Sophos MDR Reviews

I am still working as a Sophos architect and implement solutions like Sophos MDR as a partner.

Sophos Managed Detection and Response (MDR) has received positive feedback from many organizations for its ability to enhance security infrastructure significantly. Here are some key points based on user reviews:

Improvements Noted:

1. Enhanced Security: Many users have reported a significant increase in the security level of their infrastructure without major effort. The service provides 24/7 threat hunting, detection, and response capabilities, which helps in quickly identifying and neutralizing threats1.
2. Expert Support: The onboarding process is smooth, with excellent support from Sophos' team, ensuring that all questions are answered and the system is set up .
3. Incident Response: In cases of security incidents, Sophos MDR has been effective in isolating compromised equipment and providing detailed reports and playbooks for remediation. This hands-on approach has been appreciated by users who have experienced sophisticated.

Challenges Faced:

1. Resource Intensive: Some users have mentioned that Sophos MDR can be quite resource-intensive, which might affect the system.
2. Support Issues: There have been occasional complaints about the standard support being less responsive compared to the dedicated MDR. This can be a point of frustration for some users.

Overall, while Sophos MDR has proven to be a robust solution for many, the experience can vary depending on specific organizational needs and the level of support required.

The important features of Sophos MDR include management services from Sophos, 24/7 support, detection and response capabilities, file reputation management, queries, Live Discover, Response, and Threat Hunting.

Based on user feedback and reviews, here are some areas where Sophos MDR could be improved and suggestions for additional features that could be included in future releases:

Areas for Improvement:

1. Resource Utilization: Some users have noted that Sophos MDR can be resource-intensive, which may impact system performance. Optimizing the software to be less demanding on system resources could enhance the overall user experience.
2. Support Responsiveness: While the dedicated MDR team is highly praised, the standard support has received mixed. Improving the responsiveness and effectiveness of the general support team could address this concern.
3. Integration with Other Tools: Enhancing integration capabilities with a wider range of third-party security tools and platforms could provide a more seamless experience for users who rely on multiple security.

Suggested Additional Features:

1. Advanced Reporting and Analytics: Introducing more detailed and customizable reporting and analytics features could help organizations better understand their security posture and the effectiveness of the MDR service.
2. Automated Incident Response Playbooks: Providing automated playbooks for common security incidents could help organizations respond more quickly and effectively to.
3. Enhanced Threat Intelligence: Incorporating more advanced threat intelligence capabilities, including real-time updates and predictive analytics, could help organizations stay ahead of emerging.
4. User Training and Awareness Programs: Offering integrated user training and awareness programs as part of the MDR service could help organizations improve their overall security culture and reduce the risk of human error

I have been dealing with Sophos MDR for about three years.

Sophos MDR has generally been praised for its stability. Here are some key points based on user reviews:

Stability Highlights:

1. Consistent Performance: Many users rate the stability of Sophos MDR highly, often between eight and ten out of ten. The service is reliable, with few instances of instability.
2. Minimal Disruptions: Issues related to updates or maintenance are rare and typically do not disrupt the users, Users have reported occasional update failures, but these do not lead to significant.
3. Continuous Monitoring: The continuous monitoring and quick incident response provided by Sophos MDR help catch potential threats early, minimizing downtime and keeping data safe.

Overall, the stability of Sophos MDR is a strong point, contributing to its effectiveness in managing real-time threats and maintaining a secure environment.

Sophos MDR is generally well-regarded for its scalability. Here are some key points based on user feedback:

Scalability Highlights:

1. Supports Various Enterprise Sizes: Sophos MDR is designed to support a wide range of organizations, from medium-sized businesses to large enterprises. This flexibility makes it a suitable choice for different scales of operations.
2. Easily Scalable: Users have noted that the solution can easily scale to accommodate an increasing number of protected devices without the need for redeployment1. This means that as your organization grows, Sophos MDR can grow with you, ensuring continuous protection.
3. Comprehensive Integration: The service integrates well with other Sophos products, creating a unified security ecosystem that can handle increased loads. This integration helps maintain performance and security as the organization expands.

User Feedback:

• Positive Experiences: Many users have had positive experiences with scaling Sophos MDR, highlighting its ability to handle increased demands.
• Resource Management: While the solution is scalable, some users have mentioned the need for efficient resource management to ensure optimal performance as the number of protected devices 

Overall, Sophos MDR's scalability is one of its strong points, making it a reliable choice for organizations looking to expand their security infrastructure

I would rate the technical support by Sophos at nine point five out of ten.

Positive

The implementation process is easy, and it usually takes about three days to fully implement Sophos MDR.

Many organizations have implemented Sophos MDR through vendor teams, and the feedback on their level of expertise has generally been very positive. Here are some insights based on user reviews:

Vendor Team Implementation:

1. Expertise and Knowledge: Users have praised the vendor teams for their deep expertise and knowledge in cybersecurity. The teams are well-versed in threat hunting, detection, and response, providing valuable insights and guidance throughout the implementation.
2. Smooth Onboarding: The onboarding process with vendor teams is often described as smooth and efficient1. They ensure that the system is set up correctly and all necessary configurations are in place, minimizing disruptions to the organization.
3. Responsive Support: Vendor teams are typically very responsive and provide excellent support, addressing any issues or questions. This level of support helps organizations feel confident in their security posture and the effectiveness of the MDR.

Rating of Vendor Expertise:

Overall, the vendor teams have received high ratings for their level of expertise and the quality of service they provide

1. Users have expressed satisfaction with the professionalism and competence of the vendor teams, making the implementation process smooth and effective

Sophos MDR has demonstrated a strong return on investment (ROI) for many organizations. Here are some key points highlighting its impact:

Quantified ROI:

1. Reduced Cyber Insurance Claims: Organizations using Sophos MDR have seen a significant reduction in the value of their cyber insurance claims. On average, these claims are 97.5% lower compared to those relying solely on endpoint protection. This reduction translates to substantial cost savings and improved financial resilience.
2. Faster Recovery Times: Organizations with Sophos MDR recover from significant cyberattacks much faster. Nearly 47% of these organizations fully recover within a week, compared to just 18% of those using only endpoint protection1. This quick recovery minimizes downtime and operational disruptions.
3. Predictable Outcomes: The use of Sophos MDR leads to more predictable recovery times and outcomes from ransomware incidents, providing organizations with greater confidence in their security posture1.

Additional Benefits:

• Enhanced Security Posture: With 24/7 threat detection and response, organizations can proactively address threats, reducing the likelihood of successful attacks.
• Expert Support: The dedicated support from Sophos' team ensures that organizations have access to expert guidance and assistance, further enhancing their security.

Overall, the ROI from Sophos MDR is evident in the form of reduced financial impact from cyber incidents, faster recovery times, and a stronger, more resilient security posture.

The pricing of Sophos MDR is reasonable and competitive, scoring about nine out of ten. When compared to other products like Trend Micro, Bitdefender, or Kaspersky, its pricing holds up well.

I have compared Sophos MDR to other similar products like Trend Micro, Bitdefender, and Kaspersky.

I would recommend Sophos MDR because it is one of the leaders in Managed Detection and Response services and it is suitable for small, medium, and enterprise companies. I rate Sophos MDR between nine point eight and nine point five overall.

We have FortiGate in our environment, and we also have Sophos now in our environment. We operate a multi-vendor environment.

We required a lot of small details and information from Sophos MDR, and we wanted a single solution which would analyze the traffic, do a traffic analysis, and provide security-related data. We conducted a POC on Sophos, and from the cost perspective, it was pretty good, so we made the decision to proceed.

We find security analytics and monitoring-related visibility in Sophos MDR valuable. Alerts are good, and there are fewer false positives. We get a lot of information if there is any certain attack or someone is trying something, and that incident is logged. These are the things which we get through a dashboard or through alerts.

Sophos MDR has AI built-in for analyzing behavioral analytics and people who connect, so that is by default there now. It is part of their product.

We have used that AI feature in Sophos MDR regularly for sorting and doing analysis. Auditors use AI for understanding when they do analytics, and because the time taken to analyze is less now, there is less manual intervention. We get AI reports and all those things, so that way, it is beneficial. We save time on that.

Non-stop threat monitoring with Sophos MDR is better. Less monitoring is required because we get alerts and incidents logged, and then we track it out and trace it. Our engineers now can have other work as well, making it beneficial.

We use detailed incident reports in a very big way because every fifteen days and every thirty days, we need to generate reports for compliance and governance. We need to do analysis of these reports and understand what might be the issues.

Predictive analytics in Sophos MDR provides only certain generic reports because most of our time we don't have abrupt or different traffic. However, it helps when there is particular traffic from a geolocation which we don't want because our clients are not there, providing us some information about the potential issues or dangers.

We receive multiple benefits from Sophos MDR, including cloud monitoring integrated, which means it's not necessary that we need to connect to the device. Our device is isolated but connected to a cloud controller, and from there, we can monitor Sophos across the fabric or wherever we are. The second thing is that report handling and everything is automatic, which saves time for us. We get deep analytics as well, making it beneficial. The design is not only on Sophos; we have a multi-vendor strategy with two different firewalls for certain critical traffic that needs to go through both.

One of the areas for improvement in Sophos MDR is the amount of traffic and the VPN because when we have that much load, the hardware gets a little bit heated. So they need to look into the capacity of the hardware.

Functionality-wise and features-wise for Sophos MDR, we are somewhat satisfied, but there are a lot of things we don't use even. However, the critical part is there, which we use, while most other functionalities we don't require because the more complicated the configuration we do in a security fabric, the more difficult it is to handle those types of data and readings and analytics. We have enabled only the features and functions needed, leaving the rest disabled.

We deployed Sophos MDR about one and a half to two years ago in one of our environments.

We have an on-premises environment for Sophos MDR, connected to the cloud controller, but we require a physical firewall in our environment. We don't rely on a virtual firewall, so when the load on the firewall goes high, it becomes pretty hot.

For scalability, we can increase that without any problem. In a production environment, it's not that complex. I would rate scalability an eight.

Sophos has good technical support, and in the event of issues or problems, we have received good support. I would rate them an eight point five.

Positive

We had FortiSIEM, but now that particular hardware is end of life. We are using Wazuh now as a SIEM in our environment.

When it comes to the initial setup for Sophos MDR, it was pretty simple because the GUI is pretty simple. Once we connect the firewall to the cloud controller, the configuration is pretty fast. The only testing-related fabrics we need to do manually, but that is fine because in firewall configuration, certain things have to be done, such as routing protocols testing. Overall, it was not pretty difficult.

We compared Sophos MDR with FortiGate and other cloud-based software such as Cisco Umbrella and Zscaler, but we don't require that kind of security in our fabric, nor do we want to rely on cloud data type. That's why we selected Sophos because it is good cost-wise and better security-wise, and while performance-wise it could be better, it works fine in our environment.

Pricing for the product is pretty good, so I would rate that a nine. Purchase-wise, we have no issues as we have good distributors available. My overall rating for Sophos MDR is an eight.

My main use case for Sophos MDR is that after purchasing it, the Sophos MDR team checks all things on the license level and verifies if there is any malicious behavior activity in my organization. They notify me via email as well as through phone calls, which is very helpful for us.

A specific example of a situation where Sophos MDR helped my organization is when a high security alert was generated on our Sophos Central. The MDR team quickly worked on it, reverted to me via email, called me, and quarantined the particular malware.

Sophos MDR is very helpful because all attacks happen at night. If any attacks occur during nighttime hours, the MDR team reviews the logs and works around the clock, which keeps us safe.

The best features that Sophos MDR offers, in my experience, are quick support. All aspects have been good from Sophos, as they quickly support, rapidly resolve my issues, and provide multiple solutions.

They provide us with a full root cause analysis for what happened, detailing when malicious activity occurred, what the malware SHA value is, what the hash value is, what the source IP is, what the source MAC is, and which destination has been targeted by the attackers. I get all that information from Sophos MDR.

Sophos MDR has positively impacted my organization by helping us significantly. If any incident is generated at night, nobody is reviewing it, but Sophos MDR has the authority to quarantine the malware. This has led to specific outcomes such as fewer incidents, faster response times, and less downtime for our team. It is very helpful because whenever any incident is generated, we do not have to do anything. The MDR team has access and can handle everything on our Sophos Central portal, giving them full visibility to easily tackle issues and relieve the entire team after their response.

I think Sophos MDR can be improved, but as of now, it is good, very useful and reliable. They could improve it by adding another solution such as CrowdStrike or Trend Micro. If they integrate those as well, it would be more reliable for us.

I have been using Sophos MDR for the last two years.

In my experience, Sophos MDR is stable.

Sophos MDR's scalability has been good for us. It is growable with our needs, and whenever we want to upgrade the licenses, if I am using fifty licenses for MDR, we can increase or decrease as needed.

The customer support is very good from Sophos.

Positive

I have not used any different solution before Sophos MDR.

In my experience with pricing, setup cost, and licensing for Sophos MDR, it provided us with many features, so the licensing and cost are good.

I have seen a return on investment with Sophos MDR. It provided us with a money-back guarantee, and if any incident happens after purchasing Sophos MDR, they will give us a return after the incident.

I evaluated SonicWall MDR before choosing Sophos MDR.

My advice to others looking into using Sophos MDR is to purchase it because it is a very good and reliable solution. I give this review a rating of ten out of ten.

It's a managed detection service. So my clients would only use the MDR if they need 24/7 managed risk.

We are one of the distributors of Sophos here in South Africa. We serve the entire market.

Sophos MDR integrates well with the existing infrastructure. That's one thing Sophos can do that other MDR companies can't. Again, Sophos is not single-vendor. So they've got integration packs. They don't support every cybersecurity product out there, but if users have got a network that's running SentinelOne and a Palo Alto firewall, Sophos MDR doesn't require users to rip their infrastructure up. They can install and set it up and run with users' existing infrastructure, whereas other vendors can't.

It's already so extensive with what you can do. The ease of use is great; you can really get started very quickly. 

It's not difficult to deploy, configure, set up, or manage. It's your Sophos Central admin. It's got a built-in SOAR solution, not even a SIEM. 

And the best part about it is that Sophos Central admin, all that reporting, everything - with CrowdStrike or Fortinet, you would have to pay extra for that level of reporting. That's all built into Sophos Central, and that's just given to you with your products. 

Sophos MDR is a service. MDR is managed detection and response. It's a managed security service.  So instead of having an anti-malware, which in Sophos' case would be Intercept X, with MDR, they add human-led threat hunting. It's a managed service. So it's not a product that you sell the client per se. You're selling them a service, which is almost like an SLA, and that includes Cloud MDR. MDR is not a product. It's a service.

The reality is that when it comes to the likes of SentinelOne, McAfee, CrowdStrike, ESET, and all the other players out there, they're single-product security companies. CrowdStrike is an anti-malware. That's one thing. ESET, same thing. But if you look at the other vendors, within the appliances, you're looking at Fortinet, Palo Alto, and Checkpoint. They only sell firewalls. That's all they do.

When you deal with Sophos, they are the entire product suite. They sell firewalls. They sell Intercept X, which is their anti-malware, Intercept X for Server with anti-malware, email protection with ties into Office 365, and Sophos Plus encryption. All of these security products pull telemetry. So every time somebody hits a firewall, it's called, for argument's sake, that goes into their central data lake. All the firewalls around the world add that information to a data lake.

Now, when you're dealing with Sophos, because of their exposure, because they've got so many different products, their data lake is a lot more extensive than competing vendors because they're not relying on one threat factor. They're not relying on one area of expertise.

They're a global company. So, I can't compare their telemetry, for instance, to the likes of CrowdStrike. If CrowdStrike has probably started doing appliances, then the users will get that benefit as well. Sophos is the only vendor that does do that. It's like hiring a security team.

Sophos do things differently in that they've got more telemetry and more insight into a network because they offer a variety of products. The other part about it is Sophos MDR; the service, unlike other vendors like CrowdStrike, is not limited to their products. If you are running CrowdStrike in your company, for instance, you can get their integration packs, in which case Sophos will manage your CrowdStrike system for you. Whereas with CrowdStrike, it's only CrowdStrike. You are locked into that vendor. So Sophos offers that flexibility. 

It's a multi-vendor service as opposed to SentinelOne or CrowdStrike, which is a single-vendor service. For instance, if I'm running Sophos, I would like to go with CrowdStrike MDR. I would have to remove my entire security investment, in this case, Sophos, and reinstall CrowdStrike in order to use their service. Sophos doesn't have that problem. If you've got CrowdStrike and you've already invested in CrowdStrike, cool. You stay on CrowdStrike. They will still manage it for you.

Sophos MDR could offer more integration packs and more vendor flexibility, which they're working on. But that's probably the only improvement that I would see with Sophos MDR, so they could really push themselves ahead, which they really are ahead. 

If there's only room for improvement, Sophos MDR will be able to offer and support more vendors than they already do.

But Sophos MDR already supports so many. There's only so much they can do, but even more would be great. Give it more flexibility. Shaun, that would be a plus.

I have you been working with Sophos MDR for about three to four years.

I never had an issue with the stability of this solution myself personally. There's never been an issue. The only time users ever get—it doesn't stop the service from running—is when there's scheduled maintenance and scheduled updates to Sophos Central platform. That doesn't stop the service. The service is still running on the back end. 

We're still pulling that telemetry and looking after your systems. It's just what you're seeing as the end user sometimes, like, your reporting goes down for 20 minutes. You don't lose any data. It's just the UI because they're doing an update to put in new code, and then everything comes back up. That doesn't stop Sophos MDR, the service, the threat hunters that work for them, anything. So, there's no downtime that I've ever experienced.

So, I would rate the stability a ten out of ten.

Scalability depends on your infrastructure. If it runs through public cloud infrastructure or private cloud infrastructure, so scalability is limited to your imagination. 

You can deploy it worldwide and deploy your policies worldwide. As long as the end-users have access to the Internet, they can get policies, and they're feeding telemetry into the data lake. So,  scalability is not an issue when dealing with cloud networking. It's not a factor.

We're a distributor, so we deal with all types of businesses, from small businesses to enterprises.

The initial setup is quick and simple. A couple of clicks, and you're up and running.

Compared to other setups that I've actually worked with, I would rate my experience with the initial setup an eight out of ten, with one being difficult and ten being easy to setup. 

It is a cloud service. The deployment time depends on how many devices you're deploying it to. Deploying it to five computers will take a very different amount of time than deploying it to 6,000. But through Sophos Central itself, it's about half an hour to get ready for MDR. And that's from creating a Sophos Central account from scratch.

The service is very well-priced. They offer 365 global chasings. So when Sophos offices in India shut down for the night, their offices in England open up. When England shuts down for the night, then America opens up. So they're on the clock 24/7.   

The cost for the service, keeping in mind that we're in South Africa, so the exchange rates from the pound or the dollar to South African rand is not great. But that's true of any imported product or service. But, I couldn't imagine it being better priced for what you're getting. Again, you're hiring humans to manage your network for you. It's not a product where you pay once off.

The pricing depends on who the customer is and what their budget is. The cost of security should never override the value of the asset. So a small business with ten people would find it very expensive, but then again, they don't have the same security requirements. 

However, if you're a bank or a government department, then you've got regulatory bodies that you have to adhere to, much like the GDPR that you guys have. We have POPIA. A breach of data is a very serious offense. You have personally identifiable information. So, in that case, the cost of the countermeasure or the remediation is worth it. So it really depends on which industry you're looking at. Maybe it's not for everybody as a service. A plumber, for example, doesn't have the same exposure factors that an auditing firm does. So, it essentially depends on the industry. 

Just go for it. You can't go wrong with 24/7 active threat hunters, AI scientists, and a global footprint of a couple of hundred thousand people who are already... You've got to think about it from this particular point of view: because of their extensive data lake if a client, let's say in China that's running Sophos for MDR, is hit by a zero-day attack, remember that data lake is updated, and everyone is updated globally. So you've got global immunity. So if you are in that situation and you need that sort of protection, do it. 

Even if you're in a scenario where you've got your own SOC team, your people need to sleep. Sophos is running twenty-four hours, seven days a week. It can work in conjunction with your existing security architects to manage the security of your network.

Overall, I would rate it a ten out of ten. 

Positive

The primary use case is mostly for the SMB segment where the customer does not have a dedicated team for support, especially for cyber threats. It has also proved most valuable in the financial sector where data is critical and there might have been attempts at hacking in the past.

Customers need not worry about whether they are on vacation, during off hours, or not actively looking into the network because someone is taking care of the infrastructure and data carefully. The 24/7 monitoring capability provides peace of mind that someone is always watching over the system.

The best feature is Rapid Response, which has always been very helpful. Whenever there is a situation where data is at risk, the MDR team comes into action. The rapid response team acts quickly to relieve customers from this kind of situation.

There could be improvement in features like more detailed reporting for the end customer. For example, reports should be in simple language that is easy to read and understand for management level personnel. Currently, the reports are a bit technical and challenging for management to comprehend.

I have been working with Sophos MDR for four years now.

The technical support provided by Sophos is excellent and rated as five-star.

Positive

Before Sophos MDR, we did not work with anything similar. Sophos was the first OEM we started working with.

We have an in-house support and tech team that helps customers with implementation and post-installation support services. My team provides L1 to L3 support levels, and the Sophos support team is always available 24/7, allowing customers to raise tickets and obtain help directly from the support team.

The pricing is a little higher. Currently, when customers consider endpoint protection for two dollars or four dollars, we are charging almost ten dollars.

I would absolutely recommend Sophos MDR to other organizations. It is rated ten out of ten overall, with a deduction of one point only due to the commercial cost.

I'd rate the solution nine out of ten.

We use the solution to protect the service and laptop. It also provides incident response services to customers. It is easy to deploy full services to mitigate any threats or attacks.

Sophos has very good technology for detecting things and protecting against lateral movement or other tactics.

The important mechanism is the dilation of the desktop. It quarantines and removes threats from the network. Sometimes, security devices similar to firewalls are used. It also creates dynamic rules to protect against attacks. The security cross-synchronization is very important.

Sophos is not integrating the same console and umbrella with its product.

When attacks occur, Sophos does not have a prepared incident response or a plan to help solve any problems.

I have been using Sophos MDR for eight years.

I rate the solution’s stability a nine out of ten.

20 customers and 2000 endpoints are using this solution. 

I rate the solution’s scalability a nine out of ten.

Support needs some escalation, and it uses early contacts.

Neutral

I have worked with Palo Alto and CrowdStrike. CrowdStrike is expensive.

Over two thousand endpoints are deployed across the customers.Two security engineers work from Monday to Friday because of any incidents or problems.

Pricing is good and competitive. If you analyze the standard price, it isn't good historically. However, obtaining a reasonable price is easy when you negotiate with Sophos sales. You need to negotiate to obtain a reasonable price.

The most important aspect is a EC2 deployment which is a remote deployment done for new customers using Sophos. Approximately ninety-five percent of EC2 deployment is automated, requiring only a review or customization for the customer's needs. Another key feature is the centralized control of updates, allowing for scheduling any interaction with the endpoint. Additionally, the new platform and system operations, along with IOCs, are updated daily.

Sophos has a very good policy at good prices. Since I have a local contact with the salespeople, they provide me discounts. It's very stable and competitive.

When the customers have budget, they can opt for CrowdStrike. However, when the customers have budget constraints on daily servers, and when the customers prefer to integrate mobile platforms with different technologies, they can use this one technology.

Overall, I rate the solution an eight out of ten.

I use Sophas MDR almost daily. It depends on whether we have an incident or not.

It has helped our organization by enhancing security measures through its AI capabilities. We are starting to see improvements, and it integrates well with other cybersecurity solutions.

The automated threat hunting feature and integration capabilities are valuable. It works better when integrated with another cybersecurity solution rather than just standalone.

Maybe the reporting needs improvement.

I have used Sophas MDR for a few months, approximately two months.

I would rate the stability of the solution as nine out of ten. It has been stable for us.

I would rate the scalability of the solution as nine out of ten.

Technical support from Sophos is generally good, rated eight out of ten. It can take some time, however, this might be due to issues on the user's side.

Positive

Previously, we used Bitdefender, but we switched to Sophos as we already have the firewall software and we prefer the solutions to work together.

The initial setup was straightforward and easy.

The implementation was handled internally as I am an end user.

There has not been enough time to accurately assess ROI or cost savings.

The pricing is normal and not exorbitant.

I would recommend Sophas MDR to others as long as they have another software solution like a firewall to combine with it.

I'd rate the solution eight out of ten.

Sophos MDR enhances our clients' cybersecurity. Our clients do not have to worry about security threats like malware or intruder activity because the Sophos MDR team is very experienced and takes immediate action. The solution provides an easier VPN connection.

The solution's integration should be made easier because it is difficult. Sophos MDR should improve its artificial intelligence capabilities. Sophos MDR uses artificial intelligence in cybersecurity, but it should be made more attractive or scalable.

I have been using Sophos MDR for six months.

I rate the solution’s stability an eight out of ten.

Around five clients use Sophos MDR.

I rate the solution’s scalability a nine out of ten.

The solution’s technical support is very good.

Positive

The solution's initial setup is not easy. It is quite difficult to integrate the tool. The solution's deployment takes around one and a half to two hours. Sometimes, my senior helps me with the installation. Other times, I deploy the tool by myself.

Sophos MDR is less expensive than other products like Fortinet or Palo Alto.

Sophos MDR is very helpful for remote help, security pickup, policy editing, or policy deployment. I would recommend Sophos MDR to other users because it helps detect suspicious network activity.

Clients don't trust Sophos MDR because it is a new cloud product that has been around for one and a half years.

Overall, I rate the solution a seven out of ten.

We manage security 24/7 using Sophos.

I am satisfied with the product. The solution provides the best security features. We don't have a 24-hour security engineer in our organization. Now, Sophos MDR acts as a 24/7 resource and helps us when an issue is activated.

The product must provide zero trust security. The security tools for the endpoints must communicate with the firewalls.

I have been using the solution for three to four years.

The product is better suited for enterprises.

I will not recommend the tool to the private sector or small companies. The tool is too expensive for small companies.

We use the tool in our company. Our customers also use it. We are partners and resellers. I recommend the product to other organizations. Overall, I rate the solution an eight out of ten.