I'm the technical director and we are partners with Sophos.
Technical Director at a security firm with 1-10 employees
A very good detection rate, good security metrics and AI
Pros and Cons
- "Offers artificial intelligence, security metrics and a lot of information gathered to make decisions."
- "Needs more flexible reporting, particularly for medium to large size companies."
What is our primary use case?
What is most valuable?
This solution is an EDR antivirus with some artificial intelligence, security metrics and a lot of information gathered to make decisions. Without Intercept X, I think Sophos would have lost the antivirus fight and stayed as a UTM vendor. The solution has a very good detection rate. With the new threats, if you don't have Intercept X, you won't be protected from attacks.
What needs improvement?
I think this solution needs more flexible reporting, particularly for medium to large size companies and I'd like to see some varied options for making reports. Communication with all the antivirus vendors could be improved. We need lateral communication with other antivirus and security products. We need to communicate from one site to the other, possibly nothing will be required as a result, but it would be good to have this information and to have it easily transferred.
What other advice do I have?
I rate this solution a nine out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Associate Vice President - IT Corporate Support, IT Security, and Data Privacy at a outsourcing company with 10,001+ employees
Good detection recommendations, good patching and pretty decent protection capabilities
Pros and Cons
- "The patches on offer are very helpful."
- "We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely."
How has it helped my organization?
We upgraded the EDR and so far it's doing good. It patches the things that we weren't able to patch in previous antivirus hardships.
What is most valuable?
The solution has very useful response modules where we can get the recommendation on what needs to be done every day around detection.
The patches on offer are very helpful.
It's pretty good at protecting us as an anti-virus.
What needs improvement?
We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely. Due to this issue, when we installed Intercept X, we had installation conflicts. The company needs to figure out a way to make installing their old products easier and more complete.
For how long have I used the solution?
We bought this solution in the middle of last year. It hasn't been an extremely long amount of time.
How was the initial setup?
The only issue we had with Sophos during installation was a problem around removing old versions of Sophos products from machines so that we could properly install Intercept X. There seemed to be some residual aspects of the older version, and that affected our ability to install the newer version. It was quite a headache for us.
Which other solutions did I evaluate?
We've been looking at Symantec and have been looking for information to compare it to Sophos. We're trying to decide which of these we'd use as the standard solution.
What other advice do I have?
We're just a customer and end-user. We don't have a special business relationship with Sophos.
Overall, I would rate the solution at a nine out of ten. We've had a very positive experience so far.
Aside from issues with overwriting old Sophos versions, it's been a pretty solid product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Intercept X Endpoint
October 2024
Learn what your peers think about Intercept X Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
System Integrator IT Manager at Tecnimex S.r.l.
It is very stable and I like the monitoring I get over my clients
Pros and Cons
- "A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
- "The initial setup was not very user-friendly."
What is our primary use case?
Our primary use case for this solution is to offer a complete and monitored solution regarding ransomware protection to all my clients & servers.
How has it helped my organization?
Sophos improved our organization allowing us to setup a very efficient solution, cloud managed, introducing a new modern concept: Syncronized Security (between Firewall and end-point)
What is most valuable?
A valuable feature offered by Sophos is called Naked Security and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client. So we have a central management console where we can observe and act and manage all our customers. It's like a proper perfect solution.
What needs improvement?
Something that could be improved is to better integrate all different platform available at the moment (not only allow pcs, servers but also other o.s. platforms, Android & IOS and so on too). It should be more user-friendly, automated and able to manage and analyze the logging of the operation, provided that Intercept X is one part of a more complete security solution (Syncronized Security - between firewall, endpoint, mobile devs). Logging & reporting is very important for us, especially in Italy.
For how long have I used the solution?
We've been using Sophos Intercept X ( /products/sophos-intercept-x-reviews ) for two to three years now on public cloud.
What do I think about the stability of the solution?
I am satisfied with the program's stability. There were some maintenance problems, but very rarely. We generally receive an alert from Sophos when there will be maintenance operations, so we can plan accordingly.
What do I think about the scalability of the solution?
The program is very scalable. We have about 300 computers, servers, work stations and mobile devices in our company. We have one staff member who is responsible for maintenance. We are all system integrators in our office and we plan to increase our usage soon.
How are customer service and technical support?
The support wasn't very good initially, but they became better. Compared to other brands' support, I'm quite satisfied about the support we get now.
Which solution did I use previously and why did I switch?
We used a few different products to achieve one objective, but now, with Sophos Intercept, we've solved our problem, reducing dramatically manual monitoring activities.
How was the initial setup?
The initial setup was not very user-friendly, but it improved during the evolution. It was rather difficult at first. Our deployment took half a day. Especially if we consider the Intercept X inside the final solution. We had to plan the setup. It all depends on the number of clients, of course. We did everything by ourselves because we are certified partners; we don't need external consultants.
What's my experience with pricing, setup cost, and licensing?
We pay an annual license fee.
What other advice do I have?
My advice to others would be to get certification over time because without certification, it's not so easy to setup and use. Users should familiarize themselves with all the features of the program. On a scale of one to ten, my rating is nine, because of the few missing features that I think should be added in a close future.
Disclosure: My company has a business relationship with this vendor other than being a customer: Silver Solution Partner
Managed Services Mng at a computer software company with 1,001-5,000 employees
A solid solution that has a good common dashboard feature
Pros and Cons
- "I am impressed with the tool's common dashboard feature. The solution is also easy to deploy and manage. Reporting is also easy with the software."
- "The tool should be made compatible with Linux and Microsoft operating systems."
What is our primary use case?
We use the tool for complete surface deployment. My company uses it not only to manage endpoints but for mobile management as well.
What is most valuable?
I am impressed with the tool's common dashboard feature. The solution is also easy to deploy and manage. Reporting is also easy with the software.
What needs improvement?
The tool should be made compatible with Linux and Microsoft operating systems.
For how long have I used the solution?
I have been working with the tool for five years.
What do I think about the stability of the solution?
The product's stability is really good. It is a solid solution. I would rate the solution's stability a nine out of ten.
What do I think about the scalability of the solution?
The tool is scalable. I would rate its scalability a nine out of ten.
How are customer service and support?
The product's tech support is good.
How was the initial setup?
The product's deployment is easy and straightforward. The tool's deployment is quick and gets completed in an hour.
What's my experience with pricing, setup cost, and licensing?
The solution offers both a three-year license and an annual license. I would rate the product's pricing a one out of ten.
What other advice do I have?
I would rate the solution a nine out of ten. The tool is a really good product. If you are looking to use the solution, give it a try. You will not be disappointed with its use. Most of the tool's competitors have either difficulty in management or installation. We have used all of them.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Founder and Managing Partner at a tech services company with 1-10 employees
Responsive support, compatible with multi-platforms, and highly scalable
Pros and Cons
- "The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
- "There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device."
What is our primary use case?
We are using Sophos Intercept X for network and system security.
What is most valuable?
The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform.
Most of my clients I have central management, they receive updates automatically.
What needs improvement?
There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device.
For how long have I used the solution?
I have been using Sophos Intercept X since it has been released, it has been many years.
What do I think about the stability of the solution?
Sophos Intercept X is very stable. However, we had a few issues when Apple released Big Sur. At the time the version of Sophos Intercept X that was running on the Macs wouldn't work properly with Big Sur. We had to install a beta, but that problem was resolved fairly quickly.
What do I think about the scalability of the solution?
Sophos Intercept X is highly scalable.
How are customer service and support?
I have found the Sophos office staff to be far more responsive than other vendors, such as Sonic Wall which is awful. I dealt with them for a number of years and I finally couldn't stand it anymore. I felt that Dell destroyed them.
I have been very pleased with tech support. As a partner, I have access directly to their engineers and developers. Their technical support is superior.
How was the initial setup?
The initial setup is very straightforward.
In the centrally managed environments, you create a downloadable install that you can either email to the end-user or, can have available on thumb drives for customers to install. Once it's installed, it's automatically kept up to date with the most current version.
What's my experience with pricing, setup cost, and licensing?
The price of Sophos Intercept X is competitive.
What other advice do I have?
I'm looking at moving to the EDR version of Sophos because I have a number of clients that have extremely critical data. One of them handles a lot of money for their clients, and the others are lawyers. The security of not only their own information, but their client information, is critical to them. The Intercept X EDR offering is starting to look like it might be a good solution for several of them because of the live monitoring of the threat attempts on their endpoints.
The EDR is an additional managed service that's a component of the antivirus, where depending upon which level you choose, you either have a team that is monitoring responses from your system, or at a higher level, you have dedicated resources that are monitoring your systems. If there's an alert, they immediately respond to that alert and research it, not only quarantine it, the AV quarantines it, but with the EDR function, it alerts the Sophos team that there has been a potential issue, and they'll immediately begin to research it.
My advice to others would be to use centralized management because it makes it much easier to implement, manage, track the installations, and the day-to-day usage. With the central management, you can see every PC or Mac that's connected, any activity, and any issues. You can narrow any issue down to the computer if it's had to quarantine anything. Additionally, you can tell how long it's been since the computer last communicated. It's a very powerful tool, I would recommend it. To the extent their clients are willing to accept the central manager, it is the best option.
I rate Sophos Intercept X a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
CIO at a financial services firm with 11-50 employees
Protects our devices from viruses and other forms of malware
Pros and Cons
- "It does its job — it protects us from viruses. We don't really interact with it very much."
- "It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
What is our primary use case?
We use this solution to protect all of our computers against viruses — malware in general.
What is most valuable?
It does its job — it protects us from viruses. We don't really interact with it very much.
What needs improvement?
It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources.
We're interested in some behavioral analysis regarding activities on all of our networks so that we can anticipate intrusions and problems before they occur. My understanding is that Sophos doesn't provide such a facility. Darktrace seems to offer an artificial intelligence solution along these lines.
For how long have I used the solution?
I have been using Sophos Intercept X for roughly two to three years.
What do I think about the stability of the solution?
This solution seems very stable. We just installed it and forget about it.
How are customer service and technical support?
On the rare occasion that we've asked for help, the IT support company has delivered.
What about the implementation team?
We have a company that provides IT support for us. They recommended it and they set it up. All we had to do was install the agent on each laptop, which was a pretty easy thing to do.
What's my experience with pricing, setup cost, and licensing?
The price of this solution is reasonable.
What other advice do I have?
Overall, on a scale from one to ten, I would give this solution a rating of eight.
I would recommend this solution; it does its job as far as I'm aware. I can't tell you if it's better or worse than other software packages for security. It's the one suggested by our IT services provider. It seems to do the job. We're a bit bothered about the performance hit on the laptops, but other than that, it seems fine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Inside Solutions Architect at a tech services company with 1,001-5,000 employees
Good price with robust and stable cloud console
Pros and Cons
- "What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
- "Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
What is our primary use case?
Our primary use cases for Sophos Intercept X are endpoint protection, corporate enterprise endpoint protection, EDR, and endpoint detection and response. And if you add the Sophos MTR to Sophos Intercept X, you could do managed threat response, as well.
What is most valuable?
What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware. Sophos Intercept X has great exploit prevention capabilities.
What needs improvement?
Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention.
For how long have I used the solution?
I have been using Sophos Intercept X for four or five years.
What do I think about the stability of the solution?
Sophos Intercept X is stable. The cloud console they have been creating for a while is both stable and robust.
What do I think about the scalability of the solution?
Sophos Intercept X is definitely scalable for all enterprises, from small to large.
How are customer service and support?
I do not engage with Sophos Intercept X's technical support too often. I would say that they are okay. They are certainly not the best out there or the worst, so they are good.
How was the initial setup?
The initial setup is straightforward in terms of the ability to integrate with an active directory and add users and put them into a default profile. You have to do a bit of learning to know which additional settings to activate sometimes, but the default settings are a good start.
What's my experience with pricing, setup cost, and licensing?
I would say that Sophos Intercept X is comparable to other solutions out there, but it is a premium business product. The pricing reflects that.
What other advice do I have?
If you are using other Sophos technology, it is worth it to take a look at Sophos Intercept X because of the integration and XDR technology capabilities.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
System Integrator, Sr Security Engineer at a tech services company with 51-200 employees
Good, reliable, and easy to deploy with zero-day protection and lesser price than other solutions
Pros and Cons
- "We find all features valuable. It has zero-day protection, which is the most valuable feature of Intercept X. We have Intercept X with EDR. EDR is a very important feature. It gives an idea about the source of a particular attack. An administrator gets to know everything, which helps in understanding the things that need to be done or protected in the organization. Based on this information, an administrator can decide what needs to open or allowed in the network. Without EDR, Intercept X is like an antivirus, and the administrator won't get to know the things going on at the organizational level. I recommend purchasing an EDR solution for every organization."
- "It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day. We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person."
What is most valuable?
We find all features valuable. It has zero-day protection, which is the most valuable feature of Intercept X.
We have Intercept X with EDR. EDR is a very important feature. It gives an idea about the source of a particular attack. An administrator gets to know everything, which helps in understanding the things that need to be done or protected in the organization. Based on this information, an administrator can decide what needs to open or allowed in the network. Without EDR, Intercept X is like an antivirus, and the administrator won't get to know the things going on at the organizational level. I recommend purchasing an EDR solution for every organization.
What needs improvement?
It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day.
We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person.
For how long have I used the solution?
I have been using Intercept X with EDR for the last one year. We have its latest version. It is automatically updated through Sophos Central.
What do I think about the stability of the solution?
If an endpoint has at least 4GB RAM and the latest OS, the stability and performance are better. If RAM is too less, there is slowness.
What do I think about the scalability of the solution?
We have implemented it for so many customers. One of them has more than 1,500 users. In an on-prem solution, scalability could be challenging. For example, if you are using 1,000 endpoints and want to add 500 more, you need to expand the server memory or RAM. In a cloud solution, you don't need to do any such thing.
How are customer service and technical support?
They have a very less number of people in their technical team. When I call the Sophos team, it takes more than half an hour to connect to a technical person, which is very challenging. We should be able to get through to them quickly.
How was the initial setup?
Its initial setup is fine. If an end-user is using an old OS version, you need to download the latest patches and all other things. For Windows 10 and higher versions, only the client is downloaded from Sophos Central, and it will automatically sync with the cloud.
What about the implementation team?
I have implemented this solution for so many customers. I am pretty confident in the implementation of Intercept X.
What's my experience with pricing, setup cost, and licensing?
Its price depends on the scenario. It is very expensive, but it is not more expensive than other vendors. The price of Check Point and other vendors is much higher than Sophos.
What other advice do I have?
I would recommend Sophos Intercept X as well as Check Point.
I would rate Sophos Intercept X a ten out of ten. It is a good and reliable solution.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) ZTNA Managed Detection and Response (MDR) Extended Detection and Response (XDR) Ransomware ProtectionPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Elastic Security
Symantec Endpoint Security
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
Buyer's Guide
Download our free Intercept X Endpoint Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Sophos Intercept X or Symantec End-User Endpoint Security - which is the better solution?
- Can Sophos Intercept X and Carbon Black be used side by side on endpoints?
- Which endpoint solution is more effective in terms of protection and remote administration: Sophos Intercept X or Kaspersky Endpoint Security?
- How does Crodwstrike Falcon compare with Sophos Intercept X?
- Sophos Intercept X: renewal cost for a security system integrator
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?