Intercept X Endpoint Reviews

Sophos Intercept X is primarily used as an antivirus. It's a next-generation antivirus solution.

It's quite useful.

The performance is good.

The installation process could be faster.

They can reduce the size of the software that is required. 

It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee.

I have been providing Sophos Intercept X for more than two years.

We began with an on-premises installation, the endpoint devices and PCs on the server, but the console is hosted in the cloud.

Sophos Intercept X is a stable solution.

Sophos Intercept X is scalable.

We have a few hundred users.

Our clients have contacted technical support.

The installation is straightforward, but occasionally, you encounter issues, and you have to perform the installation again.

We have two or three administrators to manage Sophos Intercept X.

Clients have to pay licensing fees. They offer both monthly and yearly licenses.

We sell MSP, manage service provider perpetual licenses.

On top of that, they have the option of purchasing additional features. They now include HDR, endpoint detection, and response features. That is an additional license that you can purchase and use with the same software.

I would recommend this solution to others who are considering using it.

It is cost-effective, I would rate Sophos Intercept X an eight out of ten.

I am not in the office at the moment and would have to check which version we are using. 

We have a firewall, for which we will be adding support and integration capabilities. 

Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others. This way I could know if a virus or issue is a result of an identifiable program that the user may have downloaded. 

Also, while the tamper protection is a very good feature, it requires of me to first login to Sophos Central and then look for the Sophos protection password for the particular machine I wish to use. While this is definitely good, this could pose an issue when the internet connection is not working up to speed, something which is occasionally problematic for some of us here in Africa. 

I have been using Sophos Intercept X for three years.

From what I can observe, I would say that the solution is stable. 

The solution is scalable. 

You provide us with technical support through our partner relationship. 

The initial set up for me was not an issue. I found it to be simple and straightforward, although I cannot recall how long it took, as it has been a while. 

I would recommend the solution to others.

I rate Sophos Intercept X as a ten out of ten. 

We primarily use the solution for malware protection.

Without a doubt, this product has helped our organization. We've been deploying Sophos Firewall for probably 15 years now. We haven't had a lot of trouble, and prior to using the Sophos product, we were using a lot of Symantec products and occasionally some others. We have not had a lot of problems with infections. By that I mean, if we had three attacks over the 15 years I'd be kind of surprised, That's usually due to the fact that somebody was doing something stupid. Otherwise, we've been very well protected. Basically, if a lot of people are looking maliciously at any of our clients, they aren't getting very far.

The reporting is pretty good up on the Sophos side. We can see if anything's going on, at least from Sophos' perspective. 

The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer. 

Occasionally, we do get noticed, however, we don't always get noticed, and I sometimes wonder is that just due to the fact that our client computers are tough to get at? We also deploy the Sophos Firewall on client sites, and it's relatively difficult for a bad guy to get in there.

We've been happy with it and we've been happy with the training that Sophos has. They keep us up to date on any changes that the solution has.

I don't know how many infections this protected us from. It might be nice to have a view of what has come at us. You're blocking certain types of traffic. It's not malware per se. You would get a message for this, however, you never really know if this was really a bad guy or just some 16-year-old who knows computers.

There's always room for improvement in pricing. 

From a corporate perspective and from a customer perspective, switching is very difficult to do. It's not an easy task. 

The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them.

I would like to see a templated selection of items that ought to be implemented, that right out of the gate, you can just turn on. This is what we recommend for standard workstations that are running under normal circumstances. It's not that you can't have a template in there. You can create your own template and stuff like that, however, they haven't yet spent a whole lot of time figuring out if you're in the, I don't know, medical business and you need HIPAA and you need this and that, these are all the standard things you ought to deploy. It would be ideal if you could just flip the switch, and it turns them all on.

Also, after you've turned this stuff on in mass like that, you sometimes don't immediately know what the problem is if they all of a sudden can't talk to vendor X. Like in banking, they get a lot of offsite services. You should be able to say "Okay, so I blocked them somehow with one of these things. I don't know which one it is, Help me find it so I don't have to turn everything off." Otherwise, I've got to turn off the whole thing and switch them on one by one, which is time-consuming.

I've been dealing with the solution for a year and a half. The company has been deploying Sophos for 15 years or so.

Thinking back on it, we only ran into maybe one bug in the whole time we've used the product. One time, when we upgraded Windows, it wasn't compliant and I remembered that my business partner told me that he had to go to Sophos for help. They quickly resolved the problem.

We've had very few issues. A company should not fear installing it. It's pretty reliable.

Our clients are all small businesses generally. The solution seems to be quite easy to scale in the market that we serve, which would be up to a hundred or so users. We haven't had any problems, however, I haven't deployed it for 10,000 users -which would be a totally different thing. Therefore, while it scales well for small businesses, I can't speak to how it would scale at an enterprise-level.

We do work with a university, and we do some work with a couple of different school districts in the San Diego area. We do some consulting for all three of those. If they asked us to recommend a product, we do recommend a product like this and we help people out with that sort of thing.

Technical support could be faster. We can't really get a hold of them when we need to. They really need to improve their services.

Issues get resolved quick enough. However, there are just issues that cause a lot of unnecessary back and forth. For example, we had a client for who we had installed a temporary license for Intercept X, and then subsequent to that, when we tried to put on the real license, bought it, paid for it, got the key, tried to plug it in, that worked fine. However, all of a sudden it started telling us it was having problems with the temporary license, which was supposed to have been replaced. That was a back and forth. It really took us about two weeks to get that resolved with them. Not a huge problem, not causing alarms that people were getting in, that shouldn't get in, however, I kind of thought somebody would get back to me in a day or two. It didn't take them two weeks to get back to me, but there was a fair amount of back and forth about how to resolve this.

I would say that the quality of the support when you talk to them is very good. I would rate that a nine out of ten. That said, the lack of availability at times of support is concerning, particularly if we were to have an ongoing hack. Sophos now offers a service where they will jump in there for quite a large fee and mitigate everything quickly. However, when you already have bought a product that's supposed to be doing that same job, it seems strange they would charge you again to actually do the job.

Having talked to some of those guys on the tech side, they are extreme. Those guys on that side are super knowledgeable and they can jump in there quickly and check a lot of things way faster than I could ever do it, simply due to the fact that they're so much more familiar with the product and with the way that attacks run.

I don't see them every day so, even though I go to training and I watch it on the training and so forth, it's not something that I fiddle with all the time. I simply don't need to, which is great. It keeps me a step removed from it.

We previously used Symantec among other products.

Symantec has changed a lot over the last 10 years. They used to be a totally different company. We were not only concerned about the product and the quality of the product and the availability of support and all of these sorts of things at first. However, they were also beginning to fall behind in terms of their technical capabilities on their product, and then we also already had a relationship with Sophos because of the firewalls, so it was a natural transition away from Symantec.

We were deploying the UTMs or what they call the SG line, and they've subsequently come out with the XG line, and if you have their cloud-based management solution, you can manage the XG line of firewalls with Intercept X, and they can look at each other's data and make decisions, AI kinds of decisions, or just scripted decisions, based on what the other is finding. It's much more advanced.

The initial setup isn't too difficult. Once you learn it, it's pretty straightforward.

There is a learning curve, and if you haven't learned it, and I would assume this is the same with anybody's product, then you're not really sure what options you want to enable and not enable and so forth. If you turn on too much stuff, let's put it that way, your end user's computer ends up running slowly. You have to be smart about what you're doing.

It doesn't have every function that's out there in the universe. However, it's really quite good and it's a reasonable value for the money compared to some of the alternatives that I've seen. However, I'm not super familiar with the alternatives. I know their names, I kind of know what they do, I read the reviews on your site and others, and we're always looking at it, however, I haven't really studied them.

We're Sophos partners and resellers.

We always deploy the latest version of the solution. We deploy the Intercept X Advanced with EDR.

All the management is done through the cloud. Then there's a client piece you put on, on-premises. We do the management through the cloud and we put the client piece on the premises.

I like a lot of the things that Sophos is doing. They didn't have one this year, however, they have an annual conference, and one of the things they had done, this was right before they got bought by this other company, is they had hired a lot of really top talent. These guys, when I was at the conference for a few days, just listening to them talk, you're mesmerized with how sharp and bright these guys are and what they're adding into the program. Not to say that others aren't getting some of this stuff too, however, it was really impressive. You felt like they had it together. You trust that by sticking with these guys, you're absolutely going to have minimal, to no issues at all.

I'd recommend the solution. It's a really good product. I realized that there are other good products out there and it's not that other companies shouldn't take a look at other products. However, it works, it does what it's supposed to do, and, once you learn it, it's easy to manage and the link to the firewall is really good and a great idea. It's smart to implement a single plan across people's networks. It just makes a lot of sense.

Overall, I would rate the solution nine out of ten.

Our primary use case is endpoint protection.

The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability.

I would like to have a built-in firewall, rather than having to integrate one. Having both a personal firewall and an endpoint firewall would be an improvement. It does have firewall monitoring capability but it is integrated with the Windows firewall. Having their own endpoint firewall would be better.

We have been working with Sophos Intercept X for about two weeks.

With respect to stability, given that we have only been using it for a couple of weeks, it is too early to tell. That said, we have not experienced any issues so far.

Scalability has not been a problem.

I have not had any issues, yet, that necessitated contacting technical support.

Prior to Sophos, we were using a product by Symantec. The first difference is the deep learning or machine learning aspect. The second is the cloud administration capabilities. They both support cloud but the administration is better in Sophos.

The initial setup is straightforward.

I find the pricing to be a little bit expensive, although it is acceptable, for now.

The suitability of this product depends on the company and its environment, but for a company like us, I recommend Sophos. 

I would rate this solution a nine out of ten.

We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response).  

We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product.  

We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.  

The most valuable part of the solution in our use case is client isolation. It is a good feature.  

What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs.  

We started using Sophos Intercept X in December of 2019.  

We have not had a problem at all with the stability.  

It is easy to scale this product. As far as the typical organization size that it fits, I would say it is suited for smaller and medium-sized companies. We have not yet installed it at a large customer site, so I cannot answer about large or enterprise companies specifically.  

To this point, I have not had a need to use Sophos support for Intercept X specifically.  

I have used Sophos support for other products that we use. Sophos support for XG is okay if it is just regarding questions about the product. I did not have any problems with them in getting a good answer to questions about the product or installations. But when it comes to device defects, then it can take four to six weeks to get a solution. In that case, the support is really not satisfactory. It does not satisfy me and it is really unacceptable.  

We did use other solutions in the past, including Trend Micro, Symantec, and Kaspersky. The main difference between Sophos Intercept X and the other products is the client reservation feature. I believe that is a standalone point for Sophos as it is the only product that has it. It allows particular hosts to always use the same IP address which is sometimes desirable.  

The administration of Trend Micro is one thing which I like about that product. It is very easy to use. I would say that Trend Micro is better than Sophos on that point.  

We switched to Sophos because we are selling Sophos firewalls already. The Sophos Intercept X product works better with these firewall solutions than other virus scanning products from different vendors. We decided to keep to the same vendor for a more unified solution.  

We started to work with Sophos Endpoint Protection originally and we are on Bonfire XG as well. It is convenient to expand out working with the brand as a partner.  

The initial setup for the product is not simple. It is medium to complex to install and setup.  

After deploying it takes only me and the customer team for maintenance. Really one person can do it. So there is just one person at my company and I have communication with one colleague at the customer site.  

We did not need outside help from a vendor to handle the deployment. I did it myself and we are a partner with Sophos.  

Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my experience with the data loss feature and how it behaves with USB drives.  

The solution is useful for protecting against ransomware and malwares.

The performance is very slow and should be faster. 

Data resources will be consumed, affecting the performance, when there is a concurrent login involving a server with multiple RDP users. 

The installation of the solution will start the 17 services involved. 

While the tech support is knowledgeable, it's response time should be faster, as it will only get back to us the day after raising a ticket. 

We have been using Sophos Intercept X for around two years.

Technical support, while knowledgeable, is not adequately responsive, as it will take a day from when the ticket was raised to receive a response. This needs improving. 

The solution is easy to install. Downloading time takes only 15 minutes.

Our technical team consists of a team leader, team manager and administrators.

The solution has around 60 licenses. 

It is cloud-based.

We have around 10 clients making use of the solution.

We would recommend the solution to others.

I rate Sophos Intercept X as a seven out of ten.

The primary use of the solution is to block threats. It contains a quick queries engine that can help us figure out where all threats are coming from.

The most valuable feature of the solution is that it is less hash-based than competitors.

I would like the solution to have more functions and to be more user-friendly. 

In the next release, the solution could have more use cases. For example, protection against ransomware.

I have used the solution for approximately one month. 

I find the solution to be stable and secure. However, there are some operational issues with the hashing algorithm.

We have 7000 uses in our organization using the solution. 

I have used Falcon CrowdStrike and Kaspersky.

The installation of the solution is straightforward and took approximately two days for tuning. 

The solution was deployed by the vendor team, using approximately three administrators.

The solution requires an annual subscription. 

I rate Sophos Intercept X a seven out of ten. 

We have deployed Sophos Intercept X in our environment, both on desktop as well as server environments. We have set up policies in Sophos. For example, there is a web console that can allow or block websites, and you choose what peripheral control you want your desktop environment to connect to. 

We use threat protection and we configure the settings to what we want to enable or disable on a particular device. If a device had a threat on it we can disable the device. 

The application control allows us to limit the application that users can install on their devices.

The most valuable feature is the CryptoGuard in Sophos. In a case of a ransomware attack, this feature comes into action to protect us. Additionally, the under interface, customization, and integration are very good.

I have been using this solution within the past 12 months.

The solution is stable.

The solution is scalable.

We have approximately 450 users in my organization.

The technical support is good.

You are able to purchase more licenses for the number of devices or servers that you require.

There are many other features available but our license does not include them, such as XDR, which is endpoint detection and response. We have not explored the new features as of yet but plan to in the coming future.

I rate Sophos Intercept X a nine out of ten.