We use it just for antivirus detection. There was a facility where you could send a fake email to find out who clicked on these links. So this option is not available. We just have a simple NDR.
Network administrator at Al Hussan Group
Light on computer resources, doesn't consume much memory and works effectively as an antivirus detection solution
Pros and Cons
- "The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
- "There is room for improvement in terms of stability and updates."
What is our primary use case?
What is most valuable?
The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos. Because we had Bitdefender, it was also good, and we could not find it to renew it.
What needs improvement?
There is room for improvement in terms of stability and updates. Updates, like if someone does not turn on the computer for six months, and then it gets expired, then you have to manually remove it and then reinstall it.
For how long have I used the solution?
I have been using this solution for five years now. We use the latest version.
Buyer's Guide
Intercept X Endpoint
December 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
What do I think about the stability of the solution?
I would rate the stability a nine out of ten. It is a stable solution. There is no problem at all in the cloud.
Sometimes we cannot rate stability a ten out of ten because, you know, there are some updates. If it doesn't happen, then you have to uninstall it and then reinstall it. If you're working in remote locations, you cannot do it easily. Then you have to ask someone to do it manually. It's something we can't do that much.
What do I think about the scalability of the solution?
The solution is extensively used. We began with 300 users and then 1800 users. And now, we have around 3,000 end-users using this solution. So, we have plans to increase the further usage.
How are customer service and support?
I contacted support once for license activation.
Which solution did I use previously and why did I switch?
In Bitdefender, we used to have a virtual machine, and there was only one engineer available who was in Kuwait. And if he's busy, you cannot do anything. There were some technical problems also. But since we are using Intercept X Endpoint cloud-based solution, everything goes smoothly.
How was the initial setup?
The initial setup is really simple. We install it in our active directory. It can be set up automatically.
It took two minutes, maybe even less than two minutes, and then it keeps updating on the back end. So users do not feel anything.
What about the implementation team?
We have been working in IT for the last twenty years, so we know how to do this.
I'm also the network administrator, so we use an active directory to deploy it, and we got it integrated into our Windows Solution image. It gets updated, and it gets installed by itself.
What was our ROI?
It's good. Not that expensive.
What's my experience with pricing, setup cost, and licensing?
We go for the three years plan.
What other advice do I have?
I recommend it to everyone. It's easy to use. It's still strong and light on the computer. It doesn't take a lot of memory. The feature I found valuable is that it works for signature antivirus as well as finding signatures.
Overall, I would rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of IT Infrastructure at a non-tech company with 1,001-5,000 employees
Fairly priced, reliable, and has helpful support
Pros and Cons
- "It is stable."
- "We tried to set up Sophos Zero Trust within my Sophos central cloud. It only works with Microsoft and I use Google. I'd like to see Google added."
What is our primary use case?
We use the solution for endpoint and server security.
How has it helped my organization?
From a security standpoint, it provides me the visibility to see what is happening on all my endpoints and server.
What is most valuable?
I have the ability to interact directly with potentially infected machines from the network.
It is easy to set up.
The solution offers fair pricing.
Technical support is helpful and responsive.
It is stable.
The solution scales well.
What needs improvement?
Initially, when I started, I had a lot of performance challenges. They need to work on performance to the endpoints.
We tried to set up Sophos Zero Trust within my Sophos central cloud. It only works with Microsoft and I use Google. I'd like to see Google added.
For how long have I used the solution?
I've been using the solution since 2019. I've used it for three to four years.
What do I think about the stability of the solution?
It is very stable. There are no bugs or glitches, and it doesn't crash or freeze.
What do I think about the scalability of the solution?
It has scaled well. We haven't had issues in that respect.
We have about 950 endpoints and 57 users.
We have plans to increase usage.
How are customer service and support?
I've used technical support. They are fine. I speak to the country manager directly in Nigeria, and they are very responsive.
Which solution did I use previously and why did I switch?
I'm also using Digital Guardian. The combination of Sophos and this solution may have affected performance.
How was the initial setup?
It has two components. While it is n the cloud, all agents are deployed on-premises.
What was our ROI?
I have definitely seen an ROI while using this solution.
What's my experience with pricing, setup cost, and licensing?
The pricing is fair. It's not overly expensive.
What other advice do I have?
I'm using the latest version. It updates automatically online.
I'd advise new users to deploy Intercept X with EDR on your endpoints.
I'd rate the solution nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Intercept X Endpoint
December 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Chief Enterprise Architect at a financial services firm with 10,001+ employees
Good support and uses AI to detect ransomware, but human monitoring is still required for sophisticated threats
Pros and Cons
- "Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities."
- "Better protection in the endpoint, server, and mobile is needed."
What is our primary use case?
This product is basically used for detecting ransomware. It will monitor all of the ransomware threats. Since the first ransomware attack happened in 2017, WannaCry, it has been a global threat. It is a vulnerability that is impacting a lot of devices and computers in the network.
Ransomware threats have been identified as one of the first priorities in the entire info security segment. Information security consists of various things including endpoint detection, threat detection, and then your SIEMs like QRadar or ArcSight.
At the early point of detection, Sopho is going to stop the ransomware. The question that has been there since 2017 is how it will identify the ransomware and how does it stop the attack from happening to the network. WannaCry was the first large ransomware attack, which has impacted various regions and is a very high severity threat. Since then, a lot of things have been lined up for mitigating the risk, like WannaCry.
How has it helped my organization?
improved considerably
What is most valuable?
Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities. There is no human intervention in some cases, which is the trend that is happening with most of these products. High-end products and sophisticated products include machine learning capabilities for detecting the threats.
What needs improvement?
There are hackers who hack the artificial intelligence component using artificial intelligence itself. These sophisticated hackers are using AI capabilities, and the problem is that with no human intervention, machine learning can be defeated. The consequence is that somebody still has to keep watch and monitor the detection from the threat scanning.
Better protection in the endpoint, server, and mobile is needed. Those three areas should be fully protected. It should stop ransomware from installing, it should stop it from deploying, and it should also block unauthorized file encryption. In summary, it should have more protection, better detection, and better response.
For how long have I used the solution?
We have been using Sophos Intercept X for more than two and a half years.
What do I think about the stability of the solution?
Sophos Intercept-X is a stable solution and we plan to continue using it in the future.
What do I think about the scalability of the solution?
This is a scalable product and we have more than 7,500 devices connected to the network.
How are customer service and support?
The technical support is 24x7 and it is good. They have different points of contact within the support regions like India, Singapore, and various other regions.
Which solution did I use previously and why did I switch?
We have Sophos running in parallel with Sophos Cloud, in some of the regions.
How was the initial setup?
The initial setup is quite simple and it will take a couple of hours.
What about the implementation team?
I and my team deploy and maintain this solution. The deployment happens on the cloud.
What other advice do I have?
This is a good solution but that said, there are breaches that are happening, and they are happening using AI. So, the attackers are also that sophisticated and it means that somebody has to sit and do the human check as well.
Ultimately, what happens is that the threats are found, and then the response action is taken based on the outcome of all these steps.
This is a product that I can recommend to others. The DR has better capabilities, as it's powered by machine learning.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Coordinator at a pharma/biotech company with 51-200 employees
Services perform well, minimal resources, and synchronizes well with other solution
Pros and Cons
- "The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources."
- "This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."
What is our primary use case?
We are not only using Sophos Endpoint with this solution, we are also using Sophos Email Security and firewall. It is a completely synchronized security package.
What is most valuable?
The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources.
What needs improvement?
This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it. I do not think a lot of companies know about this solution, it could be a lack of marketing that is the reason why it is not at the top.
For how long have I used the solution?
I have been using the solution for two years.
What do I think about the scalability of the solution?
The solution is very good for small-sized businesses.
How are customer service and technical support?
The technical support sometimes is a bit delayed, but sometimes they are responding very fast. Overall they are good but could improve on the times they are having delays.
Which solution did I use previously and why did I switch?
Previously we used McAfee for our endpoint protection for our company. It was very problematic, it was using up a lot of resources and delaying the work of users. Users were not able to do multitasking in the system. It is blocking all access to our server at the time of scanning. We decided to move to some other good antivirus. After analyzing the market, we found Sophos. Sophos is best for the standard configuration PC.
Which other solutions did I evaluate?
Due to some circumstances, we are going to switch from this solution to Symantec. Additionally, we have evaluated Kaspersky before choosing Symantec as the replacement for this solution. Kaspersky has had a very good rating amongst review sites along with Symantec.
What other advice do I have?
I rate Sophos Intercept X a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Effective protection, simple policies, and helpful support
Pros and Cons
- "The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good."
- "We are not able to merge the sub-estates. If we create multiple sub-states and there may be instances where a user is in a different sub-state, it may not be possible for us to relocate that user from one sub-state to another through the console. We have to merge them manually which is not ideal."
What is our primary use case?
The solution is used for security.
What is most valuable?
The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good.
What needs improvement?
We are not able to merge the sub-estates. If we create multiple sub-states and there may be instances where a user is in a different sub-state, it may not be possible for us to relocate that user from one sub-state to another through the console. We have to merge them manually which is not ideal.
For how long have I used the solution?
I have been using Sophos Intercept X for approximately two and a half years.
What do I think about the stability of the solution?
The solution has been stable.
What do I think about the scalability of the solution?
We have approximately 800 users using this solution.
Sophos Intercept X is easy to scale and increase the capacity.
How are customer service and support?
The support team from Sophos Intercept X is good at helping us.
How was the initial setup?
The initial setup of Sophos Intercept X is simple. The process can be done in approximately 10 minutes.
To install Sophos Intercept X, we followed these steps: firstly, we ran the setup, which prompted us to click on "next." Then, we were asked to choose the "install" option, which we selected. After that, the installation process automatically commenced and was completed.
What's my experience with pricing, setup cost, and licensing?
The price of the solution is average compared to the market.
Which other solutions did I evaluate?
When comparing Sophos Intercept X to other solutions it is easier to understand after watching the first video.
What other advice do I have?
I rate Sophos Intercept X an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
It can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection
Pros and Cons
- "The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
- "They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."
What is our primary use case?
When Intercept X came out, the primary use case was stopping ransomware. It was one of the first products to claim that capability. When I was evaluating them back then, it was the only one I considered effective at analyzing and identifying where the infection started.
The synchronized security also helped because the firewall could isolate workstations that had the infection or were in the path of infection.
What is most valuable?
The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back.
Sophos made such good headway with it because it wasn't traditional endpoint protection. It has a lot of additional capabilities, including web content filtering. It also has the ability to understand the traffic it was seeing at the endpoint,
It's sitting on the endpoint, so you don't have to worry about encryption messing up the intelligence that it could get out of the traffic. It was able to pinpoint where the infection was able to get ahead of Intercept X. It was called Intercept X because it can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection.
What needs improvement?
It's hard to say what could be improved because we're in the middle of an endpoint protection arms race, and there are constant improvements on all fronts in Fortinet, Sophos, and products.
They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention.
For how long have I used the solution?
I have been using Intercept X since it came out. It hasn't been out that long. Sophos has always had an endpoint client, but Intercept X added new technology. The whole idea of being able to drill down to do a root cause analysis was a novel approach to the endpoint game.
What do I think about the stability of the solution?
Intercept X is highly stable
What do I think about the scalability of the solution?
Sophos has the flexibility to scale from one user to a data center, but I've primarily used Sophos for small to medium-sized businesses.
How are customer service and support?
I was impressed the last time I called Sophos support. They have a "follow the sun" philosophy with coverage from tech support centers from around the world. Sophos began as a British company, and Fortinet is a Canadian company.
Which solution did I use previously and why did I switch?
Sophos and Fortinet have a firewall solution that can work in small business or home office situations, where you might have only one or two people protected by the techn. Still, yout you can look at it through a single pane of glass and see all of the different work sites you're protecting.
Sophos goes one step further with what it calls its RED product, which basically is a hardware firewall that travels with somebody. Say you have an executive in your company and you want to zero in to protect his or her workstation from infection and have control over it to manage its defenses. RED is a great product to do that. Fortinet and Sophos both have strong management capabilities for remote offices and offer centralized management through a cloud application.
How was the initial setup?
The basic setup is decent by itself. I have not had to do a lot of tweaking with either one of these products.
What other advice do I have?
I rate Sophos Intercept X nine out of 10. Its reporting, alterts, and configuration capabilities make it a formidable product. It's a great product that works as advertised. I haven't seen any serious conflicts between it and other products, whereas I wouldn't put some endpoint protection products on the same endpoint.
You have to do some work there, but generally speaking, there's always been a case where I've been able to have more than one product. It's probably the best of all the products that I work with because I've had Malwarebytes installed together with Sophos and FortiClient without undue pain. There are some others that I won't mention without that same track record.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Head of IT at International Tennis Integrity Agency
Good managment and stability with reasonable pricing
Pros and Cons
- "The client isolation feature is a very effective feature."
- "Technical support is too slow to schedule meetings."
What is our primary use case?
The solution is primarily used for endpoint.
What is most valuable?
The client isolation feature is a very effective feature. There is a lot of information you can find in the console. Management is good. They're always giving you information on the products you have rather than trying to send you new products.
What needs improvement?
For how long have I used the solution?
I have been using Intercept X Endpoint for 3 months.
What do I think about the stability of the solution?
The solution is stable and I rate the stability an 8 out of 10.
How are customer service and support?
I have only spoken to technical support during installation.
When talking to sales support or technical people, I find that they're all very busy. It takes a few days to be able to actually have a meeting arranged. If I contact them that I want to have a meeting with somebody technical from Sophos to go over an implementation or something that I wanted to get out of the product, they may not be available for 6 or 7 days.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is straightforward.
What's my experience with pricing, setup cost, and licensing?
The pricing is actually quite reasonable.
Which other solutions did I evaluate?
I was looking at the Rapid7 and Darktrace before choosing Intercept.
What other advice do I have?
Overall, I rate the solution an 8 out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 27, 2024
Flag as inappropriateUseful web filtering, effective URL sanity checks, and excellent support
Pros and Cons
- "The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features."
- "The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle."
What is our primary use case?
We use Sophos Intercept X to protect the endpoint devices in our organization, such as PCs and MacBooks.
How has it helped my organization?
Sophos Intercept X is a full package. It's more than only an antivirus solution to find the malicious code. We also use it to filter malicious websites and detect applications that have been outlined in our corporate policy.
What is most valuable?
The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features.
What needs improvement?
The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle.
The majority of our systems are Apple-based, this issue is more noticeable on the Apple platforms.
For how long have I used the solution?
I have been using Sophos Intercept X for approximately two years.
What do I think about the stability of the solution?
The stability or performance of Sophos Intercept X is good. However, sometimes users have needed to have their configuration fine-tuned to allow better performance.
What do I think about the scalability of the solution?
We have approximately 50 users using this solution.
We use Sophos Intercept X extensively and we use everything the solutions offer.
How are customer service and support?
The support I have experienced from Sophos Intercept X was great.
I would rate the support from Sophos Intercept X a five out of five.
Which solution did I use previously and why did I switch?
I have used other solutions other than Sophos Intercept X in other organizations but it has been over two years ago.
How was the initial setup?
I have been using Sophos Intercept X for over two years, in the beginning, the initial setup was straightforward but because they do not fully support the Apple platform, or they're pretty slow at supporting the Apple platform, the latest version supporting Apple is a little bit cumbersome to use. You need to walk the user through the process with some specific instructions or help the user directly. It's not as easy as it used to be.
I would rate the implementation process of Sophos Intercept X a four out of five.
What about the implementation team?
We did the implementation of Sophos Intercept X in-house.
I do the maintenance of the solution. We are a smaller company and I am sufficient for the maintenance of the solution.
What's my experience with pricing, setup cost, and licensing?
I have found the price of Sophos Intercept X to be reasonable.
What other advice do I have?
I would advise others that they have to look at their environment to determine if this solution would be best suited. Sophos Intercept X for a small business that has a mix of PCs, MacBooks, and has the need for multiple security controls, this tool fits us well. For different environments, the organization might need other or additional tools. For example, if they may need threat protection. There are different vendors that may have an edge in certain areas than Sophos Intercept X has. For us, we need a balanced, multi-pronged approach for securing in our environment, Sophos Intercept X works well.
I rate Sophos Intercept X an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) ZTNA Managed Detection and Response (MDR) Extended Detection and Response (XDR) Ransomware ProtectionPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Symantec Endpoint Security
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
VMware Carbon Black Endpoint
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Sophos Intercept X or Symantec End-User Endpoint Security - which is the better solution?
- Can Sophos Intercept X and Carbon Black be used side by side on endpoints?
- Which endpoint solution is more effective in terms of protection and remote administration: Sophos Intercept X or Kaspersky Endpoint Security?
- How does Crodwstrike Falcon compare with Sophos Intercept X?
- Sophos Intercept X: renewal cost for a security system integrator
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?