Intercept X Endpoint Reviews

This product is basically used for detecting ransomware. It will monitor all of the ransomware threats. Since the first ransomware attack happened in 2017, WannaCry, it has been a global threat. It is a vulnerability that is impacting a lot of devices and computers in the network.

Ransomware threats have been identified as one of the first priorities in the entire info security segment. Information security consists of various things including endpoint detection, threat detection, and then your SIEMs like QRadar or ArcSight.

At the early point of detection, Sopho is going to stop the ransomware. The question that has been there since 2017 is how it will identify the ransomware and how does it stop the attack from happening to the network. WannaCry was the first large ransomware attack, which has impacted various regions and is a very high severity threat. Since then, a lot of things have been lined up for mitigating the risk, like WannaCry.

improved considerably

Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities. There is no human intervention in some cases, which is the trend that is happening with most of these products. High-end products and sophisticated products include machine learning capabilities for detecting the threats.

There are hackers who hack the artificial intelligence component using artificial intelligence itself. These sophisticated hackers are using AI capabilities, and the problem is that with no human intervention, machine learning can be defeated. The consequence is that somebody still has to keep watch and monitor the detection from the threat scanning.

Better protection in the endpoint, server, and mobile is needed. Those three areas should be fully protected. It should stop ransomware from installing, it should stop it from deploying, and it should also block unauthorized file encryption. In summary, it should have more protection, better detection, and better response.

We have been using Sophos Intercept X for more than two and a half years.

Sophos Intercept-X is a stable solution and we plan to continue using it in the future.

This is a scalable product and we have more than 7,500 devices connected to the network.

The technical support is 24x7 and it is good. They have different points of contact within the support regions like India, Singapore, and various other regions.

We have Sophos running in parallel with Sophos Cloud, in some of the regions.

The initial setup is quite simple and it will take a couple of hours.

I and my team deploy and maintain this solution. The deployment happens on the cloud.

This is a good solution but that said, there are breaches that are happening, and they are happening using AI. So, the attackers are also that sophisticated and it means that somebody has to sit and do the human check as well.

Ultimately, what happens is that the threats are found, and then the response action is taken based on the outcome of all these steps.

This is a product that I can recommend to others. The DR has better capabilities, as it's powered by machine learning.

I would rate this solution a seven out of ten.

The main use cases of this solution are for protection from ransomware and malware. Although we don't have EDR because of its high cost, we do have the capability to filter the website. Our use case is more about capturing crypto and the like that can encrypt files. I'm a system administrator and we are customers of Sophos. 

I've found that the most valuable feature is the anti-virus that captures malicious threats and the next generation firewall which is more aggressive in terms of not only looking for viruses, but also for SaaS and the movement of equipment. If something strange comes up we're automatically notified and it's either blocked or quarantined. It enables you to prevent future viruses and enables us to inform the user of malicious websites they have visited.

To date, we haven't had any incidents related to viruses or any types of attacks and we barely get any false positives. It's good to know that any malicious anti-virus detected is automatically blocked, although it makes things more difficult for our IT department.

There is an issue when deploying on cloud because it needs to be done manually. For an enterprise company that can have 10,000 or even 50,000 end users, it's a lot to deploy manually. An additional feature they might include would be the ability to control the lockdown on hardware; to control all the entry points such as a USB, a camera or any external storage. 

I've been using this solution for three years. 

I think this solution is stable. It doesn't allow you to do anything that may cause a problem. If you try to download something that is prone to hacking, the solution won't allow it. It's important to use the admin lock to prevent malicious programs being downloaded. It's good at preventing remote users from downloading malware. 

The solution is very scalable because they don't generally deal with small size office deployments of 10 or 15 users. The solution can scale to 100,000 or even up to 200,000 users.  

Initially we didn't have phone support, but now it's part of the enterprise portfolio which we have. We only use the support if we have an issue with the server. It's the benefit of the cloud, there are no concerns about the server whereas on-premise you need to synchronize your server or upgrade the new version to get those features.

We migrated from Symantec enterprise to Sophos and SentinelOne. The approach is the same for all of them. 

Initial setup for the cloud is very straightforward because it's managed by the company. It's just a matter of downloading the agent and installing to your end point. The on-premise implementation is more difficult, particularly if you're not familiar with it but the support is very helpful. I believe there's a way to roll out without the need to visit individual users. I believe they integrate with an active directory, and then post from there. Deployment time depends on availability of the user's desktop or and/or laptop. If it's on premise, you can push that one, it would take less than 15 minutes. To deploy in a company would take less than a month. 

If you start with the standard solution, move to Intercept X, and then go to the EDR version, it's almost double the price in comparison to other vendors. It's a choice for any company. Check Point's SandBlast, for example, has two payables but the additional payable includes encrypting your hard drive - not everyone needs that feature. 

This is a good product but it comes at a high price. As a result, I would rate this solution an eight out of 10.

I use the solution in my company for endpoint protection or virus protection, as well as as an EDR tool.

The product is mostly used in the manufacturing industry.

I am not very satisfied with the product's reporting overall, and it needs improvement in this area.

I have been using Intercept X Endpoint for six years. I am a user of the tool.

It is a very stable solution. Stability-wise, I rate the solution a nine out of ten.

I haven't faced any issues with the product in the last five to six years.

It is a very scalable solution. Scalability-wise, I rate the solution a nine out of ten.

There are around 1,000 users of the product in my office since they need to use an antivirus solution.

There is no need to increase the usage of the product in the future in our company.

I am happy with the technical support for the solution since they promptly responded to our company's calls. I rate the technical support a nine out of ten.

Positive

I rate the product's initial setup phase a nine out of ten, where ten means it was a very easy process.

The solution is deployed on a public cloud.

For endpoint installation, it takes some time, but for agent installation, it takes a day to deploy the product. As a server-based tool, the installation takes a day to complete.

During the deployment part, there are some restrictions as well as the need to sign up with the console in Sophos Central. There are multiple options provided by the product and our company has to follow the on-screen instructions provided by the solution. I am not in a position to convey all the details regarding the deployment process.

The price of the product is okay, in my opinion. The tool's cost per user and per annum basis is around INR 700 to 800.

My company has evaluated other options in the market against Intercept X Endpoint, but my company already has a subscription to the tool until 2026.

Intercept X Endpoint has an in-built technology in it that works to protect our company from ransomware attacks.

With signature and behavioral-based scanning options, the product is effective in protecting against ransomware attacks.

There are multiple options for threat detection, like application filters, peripherals, device control, and web control. There are multiple options to protect systems from threats.

The exploit prevention capabilities in Intercept X Endpoint have benefited our company's security posture since it will prevent attacks in our company's environment.

I would rate the product's ability to reduce threats a nine out of ten.

The reporting part of the product is good enough for endpoints, but it is not as good as CrowdStrike or SentinelOne in the market.

The tool does impact our company's system profile in the areas of performance and productivity.

Anyone can use the tool. The console is user-friendly, and the endpoint protection is okay.

I rate the tool a nine out of ten.

The solution is used for security.

The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good.

We are not able to merge the sub-estates. If we create multiple sub-states and there may be instances where a user is in a different sub-state, it may not be possible for us to relocate that user from one sub-state to another through the console. We have to merge them manually which is not ideal.

I have been using Sophos Intercept X for approximately two and a half years.

The solution has been stable.

We have approximately 800 users using this solution.

Sophos Intercept X is easy to scale and increase the capacity.

The support team from Sophos Intercept X is good at helping us. 

The initial setup of Sophos Intercept X is simple. The process can be done in approximately 10 minutes.

To install Sophos Intercept X, we followed these steps: firstly, we ran the setup, which prompted us to click on "next." Then, we were asked to choose the "install" option, which we selected. After that, the installation process automatically commenced and was completed. 

The price of the solution is average compared to the market.

When comparing Sophos Intercept X to other solutions it is easier to understand after watching the first video.

I rate Sophos Intercept X an eight out of ten.

We use the solution for endpoint and server security.

From a security standpoint, it provides me the visibility to see what is happening on all my endpoints and server.

I have the ability to interact directly with potentially infected machines from the network.

It is easy to set up. 

The solution offers fair pricing.

Technical support is helpful and responsive.

It is stable.

The solution scales well. 

Initially, when I started, I had a lot of performance challenges. They need to work on performance to the endpoints. 

We tried to set up Sophos Zero Trust within my Sophos central cloud. It only works with Microsoft and I use Google. I'd like to see Google added. 

I've been using the solution since 2019. I've used it for three to four years. 

It is very stable. There are no bugs or glitches, and it doesn't crash or freeze.

It has scaled well. We haven't had issues in that respect.

We have about 950 endpoints and 57 users.

We have plans to increase usage.

I've used technical support. They are fine. I speak to the country manager directly in Nigeria, and they are very responsive. 

I'm also using Digital Guardian. The combination of Sophos and this solution may have affected performance. 

It has two components. While it is n the cloud, all agents are deployed on-premises. 

I have definitely seen an ROI while using this solution. 

The pricing is fair. It's not overly expensive. 

I'm using the latest version. It updates automatically online. 

I'd advise new users to deploy Intercept X with EDR on your endpoints. 

I'd rate the solution nine out of ten.

We're a Sophos partner and generally use Intercept X software.

In my experience, it is a good product. Sophos family has many offerings, and the selling model is interesting for us as an MSP or Flex partner.

For end customers, you have a centralized controller providing access to every aspect of the deployment. While the platform isn't the easiest to use, if you properly set up the policies, it's very efficient. Sometimes, the platform itself can prevent security risks due to the product's capabilities.

It works very well against ransomware and similar threats.

I appreciate the ability to use the latest endpoint protection features in case of an infection or cyber threat. This is especially true when using the product with a Sophos firewall solution, like the XG series. They collaborate effectively in the event of a cyber threat.

Its ability to continuously query the data lake is beneficial. So, the deep learning technology in Intercept X Endpoint enhances threat detection capability.

However, the automated threat response for incident response times can be better if the user subscribes to Sophos service called EDR... I think it's called Managed Threat Response (MTR). There is a higher layer of support available.  For big customers, this could a good option.

The price could always be better. 

I have experience with this solution. I have been using it for a lot of years. 

It is a stable product.

It is a scalable product. It covers laptops and essentially any Windows platform – servers, clients, and even home users. So, it protects a huge number of potential platforms.

There are around 300 endpoints. 

The customer service and support could be improved in regards to response time. It could be faster.

The complexity of the setup depends on the environment. 

For single deployments, it's quite easy to set up. You can organize customers using separate payments and policies for each through the centralized console. Integrating the product with other Sophos offerings makes it very efficient. 

Customers mostly use the cloud solution. On-premises is probably less common among Sophos users.

It's difficult to have major issues with deployment. Problems usually arise due to the age of the platform. If you have older systems, support can be more expensive. Sophos might support older platforms for a while, but you'll likely have to pay additional subscriptions.

We have seen an ROI. We consider it a strategic product for our organization.

We operate as an MSP, so we pay yearly. However, if the end customer is part of the Sophos Flex program, they have more flexibility and can adopt a monthly payment process.

I suggest investing in training. It's a good product, but unlocking its full potential requires some training time.

Overall, I would rate the solution a nine out of ten.

Since it's cloud-managed, the solution is easy to administer, especially if the person using it is in a different geophysical location. I can access the cloud portal and allow or disallow it. I like the fact that the solution also has the ability to provide filtering for an end user.

The solution is expensive, and it could be made cheaper.

I have been using Intercept X Endpoint for three years.

I rate Intercept X Endpoint an eight out of ten for stability.

I rate Intercept X Endpoint an eight out of ten for scalability.

The solution’s initial setup is easy.

I rate Intercept X Endpoint ten out of ten for the ease of its initial setup.

The solution's deployment time depends on whether you're setting up a room full of computers or you're setting up one-off computers. It usually doesn't take very long. As part of installing the solution for a room full of computers, you might get someone to create the installed media, and then you'd enter each computer and install it.

Around one to five people are needed to install the solution.

Intercept X Endpoint is an expensive solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing ten out of ten.

I am working with the latest version of Intercept X Endpoint. Intercept X Endpoint has to be installed on end-user devices, but it is managed in the cloud.

Overall, I rate Intercept X Endpoint an eight out of ten.

When Intercept X came out, the primary use case was stopping ransomware. It was one of the first products to claim that capability. When I was evaluating them back then, it was the only one I considered effective at analyzing and identifying where the infection started. 

The synchronized security also helped because the firewall could isolate workstations that had the infection or were in the path of infection.

The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back. 

Sophos made such good headway with it because it wasn't traditional endpoint protection. It has a lot of additional capabilities, including web content filtering. It also has the ability to understand the traffic it was seeing at the endpoint, 

It's sitting on the endpoint, so you don't have to worry about encryption messing up the intelligence that it could get out of the traffic. It was able to pinpoint where the infection was able to get ahead of Intercept X. It was called Intercept X because it can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection.

It's hard to say what could be improved because we're in the middle of an endpoint protection arms race, and there are constant improvements on all fronts in Fortinet, Sophos, and products.

They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention.

I have been using Intercept X since it came out. It hasn't been out that long. Sophos has always had an endpoint client, but Intercept X added new technology. The whole idea of being able to drill down to do a root cause analysis was a novel approach to the endpoint game. 

Intercept X is highly stable

Sophos has the flexibility to scale from one user to a data center, but I've primarily used Sophos for small to medium-sized businesses.

I was impressed the last time I called Sophos support. They have a "follow the sun" philosophy with coverage from tech support centers from around the world. Sophos began as a British company, and Fortinet is a Canadian company. 

Sophos and Fortinet have a firewall solution that can work in small business or home office situations, where you might have only one or two people protected by the techn. Still, yout you can look at it through a single pane of glass and see all of the different work sites you're protecting. 

Sophos goes one step further with what it calls its RED product, which basically is a hardware firewall that travels with somebody. Say you have an executive in your company and you want to zero in to protect his or her workstation from infection and have control over it to manage its defenses. RED is a great product to do that. Fortinet and Sophos both have strong management capabilities for remote offices and offer centralized management through a cloud application.

The basic setup is decent by itself. I have not had to do a lot of tweaking with either one of these products.

I rate Sophos Intercept X nine out of 10. Its reporting, alterts, and configuration capabilities make it a formidable product. It's a great product that works as advertised. I haven't seen any serious conflicts between it and other products, whereas I wouldn't put some endpoint protection products on the same endpoint.

You have to do some work there, but generally speaking, there's always been a case where I've been able to have more than one product. It's probably the best of all the products that I work with because I've had Malwarebytes installed together with Sophos and FortiClient without undue pain. There are some others that I won't mention without that same track record.