I am not in the office at the moment and would have to check which version we are using.
A scalable, stable and easily installable solution
Pros and Cons
- "The solution is scalable."
- "Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others."
What is our primary use case?
What is most valuable?
We have a firewall, for which we will be adding support and integration capabilities.
What needs improvement?
Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others. This way I could know if a virus or issue is a result of an identifiable program that the user may have downloaded.
Also, while the tamper protection is a very good feature, it requires of me to first login to Sophos Central and then look for the Sophos protection password for the particular machine I wish to use. While this is definitely good, this could pose an issue when the internet connection is not working up to speed, something which is occasionally problematic for some of us here in Africa.
For how long have I used the solution?
I have been using Sophos Intercept X for three years.
Buyer's Guide
Intercept X Endpoint
November 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
817,354 professionals have used our research since 2012.
What do I think about the stability of the solution?
From what I can observe, I would say that the solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
You provide us with technical support through our partner relationship.
How was the initial setup?
The initial set up for me was not an issue. I found it to be simple and straightforward, although I cannot recall how long it took, as it has been a while.
What other advice do I have?
I would recommend the solution to others.
I rate Sophos Intercept X as a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Director at Geekz Information Technology
Effective EDR, reliable, and scalable
Pros and Cons
- "I have found the most valuable feature to be the EDR."
- "The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future."
What is most valuable?
I have found the most valuable feature to be the EDR.
What needs improvement?
The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future.
For how long have I used the solution?
I have been using this solution for approximately five years.
What do I think about the stability of the solution?
I have found the solution to be stable.
What do I think about the scalability of the solution?
The solution is scalable. We have multiple clients and have approximately 1,000 users using the solution.
How are customer service and technical support?
We have not had a good experience with technical support. The quality of support we received was not what someone would expect from a leading solution provider.
Which solution did I use previously and why did I switch?
We have used McAfee and Trend Micro previously. The customer's environment would determine what is the best option that we would recommend. For example, if the customer has a Sophos firewall and other Sophos products, then it would be better to go with Sophos Intercept X.
What's my experience with pricing, setup cost, and licensing?
The price of this solution is a little high compared to competitors because they do not have a proper pricing structure.
What other advice do I have?
I rate Sophos Intercept X an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Buyer's Guide
Intercept X Endpoint
November 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
817,354 professionals have used our research since 2012.
President at a tech vendor with 1-10 employees
Great reporting and good training with a pretty straightforward setup
Pros and Cons
- "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
- "The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
What is our primary use case?
We primarily use the solution for malware protection.
How has it helped my organization?
Without a doubt, this product has helped our organization. We've been deploying Sophos Firewall for probably 15 years now. We haven't had a lot of trouble, and prior to using the Sophos product, we were using a lot of Symantec products and occasionally some others. We have not had a lot of problems with infections. By that I mean, if we had three attacks over the 15 years I'd be kind of surprised, That's usually due to the fact that somebody was doing something stupid. Otherwise, we've been very well protected. Basically, if a lot of people are looking maliciously at any of our clients, they aren't getting very far.
What is most valuable?
The reporting is pretty good up on the Sophos side. We can see if anything's going on, at least from Sophos' perspective.
The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer.
Occasionally, we do get noticed, however, we don't always get noticed, and I sometimes wonder is that just due to the fact that our client computers are tough to get at? We also deploy the Sophos Firewall on client sites, and it's relatively difficult for a bad guy to get in there.
We've been happy with it and we've been happy with the training that Sophos has. They keep us up to date on any changes that the solution has.
What needs improvement?
I don't know how many infections this protected us from. It might be nice to have a view of what has come at us. You're blocking certain types of traffic. It's not malware per se. You would get a message for this, however, you never really know if this was really a bad guy or just some 16-year-old who knows computers.
There's always room for improvement in pricing.
From a corporate perspective and from a customer perspective, switching is very difficult to do. It's not an easy task.
The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them.
I would like to see a templated selection of items that ought to be implemented, that right out of the gate, you can just turn on. This is what we recommend for standard workstations that are running under normal circumstances. It's not that you can't have a template in there. You can create your own template and stuff like that, however, they haven't yet spent a whole lot of time figuring out if you're in the, I don't know, medical business and you need HIPAA and you need this and that, these are all the standard things you ought to deploy. It would be ideal if you could just flip the switch, and it turns them all on.
Also, after you've turned this stuff on in mass like that, you sometimes don't immediately know what the problem is if they all of a sudden can't talk to vendor X. Like in banking, they get a lot of offsite services. You should be able to say "Okay, so I blocked them somehow with one of these things. I don't know which one it is, Help me find it so I don't have to turn everything off." Otherwise, I've got to turn off the whole thing and switch them on one by one, which is time-consuming.
For how long have I used the solution?
I've been dealing with the solution for a year and a half. The company has been deploying Sophos for 15 years or so.
What do I think about the stability of the solution?
Thinking back on it, we only ran into maybe one bug in the whole time we've used the product. One time, when we upgraded Windows, it wasn't compliant and I remembered that my business partner told me that he had to go to Sophos for help. They quickly resolved the problem.
We've had very few issues. A company should not fear installing it. It's pretty reliable.
What do I think about the scalability of the solution?
Our clients are all small businesses generally. The solution seems to be quite easy to scale in the market that we serve, which would be up to a hundred or so users. We haven't had any problems, however, I haven't deployed it for 10,000 users -which would be a totally different thing. Therefore, while it scales well for small businesses, I can't speak to how it would scale at an enterprise-level.
We do work with a university, and we do some work with a couple of different school districts in the San Diego area. We do some consulting for all three of those. If they asked us to recommend a product, we do recommend a product like this and we help people out with that sort of thing.
How are customer service and technical support?
Technical support could be faster. We can't really get a hold of them when we need to. They really need to improve their services.
Issues get resolved quick enough. However, there are just issues that cause a lot of unnecessary back and forth. For example, we had a client for who we had installed a temporary license for Intercept X, and then subsequent to that, when we tried to put on the real license, bought it, paid for it, got the key, tried to plug it in, that worked fine. However, all of a sudden it started telling us it was having problems with the temporary license, which was supposed to have been replaced. That was a back and forth. It really took us about two weeks to get that resolved with them. Not a huge problem, not causing alarms that people were getting in, that shouldn't get in, however, I kind of thought somebody would get back to me in a day or two. It didn't take them two weeks to get back to me, but there was a fair amount of back and forth about how to resolve this.
I would say that the quality of the support when you talk to them is very good. I would rate that a nine out of ten. That said, the lack of availability at times of support is concerning, particularly if we were to have an ongoing hack. Sophos now offers a service where they will jump in there for quite a large fee and mitigate everything quickly. However, when you already have bought a product that's supposed to be doing that same job, it seems strange they would charge you again to actually do the job.
Having talked to some of those guys on the tech side, they are extreme. Those guys on that side are super knowledgeable and they can jump in there quickly and check a lot of things way faster than I could ever do it, simply due to the fact that they're so much more familiar with the product and with the way that attacks run.
I don't see them every day so, even though I go to training and I watch it on the training and so forth, it's not something that I fiddle with all the time. I simply don't need to, which is great. It keeps me a step removed from it.
Which solution did I use previously and why did I switch?
We previously used Symantec among other products.
Symantec has changed a lot over the last 10 years. They used to be a totally different company. We were not only concerned about the product and the quality of the product and the availability of support and all of these sorts of things at first. However, they were also beginning to fall behind in terms of their technical capabilities on their product, and then we also already had a relationship with Sophos because of the firewalls, so it was a natural transition away from Symantec.
We were deploying the UTMs or what they call the SG line, and they've subsequently come out with the XG line, and if you have their cloud-based management solution, you can manage the XG line of firewalls with Intercept X, and they can look at each other's data and make decisions, AI kinds of decisions, or just scripted decisions, based on what the other is finding. It's much more advanced.
How was the initial setup?
The initial setup isn't too difficult. Once you learn it, it's pretty straightforward.
There is a learning curve, and if you haven't learned it, and I would assume this is the same with anybody's product, then you're not really sure what options you want to enable and not enable and so forth. If you turn on too much stuff, let's put it that way, your end user's computer ends up running slowly. You have to be smart about what you're doing.
What's my experience with pricing, setup cost, and licensing?
It doesn't have every function that's out there in the universe. However, it's really quite good and it's a reasonable value for the money compared to some of the alternatives that I've seen. However, I'm not super familiar with the alternatives. I know their names, I kind of know what they do, I read the reviews on your site and others, and we're always looking at it, however, I haven't really studied them.
What other advice do I have?
We're Sophos partners and resellers.
We always deploy the latest version of the solution. We deploy the Intercept X Advanced with EDR.
All the management is done through the cloud. Then there's a client piece you put on, on-premises. We do the management through the cloud and we put the client piece on the premises.
I like a lot of the things that Sophos is doing. They didn't have one this year, however, they have an annual conference, and one of the things they had done, this was right before they got bought by this other company, is they had hired a lot of really top talent. These guys, when I was at the conference for a few days, just listening to them talk, you're mesmerized with how sharp and bright these guys are and what they're adding into the program. Not to say that others aren't getting some of this stuff too, however, it was really impressive. You felt like they had it together. You trust that by sticking with these guys, you're absolutely going to have minimal, to no issues at all.
I'd recommend the solution. It's a really good product. I realized that there are other good products out there and it's not that other companies shouldn't take a look at other products. However, it works, it does what it's supposed to do, and, once you learn it, it's easy to manage and the link to the firewall is really good and a great idea. It's smart to implement a single plan across people's networks. It just makes a lot of sense.
Overall, I would rate the solution nine out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Head-Information Technology at a real estate/law firm with 201-500 employees
Utilizes machine learning functionality and provides good cloud-based administration
Pros and Cons
- "The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability."
- "I would like to have a built-in firewall, rather than having to integrate one."
What is our primary use case?
Our primary use case is endpoint protection.
What is most valuable?
The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability.
What needs improvement?
I would like to have a built-in firewall, rather than having to integrate one. Having both a personal firewall and an endpoint firewall would be an improvement. It does have firewall monitoring capability but it is integrated with the Windows firewall. Having their own endpoint firewall would be better.
For how long have I used the solution?
We have been working with Sophos Intercept X for about two weeks.
What do I think about the stability of the solution?
With respect to stability, given that we have only been using it for a couple of weeks, it is too early to tell. That said, we have not experienced any issues so far.
What do I think about the scalability of the solution?
Scalability has not been a problem.
How are customer service and technical support?
I have not had any issues, yet, that necessitated contacting technical support.
Which solution did I use previously and why did I switch?
Prior to Sophos, we were using a product by Symantec. The first difference is the deep learning or machine learning aspect. The second is the cloud administration capabilities. They both support cloud but the administration is better in Sophos.
How was the initial setup?
The initial setup is straightforward.
What's my experience with pricing, setup cost, and licensing?
I find the pricing to be a little bit expensive, although it is acceptable, for now.
What other advice do I have?
The suitability of this product depends on the company and its environment, but for a company like us, I recommend Sophos.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Administrator at a tech services company with 51-200 employees
Not just another simple virus-scanning product, but it does not handle removable USB drives well
Pros and Cons
- "It is not just a simple virus scanning product. It handles more advanced needs."
- "This product does not handle USB drives well."
What is our primary use case?
We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response).
We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product.
We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.
What is most valuable?
The most valuable part of the solution in our use case is client isolation. It is a good feature.
What needs improvement?
What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs.
For how long have I used the solution?
We started using Sophos Intercept X in December of 2019.
What do I think about the stability of the solution?
We have not had a problem at all with the stability.
What do I think about the scalability of the solution?
It is easy to scale this product. As far as the typical organization size that it fits, I would say it is suited for smaller and medium-sized companies. We have not yet installed it at a large customer site, so I cannot answer about large or enterprise companies specifically.
How are customer service and technical support?
To this point, I have not had a need to use Sophos support for Intercept X specifically.
I have used Sophos support for other products that we use. Sophos support for XG is okay if it is just regarding questions about the product. I did not have any problems with them in getting a good answer to questions about the product or installations. But when it comes to device defects, then it can take four to six weeks to get a solution. In that case, the support is really not satisfactory. It does not satisfy me and it is really unacceptable.
Which solution did I use previously and why did I switch?
We did use other solutions in the past, including Trend Micro, Symantec, and Kaspersky. The main difference between Sophos Intercept X and the other products is the client reservation feature. I believe that is a standalone point for Sophos as it is the only product that has it. It allows particular hosts to always use the same IP address which is sometimes desirable.
The administration of Trend Micro is one thing which I like about that product. It is very easy to use. I would say that Trend Micro is better than Sophos on that point.
We switched to Sophos because we are selling Sophos firewalls already. The Sophos Intercept X product works better with these firewall solutions than other virus scanning products from different vendors. We decided to keep to the same vendor for a more unified solution.
We started to work with Sophos Endpoint Protection originally and we are on Bonfire XG as well. It is convenient to expand out working with the brand as a partner.
How was the initial setup?
The initial setup for the product is not simple. It is medium to complex to install and setup.
After deploying it takes only me and the customer team for maintenance. Really one person can do it. So there is just one person at my company and I have communication with one colleague at the customer site.
What about the implementation team?
We did not need outside help from a vendor to handle the deployment. I did it myself and we are a partner with Sophos.
What other advice do I have?
Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation.
On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my experience with the data loss feature and how it behaves with USB drives.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Straightforward installation, secure, but could be more user-friendly
Pros and Cons
- "The most valuable feature of the solution is that it is less hash-based than competitors."
- "I would like the solution to have more functions and to be more user-friendly."
What is our primary use case?
The primary use of the solution is to block threats. It contains a quick queries engine that can help us figure out where all threats are coming from.
What is most valuable?
The most valuable feature of the solution is that it is less hash-based than competitors.
What needs improvement?
I would like the solution to have more functions and to be more user-friendly.
In the next release, the solution could have more use cases. For example, protection against ransomware.
For how long have I used the solution?
I have used the solution for approximately one month.
What do I think about the stability of the solution?
I find the solution to be stable and secure. However, there are some operational issues with the hashing algorithm.
What do I think about the scalability of the solution?
We have 7000 uses in our organization using the solution.
Which solution did I use previously and why did I switch?
I have used Falcon CrowdStrike and Kaspersky.
How was the initial setup?
The installation of the solution is straightforward and took approximately two days for tuning.
What about the implementation team?
The solution was deployed by the vendor team, using approximately three administrators.
What's my experience with pricing, setup cost, and licensing?
The solution requires an annual subscription.
What other advice do I have?
I rate Sophos Intercept X a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Analyst at a educational organization with 1,001-5,000 employees
Plenty of features, effective ransomware protection, and good interface
Pros and Cons
- "The most valuable feature is the CryptoGuard in Sophos. In a case of a ransomware attack, this feature comes into action to protect us."
What is our primary use case?
We have deployed Sophos Intercept X in our environment, both on desktop as well as server environments. We have set up policies in Sophos. For example, there is a web console that can allow or block websites, and you choose what peripheral control you want your desktop environment to connect to.
We use threat protection and we configure the settings to what we want to enable or disable on a particular device. If a device had a threat on it we can disable the device.
The application control allows us to limit the application that users can install on their devices.
What is most valuable?
The most valuable feature is the CryptoGuard in Sophos. In a case of a ransomware attack, this feature comes into action to protect us. Additionally, the under interface, customization, and integration are very good.
For how long have I used the solution?
I have been using this solution within the past 12 months.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
We have approximately 450 users in my organization.
How are customer service and technical support?
The technical support is good.
What's my experience with pricing, setup cost, and licensing?
You are able to purchase more licenses for the number of devices or servers that you require.
There are many other features available but our license does not include them, such as XDR, which is endpoint detection and response. We have not explored the new features as of yet but plan to in the coming future.
What other advice do I have?
I rate Sophos Intercept X a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Director at a security firm with 1-10 employees
A very good detection rate, good security metrics and AI
Pros and Cons
- "Offers artificial intelligence, security metrics and a lot of information gathered to make decisions."
- "Needs more flexible reporting, particularly for medium to large size companies."
What is our primary use case?
I'm the technical director and we are partners with Sophos.
What is most valuable?
This solution is an EDR antivirus with some artificial intelligence, security metrics and a lot of information gathered to make decisions. Without Intercept X, I think Sophos would have lost the antivirus fight and stayed as a UTM vendor. The solution has a very good detection rate. With the new threats, if you don't have Intercept X, you won't be protected from attacks.
What needs improvement?
I think this solution needs more flexible reporting, particularly for medium to large size companies and I'd like to see some varied options for making reports. Communication with all the antivirus vendors could be improved. We need lateral communication with other antivirus and security products. We need to communicate from one site to the other, possibly nothing will be required as a result, but it would be good to have this information and to have it easily transferred.
What other advice do I have?
I rate this solution a nine out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) ZTNA Managed Detection and Response (MDR) Extended Detection and Response (XDR) Ransomware ProtectionPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Symantec Endpoint Security
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
VMware Carbon Black Endpoint
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Sophos Intercept X or Symantec End-User Endpoint Security - which is the better solution?
- Can Sophos Intercept X and Carbon Black be used side by side on endpoints?
- Which endpoint solution is more effective in terms of protection and remote administration: Sophos Intercept X or Kaspersky Endpoint Security?
- How does Crodwstrike Falcon compare with Sophos Intercept X?
- Sophos Intercept X: renewal cost for a security system integrator
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?