Intercept X Endpoint Reviews

Our primary use case is the interception solution in Sophos Intercept X.

We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization.

The future's about anti-malware, next-generation firewalls, and IPS. We value the IDS features of Sophos Intercept X the most. This is the best solution that we use and need.

Sophos Intercept X has room for improvement in the user management of live events.

They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event.

The stability of this solution was great. Sophos is a very powerful tool for all of our needs.

We have an enterprise company. There are branches all over the world. Support for 50 schools over the internet is what we're supposed to intercept. It is scalable.

We have about 500 end users. For deployment and maintenance, we require just a few people. It is done by me and one of my colleagues.

The technical support is not good because we are in Iran. We don't have any solidarity support from the company. We have some sanctions on. We just handle everything by ourselves.

Before Sophos, we had older hardware that was not able to handle this software. We decided to change the solution to the Sophos device.

The setup of Sophos Intercept X was straightforward. Our deployment took about two days, each day six to seven hours of work.

We have used both consultants and a reseller.

We renew the license for one year at $10,000.

Sophos Intercept X is easy to deploy. It has all the features for a small, medium, or large scale business. On a scale from 1 to 10, I would rate this product an eight. 

The security of other devices on Cisco is more reliable and stable, but the user control in Sophos is a feature that Cisco doesn't have.

We are using Sophos Intercept X for network and system security.

The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform.

Most of my clients I have central management, they receive updates automatically.

There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device.

I have been using Sophos Intercept X since it has been released, it has been many years.

Sophos Intercept X is very stable. However, we had a few issues when Apple released Big Sur. At the time the version of Sophos Intercept X that was running on the Macs wouldn't work properly with Big Sur. We had to install a beta, but that problem was resolved fairly quickly.

Sophos Intercept X is highly scalable.

I have found the Sophos office staff to be far more responsive than other vendors, such as Sonic Wall which is awful. I dealt with them for a number of years and I finally couldn't stand it anymore. I felt that Dell destroyed them.

I have been very pleased with tech support. As a partner, I have access directly to their engineers and developers. Their technical support is superior.

The initial setup is very straightforward.

In the centrally managed environments, you create a downloadable install that you can either email to the end-user or, can have available on thumb drives for customers to install. Once it's installed, it's automatically kept up to date with the most current version.

The price of Sophos Intercept X is competitive.

I'm looking at moving to the EDR version of Sophos because I have a number of clients that have extremely critical data. One of them handles a lot of money for their clients, and the others are lawyers. The security of not only their own information, but their client information, is critical to them. The Intercept X EDR offering is starting to look like it might be a good solution for several of them because of the live monitoring of the threat attempts on their endpoints.

The EDR is an additional managed service that's a component of the antivirus, where depending upon which level you choose, you either have a team that is monitoring responses from your system, or at a higher level, you have dedicated resources that are monitoring your systems. If there's an alert, they immediately respond to that alert and research it, not only quarantine it, the AV quarantines it, but with the EDR function, it alerts the Sophos team that there has been a potential issue, and they'll immediately begin to research it.

My advice to others would be to use centralized management because it makes it much easier to implement, manage, track the installations, and the day-to-day usage. With the central management, you can see every PC or Mac that's connected, any activity, and any issues. You can narrow any issue down to the computer if it's had to quarantine anything. Additionally, you can tell how long it's been since the computer last communicated. It's a very powerful tool, I would recommend it. To the extent their clients are willing to accept the central manager, it is the best option.

I rate Sophos Intercept X a nine out of ten.

The primary use of the solution is to block threats. It contains a quick queries engine that can help us figure out where all threats are coming from.

The most valuable feature of the solution is that it is less hash-based than competitors.

I would like the solution to have more functions and to be more user-friendly. 

In the next release, the solution could have more use cases. For example, protection against ransomware.

I have used the solution for approximately one month. 

I find the solution to be stable and secure. However, there are some operational issues with the hashing algorithm.

We have 7000 uses in our organization using the solution. 

I have used Falcon CrowdStrike and Kaspersky.

The installation of the solution is straightforward and took approximately two days for tuning. 

The solution was deployed by the vendor team, using approximately three administrators.

The solution requires an annual subscription. 

I rate Sophos Intercept X a seven out of ten. 

We use the solution for endpoint protection and particularly against ransomware. There is CryptoGuard capability within Intercept X. They're also competitive, so people actually leverage it to test the environment against ransomware. It also has the capability to send a warning in any attack. Say they want to assist in the environment so that we are able to run a case incident. I know what has happened, what's happening right now, and then probably what we need to be concerned about.

We have used the solution on-premise previously, but we currently use it on cloud.

I'm aware the on-premise is fading out, so I'm migrating other clients that are running companies to the cloud.

The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit. It would have actually hit the environment before it was protected and Sophos was able to prevent it from ruining the environment. Sophos does this with the firewall to be able to achieve synchronized security, whereby we are able to see an automatic isolation of infected devices or compromised devices on the network.

The detection and the AI capabilities should be improved upon. I also find it narrow of an attack. Even though we have Sophos running on the network, we still have the system being hit. That was probably because Sophos is not running our data. 

Improvement should actually be made on remote capabilities. I would like to see additional features that provide capabilities that show a lot of sources that the attackers are actually making.

I have been using this solution since it was released. We are working with the latest update.

The solution is stable and reliable.

It is easy to scale.

Technical support is good.

Previously, I worked with McAfee. I also have experience using Kaspersky.

McAfee has a component for exploit prevention which works similarly to Intercept X. I've actually seen Intercept X working better than that, especially because in Intercept X you're also leveraging from machine learning.

It's a big issue that there isn't a way to do remote deployment. It's actually difficult because you have to depend on a third party to make sure it actually works. I'm inexperienced on third party use, and it becomes very tedious and almost unmanageable. We have to start helping customers fix their issues at no cost.

The solution requires maintenance, but it is automated.

It's not bad, but compared to competitors, it's a little bit on the high side. The price could be more competitive.

I would rate this solution 9 out of 10. I would recommend Intercept X to other users.

Our primary use case is endpoint protection.

The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability.

I would like to have a built-in firewall, rather than having to integrate one. Having both a personal firewall and an endpoint firewall would be an improvement. It does have firewall monitoring capability but it is integrated with the Windows firewall. Having their own endpoint firewall would be better.

We have been working with Sophos Intercept X for about two weeks.

With respect to stability, given that we have only been using it for a couple of weeks, it is too early to tell. That said, we have not experienced any issues so far.

Scalability has not been a problem.

I have not had any issues, yet, that necessitated contacting technical support.

Prior to Sophos, we were using a product by Symantec. The first difference is the deep learning or machine learning aspect. The second is the cloud administration capabilities. They both support cloud but the administration is better in Sophos.

The initial setup is straightforward.

I find the pricing to be a little bit expensive, although it is acceptable, for now.

The suitability of this product depends on the company and its environment, but for a company like us, I recommend Sophos. 

I would rate this solution a nine out of ten.

We were recently the target of a ransomware attack and we used this product to clean it from our environment. Our in-place endpoint protection is just signature-based and it was not able to identify which device had passed the malware.

I am in charge of monitoring at this time.

Once we installed Intercept X, it was able to detect and remove malware that could not be found by the simple endpoint security solution.

The most valuable feature is the behavioral, non-signature-based threat detection.

We like Sophos Central, where you have access to a security console. It provides you with information such as recommendations on what to do next. Using this, we were able to trace the affected devices, which were then cleaned. If new alerts are given then we know which devices are still affected and we can take the appropriate action.

Sophos Central also shows us which alerts have not yet been attended to, which is nice.

Sophos Central does not provide all of the information that is available, so it requires us to take the additional step of retrieving details from the firewall. It would be more productive if the information between Sophos products were automatically correlated and updated in Sophos Central.

When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two. Automatically correlating these events would save us time.

We began using Sophos Intercept X a few days ago.

We use Intercept X on a daily basis and it is quite stable.

My impression is that this product is scalable.

We have only deployed Intercept X at one hospital, which has about 300 people that it protects. We have approximately six hospitals for which we are recommending its use.

We have only dealt with the sales team in the Philippines. Our concerns were commercial in nature, for the most part, rather than technical.

Prior to Intercept X, we were using the signature-based endpoint protection by Sophos. Our license was just recently up for renewal and we are in the process of upgrading to Intercept X.

In my previous company, we were using Cisco AMP. The beauty of Sophos Intercept X is that it does both signature-based on behavioral threat protection in one agent. With some other solutions, you have to install a different product for each approach.

The initial setup is very simple. We were able to install it in a few minutes and then it automatically begins detection. Completing the initial scan involves rebooting the computer a couple of times, so it takes a little while to complete and clean out the malware if it is there.

The interface is very user-friendly and we were able to deploy and operate it ourselves.

Our company does not have 24/7 monitoring, so we are now looking at a managed SOC that we can subscribe to. Ideally, this type of service will give recommendations, above simply alerting us to problems.

We were able to eliminate the ransomware using the one-month, full-featured trial license. Our intention now is to upgrade our systems to the full product. We were given a corporate rate.

Our licensing includes local support for each of our offices, nationwide. This something that we like.

Overall, this is a good product that seems to address our concerns and I can recommend it.

I would rate this solution a nine out of ten.

We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response).  

We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product.  

We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.  

The most valuable part of the solution in our use case is client isolation. It is a good feature.  

What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs.  

We started using Sophos Intercept X in December of 2019.  

We have not had a problem at all with the stability.  

It is easy to scale this product. As far as the typical organization size that it fits, I would say it is suited for smaller and medium-sized companies. We have not yet installed it at a large customer site, so I cannot answer about large or enterprise companies specifically.  

To this point, I have not had a need to use Sophos support for Intercept X specifically.  

I have used Sophos support for other products that we use. Sophos support for XG is okay if it is just regarding questions about the product. I did not have any problems with them in getting a good answer to questions about the product or installations. But when it comes to device defects, then it can take four to six weeks to get a solution. In that case, the support is really not satisfactory. It does not satisfy me and it is really unacceptable.  

We did use other solutions in the past, including Trend Micro, Symantec, and Kaspersky. The main difference between Sophos Intercept X and the other products is the client reservation feature. I believe that is a standalone point for Sophos as it is the only product that has it. It allows particular hosts to always use the same IP address which is sometimes desirable.  

The administration of Trend Micro is one thing which I like about that product. It is very easy to use. I would say that Trend Micro is better than Sophos on that point.  

We switched to Sophos because we are selling Sophos firewalls already. The Sophos Intercept X product works better with these firewall solutions than other virus scanning products from different vendors. We decided to keep to the same vendor for a more unified solution.  

We started to work with Sophos Endpoint Protection originally and we are on Bonfire XG as well. It is convenient to expand out working with the brand as a partner.  

The initial setup for the product is not simple. It is medium to complex to install and setup.  

After deploying it takes only me and the customer team for maintenance. Really one person can do it. So there is just one person at my company and I have communication with one colleague at the customer site.  

We did not need outside help from a vendor to handle the deployment. I did it myself and we are a partner with Sophos.  

Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my experience with the data loss feature and how it behaves with USB drives.  

The base product and the anti-malware feature are most valuable.

It consumes a lot of resources, and something needs to be done for that.

We use Intercept X Advance in our company, and this is the third year.

It is stable.

It is scalable. We have around 2,500 users. For its maintenance, there are just two or three people.

I never faced any issues.

We were using Symantec. It was on-premises. There was an issue with the company, and I faced an issue with their support. So, I had to switch. I wanted something on the cloud.

It was easy. On the client-side, it hardly takes 15 minutes.

Its price is reasonable.

They have to take care of the resource part. I would rate it a nine out of 10.