The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI.
Beneficial central endpoint view, simple configuration, and good security
Pros and Cons
- "The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
- "The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature."
What is most valuable?
What needs improvement?
The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature.
For how long have I used the solution?
I have been using Sophos Intercept X for approximately three years.
What do I think about the stability of the solution?
There are minor scalability elements that could improve. However, overall it is good.
I rate the stability of Sophos Intercept X a seven out of ten.
Buyer's Guide
Intercept X Endpoint
March 2025

Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
What do I think about the scalability of the solution?
We do not have too many workstations, we have approximately 300 and we have not had an issue with the scalability. However, if there were more workstations there could be some issues.
I rate the scalability of Sophos Intercept X a seven out of ten.
How are customer service and support?
We had support but it was through local support vendors. It could improve.
I rate the support from Sophos Intercept X a five out of ten.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have used Comodo and it is a good solution. When the agents are installed on the endpoints it provides inventory management. However, in Sophos Intercept X it is possible but you need to export and do it manually. The Comodo solution has better email, asset, and website management capabilities. Overall, Sophos has good security when compared to other solutions.
What's my experience with pricing, setup cost, and licensing?
The price of Sophos Intercept X is expensive. The license is paid on an annual basis. There are extra features that can be added depending on the endpoints. The solution is priced twice as much as the Comodo solution.
What other advice do I have?
We have recently moved to a less expensive solution, which was half the price.
I rate Sophos Intercept X an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Assistant Manager - Network Communication and Server Management at D-Tech Sri Lanka
Reasonable pricing, good stability, and has a simple setup process
Pros and Cons
- "We have found the pricing to be reasonable."
- "We would like more application control in order to be able to schedule times and access."
What is our primary use case?
We primarily use the solution for security. We protect the computer network from threats as some users had some kinds of malicious threats. We have some policies for web control. and have used this solution to find some unwanted traffic and some unwanted site access by some users.
What is most valuable?
The server protection has been great. That's been the best thing for us.
The reporting has been very useful.
We have found that the EDR functionality has been very good.
The setup process has been very simple.
The solution has been very stable so far.
You can scale the solution if you need to, and it is an easy process.
We have found the pricing to be reasonable.
What needs improvement?
We would like the solution to be more complete so that we don't have to involve so many third parties.
We would like more application control in order to be able to schedule times and access. For example, we'd like to set it so that certain documents can only be accessed between 8 AM and 4 PM.
For how long have I used the solution?
We did a POC with the solution that lasted six months. It's been in the production environment for three months. Therefore, for almost nine months we have been running on Sophos.
What do I think about the stability of the solution?
The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
We have about 450 devices on this solution.
Currently, we have 3 administrators. There are only 2 super admins and 2 other users for the control panels, et cetera.
We use this solution on a daily basis.
The product is scalable. After we purchased only one user license, we decided to do an installed service also. It's a one or two-minute process in order to provide a temporary license for 1 month and, after that, we hope to stay covered. Therefore, we do have plans to increase usage.
How are customer service and technical support?
Technical support has been good. During the installation process, we had the principal change, and it didn't affect the process. They have been very helpful so far. We have no complaints.
Which solution did I use previously and why did I switch?
We did use Kaspersky.
There were ultimately some issues with the Kaspersky team in Sri Lanka and with the principal in Kenya. We didn't have support from the principal. We had issues for two or three years. We ended up having to change the product and we were with Kaspersky for maybe 8 years.
How was the initial setup?
The initial setup is not difficult to manage. It's very easy and very straightforward.
With six people we were able to complete the setup.
So far, the maintenance has been little to now. The deployment that is connected to the internet automatically updates, and sort of maintains itself.
What about the implementation team?
We did have some external help for the implementation process.
What's my experience with pricing, setup cost, and licensing?
The pricing is good.
Which other solutions did I evaluate?
For testing purposes, we did try a variety of solutions. This product, however, was simple, the cloud was good, and the pricing was reasonable.
What other advice do I have?
We are using the latest version of the solution.
We are using the cloud version of Sophos, however, there are some computers that are not connected to the internet, so we have to install something locally on-site as well. We are half on-premise and half in the cloud.
I would recommend the solution to other companies.
We've been satisfied with its capabilities. I would rate it at a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Intercept X Endpoint
March 2025

Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
Manager of Information Security at a healthcare company with 1,001-5,000 employees
Reliable, user-friendly, good price, and useful for malware protection and application blocking
Pros and Cons
- "Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
- "Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it."
What is our primary use case?
We use it for all of its features, with the exception of mobile device management. We use it for DLP, malware protection, some forms of asset tracking, application blocking, and so forth.
It is deployed on-premises and on the cloud. We are using its latest version.
What is most valuable?
Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful.
It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support.
What needs improvement?
Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it.
For how long have I used the solution?
I have been using this solution for close to two years.
What do I think about the stability of the solution?
It is a very reliable solution.
What do I think about the scalability of the solution?
It is very easily scalable. We have scaled it, and we had very minor problems in expanding it across the organizations and new acquisitions.
How are customer service and technical support?
They provide a great response. They are available through email and phone calls. After you create a ticket, they will respond within 24 hours.
Which solution did I use previously and why did I switch?
We've only used Symantec. Symantec is nowhere near this solution.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
Our team did the deployment. We got the training from them, and we did the deployment ourselves.
What's my experience with pricing, setup cost, and licensing?
Compared to other solutions, such as CrowdStrike, we are most certainly happy with its pricing. We did a three year-business deal.
What other advice do I have?
I most certainly would recommend this solution. One of the recommendations would be to make sure that you have a plan and a dedicated team to be able to manage all of the functions that are in the Sophos solution.
I would rate Sophos Intercept X an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior IT Analyst at a insurance company with 51-200 employees
Good ransomware security with an easy initial setup and good scalability potential
Pros and Cons
- "The initial setup is simple."
- "It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
What is our primary use case?
We primarily use the solution as endpoint protection as well as for endpoint detection and response. It's like an EDR. It's basically used to prevent ransomware.
How has it helped my organization?
I would say that it's difficult to really say how it's improved our organization. We had never actually been hit by a ransomware attack prior to installing Sophos and never had Sophos tell us that we're experiencing one. That said, it's very important to be protected. Getting attacked would be a disaster.
What is most valuable?
We were looking for something that could sense ransomware attempts, to encrypt files, and cut off and reverse attacks as well as alert us to issues. That's what the Intercept X is designed to do. It's very good at security and protection. It offers very good reports.
The initial setup is simple.
The biggest feature that's on the server version that we're using, the EDR, is the ability to push data on threats that it's seeing over to another management platform, like a managed detection response service. It's nice that it's possible to do this and we don't have to pay so much attention to the alerts. They can for us.
What needs improvement?
It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first. Otherwise, it thinks you're a virus. It would be ideal if there was some sort of setting where you could warn the system it's just you in there doing routine maintenance.
For how long have I used the solution?
I've used the solution over the last couple of years. However, I haven't used the product too heavily.
What do I think about the stability of the solution?
The stability is relatively good. We've had a few false alarms, however, there's nothing major that's happened so far. It seems free of bugs and glitches. It doesn't crash or freeze. It's good.
What do I think about the scalability of the solution?
I haven't personally tried to scale anything. It's probably pretty scalable because you don't have an appliance. Appliances have limitations as they have a set size or capacity. It is a cloud-based console, therefore it can probably scale pretty well.
We have 80 people in our organization and everybody uses the product.
How are customer service and technical support?
I'd rate technical support pretty high. I'd give them an eight out of ten. They're helpful. They are knowledgeable and responsive. We've been satisfied with the level of attention we get when we need them.
Which solution did I use previously and why did I switch?
We didn't have anything previously for anti-ransomware. We just had the Kaspersky antivirus. However, it wasn't able to detect ransomware specifically. Therefore, we put Sophos Intercept X on to do that.
How was the initial setup?
We've found the initial setup is pretty straightforward. It's not overly complex. We didn't have trouble setting everything up.
What other advice do I have?
We're using the latest version of the solution.
We've got Sophos Intercept X on the notebook computers along with Kaspersky and then on the servers it's only Sophos EDR, which has both antivirus and Intercept X. All are bundled together.
The console's on the cloud and that's just installed on the clients, however, they all communicate with a self-hosted JIRA cloud console.
I'd advise those considering the solution to probably just go with the antivirus portion as well. That way, you've got it all under one console. We're juggling two consoles, Kaspersky and Sophos. It would be easier if everything was under one.
ON a scale from one to ten, I'd rate this product at a nine. We've been very happy with it.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Director at Dass
Provides exploit prevention and counter ransomware attacks with easy maintainence
Pros and Cons
- "The malware detection is the key feature."
- "Pricing is high."
What is most valuable?
The malware detection is the key feature. It provides exploit prevention and rollback capabilities to counter ransomware attacks.
What needs improvement?
Pricing could be cheaper.
For how long have I used the solution?
I have been using Intercept X Endpoint for over ten years.
What do I think about the stability of the solution?
It is stable for our customers.
How are customer service and support?
Support is very responsive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Kaspersky is currently only focused on government, whereas Sophos is focused on SMBs and mega enterprises.
How was the initial setup?
The initial setup is easy and takes around five to ten minutes, depending on the network.
What's my experience with pricing, setup cost, and licensing?
The pricing is a little bit higher than that of other solutions.
What other advice do I have?
Some people are using AI technology to detect and regress malware.
It is easy to maintain. I recommend the solution.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Last updated: Aug 8, 2024
Flag as inappropriateSenior Network and Cyber Security Engineer (Team Lead) at Excel Technologies ltd
User-friendly, easy to configure, and offers flexible policies
Pros and Cons
- "The dashboard is user-friendly."
- "I'm not clear on what features need improvement. Everything is mostly fine."
What is our primary use case?
We're creating a software center. I just install the Sophos engine software and make the policies, like threat protection policies, for example.
What is most valuable?
The configuration is quite useful. All of our events are managed centrally from Sophos. We can manage security from there.
Policies are flexible and very user-friendly. The dashboard is user-friendly as well.
It is simple to set up.
The solution is stable.
It is not overly expensive.
What needs improvement?
I'm not clear on what features need improvement. Everything is mostly fine.
For how long have I used the solution?
I've been using the solution for two years.
What do I think about the stability of the solution?
It's a very light application and very stable. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
We're a partner, and a lot of our clients are on this solution.
The last client we deployed for had 4,000 users. However, each company differs in terms of the number of users.
Which solution did I use previously and why did I switch?
We also deal with Trend Micro.
How was the initial setup?
The setup is straightforward. It is not overly complex or difficult.
The deployment was pretty quick. You just have to set up the policies. Depending on the additional policies you have to set up, it may take longer.
What about the implementation team?
We are able to deploy the solution for our clients. I've worked on various deployments for clients.
What's my experience with pricing, setup cost, and licensing?
The pricing varies. It's different from client to client, depending on their environment and needs. It's not overly expensive.
What other advice do I have?
We're Sophos partners.
I'd 100% recommend the solution to potential users. It's great for protecting devices and offers great security. There are a lot of malicious threats online right now. Companies need to protect themselves, and Sophos can help.
I would rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer:
Technology Infrastructure Manager at a non-profit with 201-500 employees
Not resource-intensive and does a good job of stopping and preventing different threats from being triggered
Pros and Cons
- "It is very easy to set up and easy to use. It is also not resource-intensive."
- "Sophos has a lot of different features. Some of them are tied to different clients, which may mean that different prices or licenses have to be added on. It can be a little bit confusing if you're not familiar with the logic of how they work. They can make it a little bit clearer."
What is our primary use case?
We are using it for endpoint antivirus, hardening, and some DLP policies. Its version is the current one.
What is most valuable?
It is very easy to set up and easy to use. It is also not resource-intensive.
It has been very stable. It has done a good job of stopping and preventing different threats from being triggered.
What needs improvement?
Sophos has a lot of different features. Some of them are tied to different clients, which may mean that different prices or licenses have to be added on. It can be a little bit confusing if you're not familiar with the logic of how they work. They can make it a little bit clearer.
For how long have I used the solution?
I have been using this solution for about a year and a half.
What do I think about the stability of the solution?
Systems have been stable during deployment. It is not resource-intensive, and it has been working well.
What do I think about the scalability of the solution?
It has been easy to add additional Sophos components. They all are using the same console. We have about 400 users who are using this solution.
Which solution did I use previously and why did I switch?
We were using Symantec. We switched because we just needed something that was a little bit more aggressive and next-generation from an antivirus perspective.
How was the initial setup?
It is very easy to set up.
What about the implementation team?
We had a third party that helped us set it up.
What's my experience with pricing, setup cost, and licensing?
It was fairly and reasonably priced.
What other advice do I have?
I would advise others to thoroughly vet out because Sophos has a lot of different features. It can be a little bit confusing in terms of licensing.
I would rate Sophos Intercept X a solid eight out of 10.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CEO & MD at Gurjartech
A good solution with good stability and good price
Pros and Cons
- "It is stable and has a good price. I find it very good."
- "They need to focus on their SLA or technical support. They also need to focus on their UI. They should also improve their content filtering tool and update it so that correct categories are there. Sometimes, when I want to block an online gaming website, it is not shown under the correct category. It is shown under another category. They need to review their content filtering tool on a bi-weekly or monthly basis and update the sites and categories. This will be really helpful for them."
What is our primary use case?
My client is a BPO with three branches. One branch is in the US, and two branches are in India. We are using Sophos for the best connectivity. We are using Sophos for endpoint, DLP, and encryption. We are also using it for content filtering and managing security policies. Currently, we are using its latest version.
What is most valuable?
It is stable and has a good price. I find it very good.
What needs improvement?
They need to focus on their SLA or technical support. They also need to focus on their UI.
They should also improve their content filtering tool and update it so that correct categories are there. Sometimes, when I want to block an online gaming website, it is not shown under the correct category. It is shown under another category. They need to review their content filtering tool on a bi-weekly or monthly basis and update the sites and categories. This will be really helpful for them.
For how long have I used the solution?
I have been using this solution for two to three years.
What do I think about the stability of the solution?
I am happy with its stability.
What do I think about the scalability of the solution?
I have not scaled it. Currently, I have only one client who is using it.
How are customer service and technical support?
They need to work on their SLA or technical support. Their technical support is not as good as Cisco's support.
They get back in one or two hours, which is not good enough for a security or firewall solution. This is because an organization's security and all the outgoing and incoming traffic depends on the firewall. When they take one hour and two hours to provide the support, an organization is in danger during that whole duration. There are many threats on the internet, and they need only five minutes to hack.
Which solution did I use previously and why did I switch?
We also work with Fortinet, Palo Alto, and Check Point solutions. If a client has Check Point, we work with that. Similarly, if a client has Sophos, we work with Sophos. We have knowledge of different end products. As compared to Cisco ASA, Sophos is good. However, Palo Alto and Check Point are better than Sophos.
How was the initial setup?
If you have more than five years of experience in network security or network administration, it is easy, but if you are a fresher, it is very difficult.
In terms of duration, it takes two days for it to be completely functional in production. Just connecting it doesn't take more than three to four hours.
What's my experience with pricing, setup cost, and licensing?
Price-wise, it is good. Currently, we have a three-year plan.
What other advice do I have?
I would definitely recommend this solution. I find it very good. If you have an experienced engineer with more than five years of experience, you can easily maintain a Sophos solution. An experienced engineer would not require any support and will be capable of handling it. However, if you have someone with two or three years of experience, it will be difficult to handle all the features.
I would rate Sophos Intercept X an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) ZTNA Managed Detection and Response (MDR) Extended Detection and Response (XDR) Ransomware ProtectionPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
SentinelOne Singularity Complete
Cisco Secure Endpoint
Cortex XDR by Palo Alto Networks
Fortinet FortiClient
Symantec Endpoint Security
HP Wolf Security
Trellix Endpoint Security
Trend Vision One Endpoint Security
Kaspersky Endpoint Security for Business
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Sophos Intercept X or Symantec End-User Endpoint Security - which is the better solution?
- Can Sophos Intercept X and Carbon Black be used side by side on endpoints?
- Which endpoint solution is more effective in terms of protection and remote administration: Sophos Intercept X or Kaspersky Endpoint Security?
- How does Crodwstrike Falcon compare with Sophos Intercept X?
- Sophos Intercept X: renewal cost for a security system integrator
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What's the best way to trial endpoint protection solutions?
- What are the threats associated with using ‘bogus’ cybersecurity tools?