using the premium edition at home for more than a year, and have been dealing with training and support for approximately six months.

We are using this solution for cloud-based support, and using a cloud-based deployment.

How has it helped my organization?

We provide managed services to Sophos clients as part of our business offering.

What is most valuable?

The performance of this solution is good. This product does not overload the machine, even on relatively old hardware. It is a good experience in terms of CPU utilization, and how many of the cycles are going to the antivirus scanner.

This solution is easy to install, and it is flexible in terms of configuration.

The centralized management is a great feature for assigning certain policies to machines.

All of the features are very important for anyone who is supporting a large number of computers.

What needs improvement?

The price of this solution can be improved. The lesser the price, the more people will purchase it in the future, and it will become more popular and more widespread.

For how long have I used the solution?

I have been using this solution for more than a year.

What do I think about the stability of the solution?

I have never seen the "Blue Screen of Death" based on interactions between Sophos and the operating system. Similarly, I have not seen the computer stuck, or frozen during the virus scanning process. My overall impression of stability is very good.

How are customer service and technical support?

I would rate the technical support for this solution a nine out of ten.

What other advice do I have?

This product works as expected. From the point of view of a Sophos Trainee and Sophos Support Specialist, I admire what this product is doing. It is flexible and the management console is easy to work with.

Overall, this product is doing fine and I have nothing to complain about.

My advice to anybody who is researching similar solutions is that if they are looking for something that is simple and reliable, then this is a good choice. There will be less effort from the local IT support, and they will have well covered and protected endpoints. If they are not willing to spend a lot of time designing policies, precisely tuning everything for maximum performance and protection, then Sophos is the best choice. With very little effort you have a fully functional and very secure system.

Sophos is the best in its class, although there are no perfect systems.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Mohamed Y Ahmed - PeerSpot reviewer
Technical & Pre-Sales Manager at GateLock
Real User
Top 5Leaderboard
Provides dependable, intelligent attack defenses and is easy to manage and work with
Pros and Cons
  • "It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
  • "The product defends very well on its own but could possibly use enhancement in giving users more controls."

What is our primary use case?

We are providing this product and support for it in many sectors like health care, retail, sports, and communication sectors. We are also working with Sophos, but with Sophos Endpoint, not XG, or Sophos UTM. We work with Raya (Contact Center) that provides services here in Egypt (they are also using Sophos 550 XG models).

How has it helped my organization?

It improves organizations by providing dependable, intelligent attack defenses.

What is most valuable?

The most valuable feature in Intercept is its engine for machine learning. It is awesome. Its detection capabilities are saving many of our customers' databases from ransomware and other random attacks. The most interesting thing in the Sophos center is the EDR. It is easy to manage and work with. There is no need to have a cyber-security team define its tasks. In the next few years, it will be an agent EDR.

What needs improvement?

I guess really the best part of the package is the same thing that could use the most improvement. The machine learning is good and it is already developed in the database and its engine. I guess they already have processes to cover more intelligent attacks. I am not sure about the improvements possible in this area. They have developed it to discover new attacks. But it is just an engine. There are no features that users have to look inside it. I think allowing more user modification could improve this at least for purposes of customization. But I don't know if it is possible and it is just to continue to improve on what already works.

As far as added features, I would like to see some type of event management in the product. It should not just depend on the logs only. It would be something to deal with the events on PCs in a similar way to enhance the effectiveness of Intercept X and EDR. 

For how long have I used the solution?

I have been using Sophos Intercept for six years

What do I think about the stability of the solution?

The stability of the product is very good as is the performance. As it works in the background there is never instability in the form of hanging at the work stations or producing false positives. It is very easy to deploy, very simple to use, very light on the operating systems' resources. But there are some guidelines that customers or anyone making the deployment have to keep in mind. They have to make rules and use the product intelligently to avoid any extra false positives or any performance issues. For example, they will want to make full scanning of the environment in times where there is a lower load on the system — in off-hours and not during the prime-time hours. But that responsibility is on the operator. 

The performance of the product itself is very stable and very good.

What do I think about the scalability of the solution?

Scalability can happen in one click. If you have another device to add to the environment, you just make the deployment from the server on-premises. The customer does not have to depend only on the cloud server to scale. They also have an on-premise server that makes the rules between the cloud and the LAN environment to avoid any internet disconnects, or bandwidth and performance issues. They can depend on the cache server to communicate on behalf of the client to the on-cloud dashboards.

How are customer service and technical support?

I personally think the company's technical support is perfect. They always address issues satisfactorily.

How was the initial setup?

The initial setup is very straightforward.

What about the implementation team?

I am not just using it in our department, we are also dealing with installations for customers. We play the role of IT. We enable Sophos products for partners. We do all the work if the customer doesn't have a technical team. We make projects for implementation and providing training.

What other advice do I have?

On a scale from one to ten, I would rate Intercept X as a nine out of ten. I don't think I can rate any software security product a ten because nothing in software security is100%. 

We are deploying Intercept X on Cloud, not on-premises. The reason for this is because the previous versions of Sophos made the agents different between the anti-virus, endpoint and the Intercept X. Now with the Cloud, Sophos is making one agent for the three technologies — the endpoint, Intercept X, and EDR (Intelligent Endpoint Detection and Response). The three components are in one agent and managed by one dashboard, Sophos Central.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Alex Clerici - PeerSpot reviewer
System Integrator at Tecnimex S.r.l.
Real User
Top 5
It is very stable and I like the monitoring I get over my clients
Pros and Cons
  • "A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
  • "The initial setup was not very user-friendly."

What is our primary use case?

Our primary use case for this solution is to offer a complete and monitored solution regarding ransomware protection to all my clients & servers.

How has it helped my organization?

Sophos improved our organization allowing us to setup a very efficient solution, cloud managed, introducing a new modern concept: Syncronized Security (between Firewall and end-point)

What is most valuable?

A valuable feature offered by Sophos is called Naked Security and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client. So we have a central management console where we can observe and act and manage all our customers. It's like a proper perfect solution.

What needs improvement?

Something that could be improved is to better integrate all different platform available at the moment (not only allow pcs, servers but also other o.s. platforms, Android & IOS and so on too). It should be more user-friendly, automated and able to manage and analyze the logging of the operation, provided that Intercept X is one part of a more complete security solution (Syncronized Security - between firewall, endpoint, mobile devs). Logging & reporting is very important for us, especially in Italy.

For how long have I used the solution?

We've been using Sophos Intercept X ( /products/sophos-intercept-x-reviews ) for two to three years now on public cloud.

What do I think about the stability of the solution?

I am satisfied with the program's stability. There were some maintenance problems, but very rarely. We generally receive an alert from Sophos when there will be maintenance operations, so we can plan accordingly.

What do I think about the scalability of the solution?

The program is very scalable. We have about 300 computers, servers, work stations and mobile devices in our company. We have one staff member who is responsible for maintenance. We are all system integrators in our office and we plan to increase our usage soon.

How are customer service and technical support?

The support wasn't very good initially, but they became better. Compared to other brands' support, I'm quite satisfied about the support we get now.

Which solution did I use previously and why did I switch?

We used a few different products to achieve one objective, but now, with Sophos Intercept, we've solved our problem, reducing dramatically manual monitoring activities.

How was the initial setup?

The initial setup was not very user-friendly, but it improved during the evolution. It was rather difficult at first. Our deployment took half a day. Especially if we consider the Intercept X inside the final solution. We had to plan the setup. It all depends on the number of clients, of course. We did everything by ourselves because we are certified partners; we don't need external consultants.

What's my experience with pricing, setup cost, and licensing?

We pay an annual license fee.

What other advice do I have?

My advice to others would be to get certification over time because without certification, it's not so easy to setup and use. Users should familiarize themselves with all the features of the program. On a scale of one to ten, my rating is nine, because of the few missing features that I think should be added in a close future.

Disclosure: My company has a business relationship with this vendor other than being a customer: Silver Solution Partner
PeerSpot user
Israel Caravantes - PeerSpot reviewer
CIO LATAM at i-Track Systems Development, S.A. de C.V.
Reseller
Top 10
Enables us to watch the throughputs and the loading of the device to see how much traffic is happening
Pros and Cons
  • "The most valuable feature is the supervisory side of it where we can watch the throughputs, and even the loading of the device, to see how much traffic is happening."
  • "In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit."

What is most valuable?

The most valuable feature is the supervisory side of it where we can watch the throughputs and even the loading of the device, to see how much traffic is happening.

What needs improvement?

In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit.

For how long have I used the solution?

I've been using the solution for 18-20 months.

What do I think about the stability of the solution?

So far, the solution has been very stable.

What do I think about the scalability of the solution?

At the moment, we have no plans to expand further. We might in the next six months or so. I believe it will easily scale. We've just not gone into that yet but it looks promising. At the moment, we have around 50 users.

How are customer service and technical support?

I've only had to deal with technical support in relation to site-to-site VPN problems. I did find them to be very helpful.

What was our ROI?

At the moment, we don't have ROI because we've been given a very generous period of trial for this machine, we've not had to actually spend any money so far. So, in terms of return of the investment, it's not really applicable at the moment.

What other advice do I have?

In terms of advice, I would make sure that, in terms of capacity, to get the right version, to find the right level of device. MX64 is a fairly small business-scale device. We were a bit hesitant about going for that, given the scalability of it at that point. But, obviously, make sure that you go in with enough extra capacity to deal with any increases you have in traffic demand.

If you're setting up a VPN on the MX64, if both ends end up being a Meraki device, then it's simple to set it up. But when it isn't, it's a bit more complex. Eventually, it causes a lot of statistical information that they could provide if the devices are Meraki at both ends. If they could provide that same facility for setups where the network doesn't involve an MX64 or a Meraki device at both ends, that would be great.

I would rate this solution an 8 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Andrey Rogov - PeerSpot reviewer
CEO at a government with 1-10 employees
Real User
Good price and stability for firewall security but we had problems with using the software
Pros and Cons
  • "We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
  • "Sophos needs to create a YouTube channel with educational material for technicians or engineers."

What is our primary use case?

We develop software for brands and some enterprise companies. We need Sophos Intercept X to create hardware and software solutions. 

We need to create research for a next-generation firewall security solution. We offer software and hardware solutions for banks, enterprises, and big companies.

How has it helped my organization?

We had some technical problems. Maybe in the new update of this solution, they could fix some technical bugs. 

Sophos Intercept X has slow internal processes that could be better. Because of this, it hasn't improved our organization.

What is most valuable?

We most value the price and interface quality with Sophos Intercept X. We focus on solution quality.

What needs improvement?

This product has room for improvement in business areas for brand enterprises. Sophos Intercept X could improve in areas dealing with business, i.e. their internal processes.

For how long have I used the solution?

I have been using this solution for six months.

What do I think about the stability of the solution?

For the stability of the solution, I had some problems with uptime.

How are customer service and technical support?

Technical support could be of better quality.

How was the initial setup?

The initial setup was complex. Our deployment took six months to one year. It took us around one year to fully set up Sophos and get it running to take action for work.

What about the implementation team?

For the deployment, I set it up myself.

What other advice do I have?

Sophos needs to create a YouTube channel with educational material for technicians or engineers.

I would rate Sophos Intercept X at seven out of ten because of the technical problems that we have experienced.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Venugopal M M - PeerSpot reviewer
Venugopal M MGeneral Manager and Digital Advisory Leader with 10,001+ employees
User

Hi,

From Sophos has to provide training to their customers to handle Sophos devices along with certification so that cannot depend on the reseller or any implementation partner always.

Majid Nassir - PeerSpot reviewer
IT Manager at a tech services company with 201-500 employees
Real User
Top 20
Integrated anti-malware, next-generation firewalls, and IPS for network security solutions
Pros and Cons
  • "We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
  • "They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."

What is our primary use case?

Our primary use case is the interception solution in Sophos Intercept X.

How has it helped my organization?

We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization.

What is most valuable?

The future's about anti-malware, next-generation firewalls, and IPS. We value the IDS features of Sophos Intercept X the most. This is the best solution that we use and need.

What needs improvement?

Sophos Intercept X has room for improvement in the user management of live events.

They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event.

For how long have I used the solution?

I have been using this solution less than a year.

What do I think about the stability of the solution?

The stability of this solution was great. Sophos is a very powerful tool for all of our needs.

What do I think about the scalability of the solution?

We have an enterprise company. There are branches all over the world. Support for 50 schools over the internet is what we're supposed to intercept. It is scalable.

We have about 500 end users. For deployment and maintenance, we require just a few people. It is done by me and one of my colleagues.

How are customer service and technical support?

The technical support is not good because we are in Iran. We don't have any solidarity support from the company. We have some sanctions on. We just handle everything by ourselves.

Which solution did I use previously and why did I switch?

Before Sophos, we had older hardware that was not able to handle this software. We decided to change the solution to the Sophos device.

How was the initial setup?

The setup of Sophos Intercept X was straightforward. Our deployment took about two days, each day six to seven hours of work.

What about the implementation team?

We have used both consultants and a reseller.

What's my experience with pricing, setup cost, and licensing?

We renew the license for one year at $10,000.

What other advice do I have?

Sophos Intercept X is easy to deploy. It has all the features for a small, medium, or large scale business. On a scale from 1 to 10, I would rate this product an eight. 

The security of other devices on Cisco is more reliable and stable, but the user control in Sophos is a feature that Cisco doesn't have.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ahmed Mohamed Abdelmaged - PeerSpot reviewer
Network Security Engineer at Gateworx
Real User
We use the on-premise version for intercepting bad network traffic requests
Pros and Cons
  • "It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users."
  • "Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond."

What is our primary use case?

We use the on-premise version of Sophos Intercept X for intercepting bad network traffic requests. Sophos has two versions: one for on-premise, one for the cloud. 

Many of our customers prefer to have the on-premise solution.

How has it helped my organization?

I install Sophos Intercept X on the customer's site by myself. There is no need for extra people for the configuration.

What is most valuable?

Sophos Intercept X has a lot of excellent features. It's a very powerful tool.

What needs improvement?

Sophos Intercept X has room for improvement. We need a new version and more third-party solutions for Intercept X. 

Intercept X is on the cloud and some customers and some users prefer to have on-premise solutions. We need to generate a new product for Intercept X on-premise.

Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond. Then I could get support for my issue or my problem faster.

For how long have I used the solution?

About three years ago, I started to use Intercept X. It's a very powerful tool from Sophos.

What do I think about the stability of the solution?

The stability of this solution is the best. I tried many solutions to intercept at the end-point.

What do I think about the scalability of the solution?

It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users. Sophos Intercept X is easy to configure and very simple to set up. 

The scalability of this product will be very easy.

How are customer service and technical support?

The technical support is very easy for Sophos. If you want tech support, it can take a lot of time to respond. I get support from Sophos, but it takes one or two days for them to respond.

Support can be improved if they could respond more quickly.

How was the initial setup?

The initial setup is very straightforward. All of the features for deployment take only about ten minutes to fifteen minutes to install at most.

What other advice do I have?

On a scale from one to ten, I would rate Sophos Intercept X at a nine because we had some problems with technical support.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2022
Buyer's Guide
Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.