Try our new research platform with insights from 80,000+ expert users
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
Reseller
Reliable, scalable and very simple to set up
Pros and Cons
  • "The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this."
  • "The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""

What is our primary use case?

The primary use case is basically having a synchronized perspective on what's going on between endpoints, firewalls, and whatever other types of preventative measures the customer has. 

How has it helped my organization?

The fewer panes of glass you've got to go to to try to investigate an event, the better off you are. If there's some automation that goes on within the fabric, or whatever you want to call it, this coordinated effort, then you're going to come out ahead as a small organization. Sophos has one pane of glass, so it gives good visibility. There's less time spent in front of the screen because I have confidence in the automation that's going on.

What is most valuable?

It's been pretty reliable. There's been a few times when it hasn't just taken care of problems. The automation is very convenient.

There's Sophos Central where the customer has a single pane of glass. You can manage everything. 

The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this.

It has a Linux version that's available. 

What I look for in dealing with small businesses, is for something that is not going to add to their staffing requirements significantly in terms of management. That's true with both Sophos as with Fortinet. 

There's great situational awareness within all the other components. If I have a workstation, usually they're just taking care of everything without me even knowing about it unless I go into the logs and see what's been cleaned up. I don't care if something gets cleaned up, I do care if something doesn't get cleaned up. My reporting is set to an on exception basis to ensure I don't have a firehose of information pointed at me to overwhelm me. Customers don't generally want to know every little thing that's happening on their network. What they want to know is if something has happened that puts their environment or their infrastructure in jeopardy. Sophos does this exceptionally well.

The pricing of the solution is quite good.

What needs improvement?

The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?" I see that all the time. That's a question I always have in the reports I give my customers. "Okay. So this happened last month. And as you can see, there were all these attacks knocking at the door, but none were allowed through." If someone got through, then I'm going to be concerned.

Buyer's Guide
Intercept X Endpoint
October 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.

For how long have I used the solution?

I've been working with this solution alongside a customer for two years now.

What do I think about the stability of the solution?

The stability is great. We've never had issues with its reliability. It doesn't crash or freeze. There aren't bugs or glitches. It protects us well.

What do I think about the scalability of the solution?

The solution scales really well. They have great resources on hand for managing it within the cloud. I haven't found any issues with capacity. I've never heard of anyone ever having issues in that regard.

Typically we deal with small businesses. When I say "small business" I am referring to a company of around 250 people.

How are customer service and support?

Technical support has been very, very good. They're reliable and knowledgable. We've been satisfied with the level of service provided. 

Which solution did I use previously and why did I switch?

We also have experience with Fortinet. Fortinet has what they call their security fabric, which does about the same thing. Basically you have a number of different products, different solutions, and it's all under a single pane of glass and everything's coordinated so that any member or any component of that fabric or synchronized security is aware, has situational awareness of what other components are experiencing. If there's an attack that breaks out in one place, then there's going to be the opportunity for basically isolating that particular component so that it doesn't allow lateral movement.

I've used other solutions. The reason that I like Sophos is mostly due to the synchronized security and cloud management. Other solutions that I've dealt with have been point solutions. I've needed to figure out how to get that situational awareness between the different points. You have to do that. The name of the game these days is to evade the parameter. I have to not only protect the endpoint as if there was no firewall, but I also have to make sure that I've got as much intelligence going on about the state of my internal network so that everybody knows what's happening next door to them.

How was the initial setup?

The initial setup was a piece of cake. It wasn't complex at all. It's very straightforward.

What's my experience with pricing, setup cost, and licensing?

I can justify the pricing for customers and I can explain what they're doing from a pricing standpoint in terms of the different risks that they're handling. I'm all about risk management. Unfortunately, we lose awareness of that, the calculus that goes into that when nothing's going wrong. 

You have to ask: what are you trying to protect? What are you willing to spend to protect that, and what's your expected loss if something happens? You have to look at all things and then decide if the number is fair. I'd argue that it is.

What other advice do I have?

We're partners with Sophos. We're a consulting company and we provide some managed services. Sophos products are some that I deploy and manage for my customers.

I don't have the EDR or any of the really sophisticated stuff. The client doesn't think that they have a need to go to another level. 

I don't have EDR or MTR deployed for the customer. I work primarily with small businesses. So sometimes it's kind of hard to get them to invest more than what they feel comfortable doing.

Other organizations should give it serious consideration if they are looking for a solution. The price point is not unreasonable and the management and the continued evolution that I see within the product means that they're not sitting on their haunches waiting for the next big thing. They're constantly moving forward, trying to keep abreast of what's going on. 

We're in an arms race when it comes to cybersecurity. When you look at SophosLabs out of the UK and the work that they're doing in their blogs like Naked Security and whatnot, they're constantly in the forefront, constantly trying to find different threats. It's impressive, to say the least. All of that percolates down into their product because that's what drives their product.

I'd rate the solution at eight out of ten. The solution is consistently showing me that it has a very effective rubric that it follows through on in terms of identifying and remediating, particularly in the area of ransomware. They can handle everything without having to have somebody get down in the weeds and recover things. I like the automation that it brings into the work that's done. That was the wow factor that drew me to them, to begin with.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network and Security Engineer at a security firm with 11-50 employees
Real User
Top 10
Significantly improves our company's defense against malware and ransomware attacks
Pros and Cons
  • "The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring."
  • "Intercept X could enhance its support services, particularly in terms of response time and resource allocation."

What is most valuable?

The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring. Server lockdown prevents malware installation and automatically removes any unauthorized software. Auto-remediation reverses encryption attempts by malware, ensuring data integrity.

What needs improvement?

In terms of improvements, Intercept X could enhance its support services, particularly in terms of response time and resource allocation. While the product itself is solid, better support documentation and faster response times would be beneficial.

For how long have I used the solution?

I have been working with Intercept X Endpoint for four years.

What do I think about the stability of the solution?

I would rate the stability of the solution as a nine out of ten.

What do I think about the scalability of the solution?

I would rate the scalability of the solution as a ten out of ten.

How are customer service and support?

I would rate the technical support as a seven out of ten.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

While I found Symantec easier to implement and manage, it is not a fair comparison to say it is better than Sophos. My experience with Symantec's interface was good, but both products have their strengths.

How was the initial setup?

Configuring Intercept X is generally straightforward and user-friendly. It is designed to be easy to understand and use. I would rate the easiness of the initial setup as an eight out of ten.

The deployment time for Intercept X varies depending on factors like network complexity and organizational policies. Typically, for around 100 users, it can be completed in a day or two. Maintenance is generally straightforward unless support assistance is required, which can sometimes be challenging to coordinate.

What's my experience with pricing, setup cost, and licensing?

Intercept X falls within the average price range compared to other solutions on the market. While not the cheapest option available, it also isn't considered expensive.

What other advice do I have?

Intercept X has enhanced our ability to prevent malware and ransomware infections. It is a top-notch product, providing robust protection against various threats, including zero-day attacks, while also monitoring encryption levels.

Intercept X has been instrumental in managing and responding to ransomware attacks. I have witnessed multiple organizations using Intercept X remain completely secure when ransomware incidents hit the news. 

Deep learning technology enhances our security posture by providing a deeper analysis of malware behavior. It monitors and analyzes malware actions in real time, leveraging extensive threat intelligence data collected since 1985. This comprehensive approach improves our ability to detect and respond to malware threats effectively.

The exploit prevention capabilities of Intercept X effectively safeguard against various attack methods, including SQL injection and CodeSight scripting. It continuously monitors system vulnerabilities and application processes to prevent exploitation attempts. 

For those considering Intercept X Endpoint, I would recommend prioritizing its comprehensive protection and user-friendly experience. Even after transitioning from server management, I continue to use Intercept X for mobile security, highlighting its effectiveness and versatility.

Overall, I would rate Intercept X as an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
Buyer's Guide
Intercept X Endpoint
October 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Technology Infrastructure Manager at a non-profit with 201-500 employees
Real User
Not resource-intensive and does a good job of stopping and preventing different threats from being triggered
Pros and Cons
  • "It is very easy to set up and easy to use. It is also not resource-intensive."
  • "Sophos has a lot of different features. Some of them are tied to different clients, which may mean that different prices or licenses have to be added on. It can be a little bit confusing if you're not familiar with the logic of how they work. They can make it a little bit clearer."

What is our primary use case?

We are using it for endpoint antivirus, hardening, and some DLP policies. Its version is the current one.

What is most valuable?

It is very easy to set up and easy to use. It is also not resource-intensive.

It has been very stable. It has done a good job of stopping and preventing different threats from being triggered.

What needs improvement?

Sophos has a lot of different features. Some of them are tied to different clients, which may mean that different prices or licenses have to be added on. It can be a little bit confusing if you're not familiar with the logic of how they work. They can make it a little bit clearer.

For how long have I used the solution?

I have been using this solution for about a year and a half. 

What do I think about the stability of the solution?

Systems have been stable during deployment. It is not resource-intensive, and it has been working well.

What do I think about the scalability of the solution?

It has been easy to add additional Sophos components. They all are using the same console. We have about 400 users who are using this solution.

Which solution did I use previously and why did I switch?

We were using Symantec. We switched because we just needed something that was a little bit more aggressive and next-generation from an antivirus perspective.

How was the initial setup?

It is very easy to set up.

What about the implementation team?

We had a third party that helped us set it up.

What's my experience with pricing, setup cost, and licensing?

It was fairly and reasonably priced.

What other advice do I have?

I would advise others to thoroughly vet out because Sophos has a lot of different features. It can be a little bit confusing in terms of licensing.

I would rate Sophos Intercept X a solid eight out of 10.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Manager of Information Security at a healthcare company with 1,001-5,000 employees
Real User
Reliable, user-friendly, good price, and useful for malware protection and application blocking
Pros and Cons
  • "Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
  • "Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it."

What is our primary use case?

We use it for all of its features, with the exception of mobile device management. We use it for DLP, malware protection, some forms of asset tracking, application blocking, and so forth.

It is deployed on-premises and on the cloud. We are using its latest version.

What is most valuable?

Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful.

It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support.

What needs improvement?

Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it.

For how long have I used the solution?

I have been using this solution for close to two years.

What do I think about the stability of the solution?

It is a very reliable solution.

What do I think about the scalability of the solution?

It is very easily scalable. We have scaled it, and we had very minor problems in expanding it across the organizations and new acquisitions.

How are customer service and technical support?

They provide a great response. They are available through email and phone calls. After you create a ticket, they will respond within 24 hours.

Which solution did I use previously and why did I switch?

We've only used Symantec. Symantec is nowhere near this solution.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

Our team did the deployment. We got the training from them, and we did the deployment ourselves.

What's my experience with pricing, setup cost, and licensing?

Compared to other solutions, such as CrowdStrike, we are most certainly happy with its pricing. We did a three year-business deal.

What other advice do I have?

I most certainly would recommend this solution. One of the recommendations would be to make sure that you have a plan and a dedicated team to be able to manage all of the functions that are in the Sophos solution.

I would rate Sophos Intercept X an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Technical & Pre-Sales Manager at GateLock
Real User
Provides dependable, intelligent attack defenses and is easy to manage and work with
Pros and Cons
  • "It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
  • "The product defends very well on its own but could possibly use enhancement in giving users more controls."

What is our primary use case?

We are providing this product and support for it in many sectors like health care, retail, sports, and communication sectors. We are also working with Sophos, but with Sophos Endpoint, not XG, or Sophos UTM. We work with Raya (Contact Center) that provides services here in Egypt (they are also using Sophos 550 XG models).

How has it helped my organization?

It improves organizations by providing dependable, intelligent attack defenses.

What is most valuable?

The most valuable feature in Intercept is its engine for machine learning. It is awesome. Its detection capabilities are saving many of our customers' databases from ransomware and other random attacks. The most interesting thing in the Sophos center is the EDR. It is easy to manage and work with. There is no need to have a cyber-security team define its tasks. In the next few years, it will be an agent EDR.

What needs improvement?

I guess really the best part of the package is the same thing that could use the most improvement. The machine learning is good and it is already developed in the database and its engine. I guess they already have processes to cover more intelligent attacks. I am not sure about the improvements possible in this area. They have developed it to discover new attacks. But it is just an engine. There are no features that users have to look inside it. I think allowing more user modification could improve this at least for purposes of customization. But I don't know if it is possible and it is just to continue to improve on what already works.

As far as added features, I would like to see some type of event management in the product. It should not just depend on the logs only. It would be something to deal with the events on PCs in a similar way to enhance the effectiveness of Intercept X and EDR. 

For how long have I used the solution?

I have been using Sophos Intercept for six years

What do I think about the stability of the solution?

The stability of the product is very good as is the performance. As it works in the background there is never instability in the form of hanging at the work stations or producing false positives. It is very easy to deploy, very simple to use, very light on the operating systems' resources. But there are some guidelines that customers or anyone making the deployment have to keep in mind. They have to make rules and use the product intelligently to avoid any extra false positives or any performance issues. For example, they will want to make full scanning of the environment in times where there is a lower load on the system — in off-hours and not during the prime-time hours. But that responsibility is on the operator. 

The performance of the product itself is very stable and very good.

What do I think about the scalability of the solution?

Scalability can happen in one click. If you have another device to add to the environment, you just make the deployment from the server on-premises. The customer does not have to depend only on the cloud server to scale. They also have an on-premise server that makes the rules between the cloud and the LAN environment to avoid any internet disconnects, or bandwidth and performance issues. They can depend on the cache server to communicate on behalf of the client to the on-cloud dashboards.

How are customer service and technical support?

I personally think the company's technical support is perfect. They always address issues satisfactorily.

How was the initial setup?

The initial setup is very straightforward.

What about the implementation team?

I am not just using it in our department, we are also dealing with installations for customers. We play the role of IT. We enable Sophos products for partners. We do all the work if the customer doesn't have a technical team. We make projects for implementation and providing training.

What other advice do I have?

On a scale from one to ten, I would rate Intercept X as a nine out of ten. I don't think I can rate any software security product a ten because nothing in software security is100%. 

We are deploying Intercept X on Cloud, not on-premises. The reason for this is because the previous versions of Sophos made the agents different between the anti-virus, endpoint and the Intercept X. Now with the Cloud, Sophos is making one agent for the three technologies — the endpoint, Intercept X, and EDR (Intelligent Endpoint Detection and Response). The three components are in one agent and managed by one dashboard, Sophos Central.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
DucNguyen6 - PeerSpot reviewer
Technical Director at Dass
Reseller
Top 20
Provides exploit prevention and counter ransomware attacks with easy maintainence
Pros and Cons
  • "The malware detection is the key feature."
  • "Pricing is high."

What is most valuable?

The malware detection is the key feature. It provides exploit prevention and rollback capabilities to counter ransomware attacks.

What needs improvement?

Pricing could be cheaper.

For how long have I used the solution?

I have been using Intercept X Endpoint for over ten years.

What do I think about the stability of the solution?

It is stable for our customers.

How are customer service and support?

Support is very responsive.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Kaspersky is currently only focused on government, whereas Sophos is focused on SMBs and mega enterprises.

How was the initial setup?

The initial setup is easy and takes around five to ten minutes, depending on the network.

What's my experience with pricing, setup cost, and licensing?

The pricing is a little bit higher than that of other solutions.

What other advice do I have?

Some people are using AI technology to detect and regress malware.

It is easy to maintain. I recommend the solution.

Overall, I rate the solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
CEO & MD at Gurjartech
Real User
A good solution with good stability and good price
Pros and Cons
  • "It is stable and has a good price. I find it very good."
  • "They need to focus on their SLA or technical support. They also need to focus on their UI. They should also improve their content filtering tool and update it so that correct categories are there. Sometimes, when I want to block an online gaming website, it is not shown under the correct category. It is shown under another category. They need to review their content filtering tool on a bi-weekly or monthly basis and update the sites and categories. This will be really helpful for them."

What is our primary use case?

My client is a BPO with three branches. One branch is in the US, and two branches are in India. We are using Sophos for the best connectivity. We are using Sophos for endpoint, DLP, and encryption. We are also using it for content filtering and managing security policies. Currently, we are using its latest version.

What is most valuable?

It is stable and has a good price. I find it very good.

What needs improvement?

They need to focus on their SLA or technical support. They also need to focus on their UI.

They should also improve their content filtering tool and update it so that correct categories are there. Sometimes, when I want to block an online gaming website, it is not shown under the correct category. It is shown under another category. They need to review their content filtering tool on a bi-weekly or monthly basis and update the sites and categories. This will be really helpful for them.

For how long have I used the solution?

I have been using this solution for two to three years.

What do I think about the stability of the solution?

I am happy with its stability.

What do I think about the scalability of the solution?

I have not scaled it. Currently, I have only one client who is using it.

How are customer service and technical support?

They need to work on their SLA or technical support. Their technical support is not as good as Cisco's support. 

They get back in one or two hours, which is not good enough for a security or firewall solution. This is because an organization's security and all the outgoing and incoming traffic depends on the firewall. When they take one hour and two hours to provide the support, an organization is in danger during that whole duration. There are many threats on the internet, and they need only five minutes to hack.

Which solution did I use previously and why did I switch?

We also work with Fortinet, Palo Alto, and Check Point solutions. If a client has Check Point, we work with that. Similarly, if a client has Sophos, we work with Sophos. We have knowledge of different end products. As compared to Cisco ASA, Sophos is good. However, Palo Alto and Check Point are better than Sophos.

How was the initial setup?

If you have more than five years of experience in network security or network administration, it is easy, but if you are a fresher, it is very difficult.

In terms of duration, it takes two days for it to be completely functional in production. Just connecting it doesn't take more than three to four hours.

What's my experience with pricing, setup cost, and licensing?

Price-wise, it is good. Currently, we have a three-year plan.

What other advice do I have?

I would definitely recommend this solution. I find it very good. If you have an experienced engineer with more than five years of experience, you can easily maintain a Sophos solution. An experienced engineer would not require any support and will be capable of handling it. However, if you have someone with two or three years of experience, it will be difficult to handle all the features.

I would rate Sophos Intercept X an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Director at RHT CAPITAL PTE. LTD.
Real User
Top 20
Provides efficient technical support services, but its reporting features need improvement
Pros and Cons
  • "The product efficiently prevents data leakages."
  • "There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."

What is our primary use case?

We use the product to protect endpoints and cloud-based servers.

What is most valuable?

The product efficiently prevents data leakages.

What needs improvement?

There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness.

For how long have I used the solution?

I have been using Intercept X Endpoint for two years. We are using the latest version.

What do I think about the scalability of the solution?

Around 200 people are using Intercept X Endpoint in our organization.

How are customer service and support?

The technical support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have used Microsoft before. We switched to Sophos servers for security purposes.

How was the initial setup?

There are always some glitches during the initial setup process, but the product has a strong technical team to handle the issues.

What other advice do I have?

In case of any malicious attacks, there should be some scheduled report, like, weekly, monthly, or daily. It will help me see the number of attacks.

I rate Intercept X Endpoint a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros sharing their opinions.