Intercept X Endpoint Reviews

We use the solution for endpoint protection and particularly against ransomware. There is CryptoGuard capability within Intercept X. They're also competitive, so people actually leverage it to test the environment against ransomware. It also has the capability to send a warning in any attack. Say they want to assist in the environment so that we are able to run a case incident. I know what has happened, what's happening right now, and then probably what we need to be concerned about.

We have used the solution on-premise previously, but we currently use it on cloud.

I'm aware the on-premise is fading out, so I'm migrating other clients that are running companies to the cloud.

The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit. It would have actually hit the environment before it was protected and Sophos was able to prevent it from ruining the environment. Sophos does this with the firewall to be able to achieve synchronized security, whereby we are able to see an automatic isolation of infected devices or compromised devices on the network.

The detection and the AI capabilities should be improved upon. I also find it narrow of an attack. Even though we have Sophos running on the network, we still have the system being hit. That was probably because Sophos is not running our data. 

Improvement should actually be made on remote capabilities. I would like to see additional features that provide capabilities that show a lot of sources that the attackers are actually making.

I have been using this solution since it was released. We are working with the latest update.

The solution is stable and reliable.

It is easy to scale.

Technical support is good.

Previously, I worked with McAfee. I also have experience using Kaspersky.

McAfee has a component for exploit prevention which works similarly to Intercept X. I've actually seen Intercept X working better than that, especially because in Intercept X you're also leveraging from machine learning.

It's a big issue that there isn't a way to do remote deployment. It's actually difficult because you have to depend on a third party to make sure it actually works. I'm inexperienced on third party use, and it becomes very tedious and almost unmanageable. We have to start helping customers fix their issues at no cost.

The solution requires maintenance, but it is automated.

It's not bad, but compared to competitors, it's a little bit on the high side. The price could be more competitive.

I would rate this solution 9 out of 10. I would recommend Intercept X to other users.

Our primary use case is endpoint protection.

The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability.

I would like to have a built-in firewall, rather than having to integrate one. Having both a personal firewall and an endpoint firewall would be an improvement. It does have firewall monitoring capability but it is integrated with the Windows firewall. Having their own endpoint firewall would be better.

We have been working with Sophos Intercept X for about two weeks.

With respect to stability, given that we have only been using it for a couple of weeks, it is too early to tell. That said, we have not experienced any issues so far.

Scalability has not been a problem.

I have not had any issues, yet, that necessitated contacting technical support.

Prior to Sophos, we were using a product by Symantec. The first difference is the deep learning or machine learning aspect. The second is the cloud administration capabilities. They both support cloud but the administration is better in Sophos.

The initial setup is straightforward.

I find the pricing to be a little bit expensive, although it is acceptable, for now.

The suitability of this product depends on the company and its environment, but for a company like us, I recommend Sophos. 

I would rate this solution a nine out of ten.

We were recently the target of a ransomware attack and we used this product to clean it from our environment. Our in-place endpoint protection is just signature-based and it was not able to identify which device had passed the malware.

I am in charge of monitoring at this time.

Once we installed Intercept X, it was able to detect and remove malware that could not be found by the simple endpoint security solution.

The most valuable feature is the behavioral, non-signature-based threat detection.

We like Sophos Central, where you have access to a security console. It provides you with information such as recommendations on what to do next. Using this, we were able to trace the affected devices, which were then cleaned. If new alerts are given then we know which devices are still affected and we can take the appropriate action.

Sophos Central also shows us which alerts have not yet been attended to, which is nice.

Sophos Central does not provide all of the information that is available, so it requires us to take the additional step of retrieving details from the firewall. It would be more productive if the information between Sophos products were automatically correlated and updated in Sophos Central.

When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two. Automatically correlating these events would save us time.

We began using Sophos Intercept X a few days ago.

We use Intercept X on a daily basis and it is quite stable.

My impression is that this product is scalable.

We have only deployed Intercept X at one hospital, which has about 300 people that it protects. We have approximately six hospitals for which we are recommending its use.

We have only dealt with the sales team in the Philippines. Our concerns were commercial in nature, for the most part, rather than technical.

Prior to Intercept X, we were using the signature-based endpoint protection by Sophos. Our license was just recently up for renewal and we are in the process of upgrading to Intercept X.

In my previous company, we were using Cisco AMP. The beauty of Sophos Intercept X is that it does both signature-based on behavioral threat protection in one agent. With some other solutions, you have to install a different product for each approach.

The initial setup is very simple. We were able to install it in a few minutes and then it automatically begins detection. Completing the initial scan involves rebooting the computer a couple of times, so it takes a little while to complete and clean out the malware if it is there.

The interface is very user-friendly and we were able to deploy and operate it ourselves.

Our company does not have 24/7 monitoring, so we are now looking at a managed SOC that we can subscribe to. Ideally, this type of service will give recommendations, above simply alerting us to problems.

We were able to eliminate the ransomware using the one-month, full-featured trial license. Our intention now is to upgrade our systems to the full product. We were given a corporate rate.

Our licensing includes local support for each of our offices, nationwide. This something that we like.

Overall, this is a good product that seems to address our concerns and I can recommend it.

I would rate this solution a nine out of ten.

We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response).  

We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product.  

We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.  

The most valuable part of the solution in our use case is client isolation. It is a good feature.  

What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs.  

We started using Sophos Intercept X in December of 2019.  

We have not had a problem at all with the stability.  

It is easy to scale this product. As far as the typical organization size that it fits, I would say it is suited for smaller and medium-sized companies. We have not yet installed it at a large customer site, so I cannot answer about large or enterprise companies specifically.  

To this point, I have not had a need to use Sophos support for Intercept X specifically.  

I have used Sophos support for other products that we use. Sophos support for XG is okay if it is just regarding questions about the product. I did not have any problems with them in getting a good answer to questions about the product or installations. But when it comes to device defects, then it can take four to six weeks to get a solution. In that case, the support is really not satisfactory. It does not satisfy me and it is really unacceptable.  

We did use other solutions in the past, including Trend Micro, Symantec, and Kaspersky. The main difference between Sophos Intercept X and the other products is the client reservation feature. I believe that is a standalone point for Sophos as it is the only product that has it. It allows particular hosts to always use the same IP address which is sometimes desirable.  

The administration of Trend Micro is one thing which I like about that product. It is very easy to use. I would say that Trend Micro is better than Sophos on that point.  

We switched to Sophos because we are selling Sophos firewalls already. The Sophos Intercept X product works better with these firewall solutions than other virus scanning products from different vendors. We decided to keep to the same vendor for a more unified solution.  

We started to work with Sophos Endpoint Protection originally and we are on Bonfire XG as well. It is convenient to expand out working with the brand as a partner.  

The initial setup for the product is not simple. It is medium to complex to install and setup.  

After deploying it takes only me and the customer team for maintenance. Really one person can do it. So there is just one person at my company and I have communication with one colleague at the customer site.  

We did not need outside help from a vendor to handle the deployment. I did it myself and we are a partner with Sophos.  

Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my experience with the data loss feature and how it behaves with USB drives.  

The base product and the anti-malware feature are most valuable.

It consumes a lot of resources, and something needs to be done for that.

We use Intercept X Advance in our company, and this is the third year.

It is stable.

It is scalable. We have around 2,500 users. For its maintenance, there are just two or three people.

I never faced any issues.

We were using Symantec. It was on-premises. There was an issue with the company, and I faced an issue with their support. So, I had to switch. I wanted something on the cloud.

It was easy. On the client-side, it hardly takes 15 minutes.

Its price is reasonable.

They have to take care of the resource part. I would rate it a nine out of 10.

The main use case is to have the reversible ransomware attack aspect of Intercept X. It's more of an antivirus solution rather than an EDR solution - a slightly different product to Carbon Black in that respect.

The scalability capabilities are fine.

The stability on offer is fine.

The initial setup can be a little complex. 

The deployment part needs to be improved. It doesn't feed into our SOCs. That's the only thing we have to try and figure out - how we're going to do that. The SOC is our interface with our security partners who monitor our security events. That's done for us on a 24/7 basis.

I've worked with the solution for five years. It's been a while.

We haven't had any issues with stability. It doesn't crash or freeze. It's reliable. 

The entire organization uses Sophos right now. It's pretty ubiquitous.

The solution can scale well, even on our hardware. it hasn't been an issue. 

We also use Carbon Black, although we use it in a bit of a different way. Carbon Black is also easier to set up than Sophos.

The initial setup is a lot harder than, for example, Carbon Black. It's more difficult and complex. Its implementation isn't exactly easy.

It took us a few months to finally get it set up. We ran into some issues.

We're just a customer and an end-user. We don't have a business relationship with Sophos.

The solution is deployed on hardware as well as virtual machines. 

I would rate the solution at a seven out of ten overall. 

We have deployed Sophos Intercept X in our environment, both on desktop as well as server environments. We have set up policies in Sophos. For example, there is a web console that can allow or block websites, and you choose what peripheral control you want your desktop environment to connect to. 

We use threat protection and we configure the settings to what we want to enable or disable on a particular device. If a device had a threat on it we can disable the device. 

The application control allows us to limit the application that users can install on their devices.

The most valuable feature is the CryptoGuard in Sophos. In a case of a ransomware attack, this feature comes into action to protect us. Additionally, the under interface, customization, and integration are very good.

I have been using this solution within the past 12 months.

The solution is stable.

The solution is scalable.

We have approximately 450 users in my organization.

The technical support is good.

You are able to purchase more licenses for the number of devices or servers that you require.

There are many other features available but our license does not include them, such as XDR, which is endpoint detection and response. We have not explored the new features as of yet but plan to in the coming future.

I rate Sophos Intercept X a nine out of ten.

It is easy to interact with, and its cost is also good.

The Data Loss Prevention module can be better. It should also have threat hunting capabilities.

I am really new to it because I just joined a new organization. It has not even been two weeks.

Its stability is good so far.

It is scalable.

Its cost is good.

I would recommend it for small and medium enterprises. I would rate Sophos Intercept X a six out of 10.