Sophos Central Reviews

It is primarily used to centrally manage endpoint security solutions on end-user machines. This means organizations can use it to apply and enforce security policies and manage various security features like antivirus, anti-malware, data loss prevention, and other Sophos security components on the endpoint devices used by their employees or users.

The interface, especially when using the software center, is quite user-friendly and easy to navigate. Managing security policies within it is a seamless and straightforward process, offering a smooth experience.

There are situations where manual intervention is necessary, particularly when dealing with certain types of threats. While many security processes run smoothly, in cases of specific attacks that aren't automatically resolved, the need for manual intervention arises. Improving the response time of the customer support team would be beneficial.

I have been working with it for over eight years.

It is quite stable, with only potential issues that might arise when specific Windows updates or packages cause problems, in which case you may need to collaborate with the Sophos Central support team to address them. I would rate it nine out of ten.

It provides excellent scalability. Everything is centralized, and the scalability depends on your licensing. Customers don't have to invest in network infrastructure or data centers to expand their security solutions.

The support is decent but not exceptional, particularly when compared to the capabilities of the software itself. If I were to rate it, I would give it a seven out of ten.

Neutral

I've had experience with both on-premise solutions and Symantec. When it comes to the management aspect, Sophos Central stands out as the better option. However, as a product and considering the overall capabilities of the company, I must say that Symantec is also an excellent product.

The initial setup is quite straightforward.

You can easily set up a user account in Sophos Central, and based on the user's operating system, you can swiftly download the client. Installing it on the machine is a simple step, and it will automatically connect to the central dashboard, displaying all the necessary information. Deployment is hassle-free and user-friendly. Setting up the portal is usually a quick and straightforward task, but it can take longer when dealing with a large user base, like hundreds of thousands. Even with many users, the process is relatively smooth. Managing numerous users can be more challenging, but deploying directly from domain controllers is an option. The primary aim is to ensure the overall system's security. For a case involving around five hundred users, the setup may take approximately three to four days. Maintenance is relatively hassle-free, and overall, it's quite easy to manage.

When compared to the market, it's relatively more cost-effective. You only need to pay for the license, which includes everything. However, if you require managed services, such as MTR with a dedicated support team providing live sessions, there are additional licensing costs involved.

It ultimately comes down to the customer's preferences and budget. If a customer prefers to handle every alert, incident, and threat on their own, that's perfectly acceptable. However, if they require premium support, then they should opt for services like MTR. The choice depends on their specific needs and the resources they're willing to allocate. Overall, I would rate it nine out of ten.

While the platform offers a comprehensive suite of security features, its central role in our scenario revolves around safeguarding our extensive network of endpoints.

It is a cloud-based security solution with a flexible deployment that accommodates local servers and updates caches for minimized internet traffic. The user-friendly interface simplifies tasks like configuring exclusions and root cause analysis. The product goes beyond antivirus, offering granular control over peripheral devices, application management, data loss prevention, web filtering, and updates. It ensures a phased update rollout and provides Extended Detection and Response functionality, including a cloud-based data lake for threat hunting. Sophos Central also manages Sophos firewalls, aiming to be a comprehensive security solution with a single-pane-of-glass approach.

The level of protection offered by this antivirus product is highly commendable. One notable aspect is its innovative approach to file scanning, utilizing intelligent HTTPS mechanisms for real-time insights into files. This next-gen antivirus product stands out by eschewing reliance solely on static properties or files, a departure from traditional antivirus models that relied heavily on signatures. The product ensures constant communication with Sophos labs, providing the latest intelligence about files through a feature called "Live Protection." This real-time connection, coupled with the integration of artificial intelligence, specifically deep learning, enhances its effectiveness. Moreover, the ability to export this information into a CSV file, detailing all the relevant files, processes, and other executable-related information, adds a layer of sophistication.

I've encountered minor challenges in grouping endpoints for policy applications. It currently lacks synchronization with centralized identity management platforms, but users can request features, and integration is reportedly in progress. Additionally, Sophos Central can be resource-intensive, demanding servers with a minimum of eight gigabytes of RAM, which may pose considerations for larger organizations dealing with legacy applications tied to specific OS and hardware configurations.

I have been working with it for four years now.

It is generally stable, with very rare issues. In my four years of directly managing it, I can't recall a significant instance where we were unable to access the console or modify settings. If there were any such occurrences, they were likely brief, and Sophos provides a dedicated Sophos Central status page for users to check the infrastructure's status. However, I must be honest about recent experiences—we've encountered some bugs, particularly with threat alerts, such as unknown threats, and we've communicated these issues directly to Sophos. While these bugs are typically version-specific and resolved with upgrades, there has been an uptick in such issues recently, which has been reported to the development team.

It is highly scalable, allowing easy expansion as needed. Creating different service states and consoles is straightforward, and establishing the relationship between a console and its assigned endpoints is simple. The ease of deployment ensures endpoints are efficiently placed in the correct groups, crucial for applying the right policies promptly.

When seeking technical support for Sophos Central, initial interactions typically involve level-one engineers, and may sometimes take time to reach the right experts. There are instances where I proactively provide comprehensive details, yet initial responses request information already shared. Despite such minor issues, specifying the priority of the problem helps streamline the process. If you can connect with the right people promptly, support is generally good. To refine the rating, considering level-one engineers, I would rate the support experience at around seven out of ten.

Deployment in our environment is streamlined through a single source using a compact file. This file is shared with our deployment team for execution. The deployment team requires either internet access, access to the Sophos portal, or an in-house setup for update caching, also known as message relay in certain network configurations. In cases where the network is restricted and lacks internet access, the deployment team utilizes message relay, functioning as a proxy between the endpoints and the Sophos cloud. This deployment approach is flexible, accommodating both on-premises and cloud components. Essentially, we initiate the installation with a small local installer file, and the subsequent files are retrieved either from an update cache or directly from the internet, making it a seamless process for our large-scale deployments. The process is adaptable and caters to various business functions through dedicated consoles. Using a scripted "blank installation" method, deployment is tailored to specific service states, ensuring endpoints align with the correct policies. Policy management during deployment is efficient, allowing for seamless assignment to relevant groups. The maintenance is straightforward due to its cloud-based nature, minimizing on-premises infrastructure needs. Periodic checks and verifications within the console simplify the process, making it hassle-free, especially when no specific network architectures require on-premises components.

Meticulous planning is essential before onboarding devices onto Sophos Central, involving careful grouping and allocation to dedicated consoles or sub-states. Migration from another product requires precise policy migration, facilitated by Sophos's CRT. Mass deployment is streamlined, especially if the old product's central protection is disabled. Sophos Central extends beyond antivirus, offering cloud security and XDR functionalities, seamlessly integrating with SOC teams for effective EDR and XDR. The platform, known for scalability and user-friendliness, supports advanced features like threat hunting and live response. Continuously evolving, it consistently introduces new features through ongoing development. Overall, I would rare it eight out of ten.

We use Sophos Central for security. 

We used to get malicious attacks from mail before using the solution. 

Sophos Central helps us against intrusions and security. 

The program slows down when you try to control or visualize multiple systems. 

I rate the product an eight out of ten. 

We use the product as a management console to manage Sophos products such as firewalls and WAP. It is a reporting tool that offers centralized reporting for your products. 

Sophos Central is cloud-based, which allows the administrator to control everything from anywhere. It is free for most of the products except the firewall. 

The tool is slow in the Middle East region. It should also integrate custom reporting. 

I have been working with the product for four years. 

Sophos Central is mature and effective in capturing malware. 

The product is scalable. 

Sophos Central is good and available 24/7. 

Sophos Central's deployment is easy if you have the internet. It takes two to three minutes to complete. You can schedule the maintenance updates. 

The tool's pricing is good. 

I rate Sophos Central an eight out of ten.