Sophos EPP Suite Reviews

I use Sophos EPP Suite locally on a server for blocking websites and unknown applications.

Sophos EPP (Endpoint Protection) Suite has significantly improved our organization's cybersecurity posture in several ways:

Sophos' advanced threat detection capabilities have helped us identify and block sophisticated attacks, reducing the risk of data breaches and ransomware attacks.

The suite's centralized management console has simplified the deployment, monitoring, and reporting of endpoint security, saving our IT team time and resources.

Sophos EPP Suite has helped us meet regulatory requirements and industry standards, ensuring the security and integrity of sensitive data.

The suite's proactive protection and automatic updates have minimized system downtime, ensuring business continuity and productivity.

The most valuable features of Sophos EPP Suite are the security and scanning of streaming media. Additionally, the solution is simple uninstall.

The solution could improve in configuration and the central logging and dashboard.

I have been using Sophos EPP Suite for approximately two years.

The solution is stable.

We have 100 users using this solution and will increase it to 150.

Sophos EPP Suite is scalable.

I have not used technical support from Sophos EPP Suite.

Neutral

The initial setup of Sophos EPP Suite is simple and it takes more than 10 minutes.

We did the implementation of Sophos EPP Suite in-house.

There is an annual license to use the solution.

We use two people for the maintenance of the solution.

I would recommend Sophos EPP Suite to others.

I rate Sophos EPP Suite an eight out of ten.

We primarily use it for endpoint protection. 

The anti-ransomware engine and the crypto-guard capability are most valuable. 

DeepGuard and CryptoGuard, those engines, basically shield against encryption attempts. They detect and block suspicious behavior before your files get locked.

The network isolation feature is brilliant. Sophos firewalls work seamlessly with the endpoint suite. If a threat pops up anywhere on the network, the firewalls and endpoints communicate instantly, allowing us to isolate the infected device and stop it from spreading.

The solution needs to perform better or update its anti-ransomware and anti-malware engines to keep up with the latest hacking techniques.

So, I would like to see a better update on the anti-malware engine.

I have been using it for three years now. 

It is a stable solution. I would rate the stability a ten out of ten. 

It is very scalable. I would rate the scalability a nine out of ten. 

My clients are a mix of small, medium, or enterprise businesses.

There is room for improvement in the support. More easily available contact numbers would be good.

Positive

I would rate the initial setup experience a nine out of ten, with ten being very easy.

The deployment time depends on your environment. For a full site, it will take eight hours using Group Policy Objects (GPOs) to push it through as long as all machines are on the network simultaneously. Otherwise, it'll take longer.

The pricing is reasonable. The license cost depends on the number of employees you cover.

I would suggest opting for a fully cloud environment, as it's a cloud-based infrastructure.

Overall, I would rate the solution an eight out of ten.

We use the solution for our internal antivirus protection and traceability. One of the main reasons we use the solution is to identify problems in case of any issues with the endpoint or cyber-attacks.

The product’s selling point is its ability to protect against zero-day threats and its integration with the firewall.

We do not quite like the product. There are a lot of limitations to it. It is a hassle every time we want to unlock it. We need to uninstall the license to move to another endpoint. It is troublesome to uninstall too.

Sometimes, we need to call support because the product doesn’t work properly. There are limitations to the product’s analytics and traceability too.

I have been using the product for about two years.

We face glitches occasionally, but it is not too frequent.

About 20 people use the solution in our organization.

The customer support is okay.

Before Sophos, we used Kaspersky.

The initial setup is simple.

The pricing is not cheap. When compared to Fortinet, the renewal and subscription is quite expensive. I rate the pricing a two or three out of ten.

The solution is cloud-based. I rate the solution a five out of ten.

Our customers mainly use the Sophos Endpoint Protection Suite for an all-rounded solution, including simple DLP, next-generation firewall, antivirus, EDR, and rollback capabilities for ransomware.

Sophos EPP Suite provides effective threat detection by identifying suspicious behavior and terminating malicious processes. It also offers rollback capabilities for ransomware, which is not available in some other antivirus solutions.

The AI and EDR features are the most effective for threat detection and security. The behavioral-based AI can recognize suspicious activities and terminate malicious processes. The rollback capability for ransomware is also a valuable feature.

The resource usage of the agent should be less intensive on the CPU and RAM. This would make Sophos EPP Suite a better antivirus solution, especially for clients with only the minimum required specifications.

I have been working with Sophos Endpoint Protection Suite for over two years.

I rate the stability of Sophos Endpoint Protection Suite as a seven. It can be resource-intensive, consuming significant CPU and RAM, which can affect performance.

I have not faced any scalability issues. Even if the number of licenses exceeds the limit, Sophos EPP Suite still provides coverage for all endpoints.

For tech support, I rate it between seven and eight. It might take some time to get a response, however, the support is considered good.

Neutral

Previously, I worked with McAfee, an on-premise solution where the agent could be pushed directly from the antivirus server.

Setting up Sophos EPP Suite is relatively easy, and I would rate it as a nine out of ten. The deployment process for one PC takes about 30 to 40 minutes, considering the time needed to download signatures and files from the cloud.

The response time of Sophos EPP Suite is effective if the customer has their security operation center (SOC). Proper alerts are generated and can be analyzed by security operation engineers.

Sophos EPP Suite is relatively expensive. If I were to rate the cost, it would be an eight out of ten.

I have evaluated other vendors. That said, currently, I only have experience working with Sophos EPP Suite.

The protection offered by Sophos EPP Suite is versatile. It can detect hidden Trojans before they execute and protect vulnerable versions of Windows from exploitation.

I'd rate the solution nine out of ten.

We use the product to protect our endpoints, including PCs, laptops, and servers, from threats like malware, viruses, and grayware. It is a smart and well-integrated solution. 

The most valuable aspect of the product is stability, particularly when properly sized for endpoint use.

There could be more integration included in Sophos EPP Suite.

I rate the platform's stability a ten out of ten.

We have ten companies as our customers for Sophos EPP Suite. It is a scalable platform.

The technical team is very smart, intelligent, and helpful.

I followed the step-by-step on cloud implementation process mentioned in their technical documentation.

We've explored various vendors like Sophos and Kaspersky, among others, to meet our security needs.

Our experience with Sophos has been notable; it's database-driven and efficiently integrates to inspect and protect us against biases, malware, and attacks. It is a good solution for smaller companies. One key feature is the seamless integration between Sophos EPP Suite and the firewall. When a compromised host is identified, this information is swiftly relayed to the firewall, enabling proactive protection for other endpoints and machines across our network.

I rate Sophos EPP Suite a ten out of ten. It is a useful tool in terms of availability. We can renew or buy new licenses within a minute.

We use Sophos EPP Suite to prevent our clients from getting malware.

It was successful in preventing malware distribution. We have a large number of clients, over 13,000 in total, and we serve the majority of them.

Sophos EPP Suite doesn't really have a lot of features.

This signature-based malware prevention method is a little out of date. We are currently attempting to migrate to a newer, cloud-based solution in which we not only use signature-based antivirus scanning but also EDR with processes and similar tools to better recognize potential attacks, which is what the actual version cannot do.

It has not been developed in the last few years.

There are also issues with the compatibility of the OS. When using Sophos with Windows and devices, most of them work well, but as soon as we work with macOS and Linux, many issues arise that we do not want to have.

macOS is incompatible.

I have been working with Sophos EPP Suite for 10 years. It was already in place when I joined the company.

The server has never been as stable as we would have liked. It is one of the reasons why we would like to move away from Sophos and toward a completely new solution.

The support is deteriorating.

We use the previous version, which will be phased out next year, the Sophos Central console. It's Intercept X's on-premises version.

The initial deployment was completed entirely in-house, either through our software distribution, Barramundi or through the use of any custom script.

The infrastructure is currently maintained by myself, a single person, under the current solution. We have a central server console to which all clients connect, but we also have 14 support groups with their own admins for each department, where they manage their own devices.

In terms of pricing, it's not because I don't care about the cost; I simply tell them what we require, and someone else will obtain the necessary license.

This problem is that it is no longer implementable because, as previously stated, it was out of sale last year and will be obsolete by next year. If they have to go to the new central solution intercept one, which I have only had limited experience with up to now, So there's nothing I could really say to other potential customers.

Keeping in mind our environment, I must say that we have a very complex environment at our university. And from that perspective, I would rate Sophos EPP Suite a five out of ten.

We use the Sophos suite for a lot of things. We use it for the DLP and we can use it for the EDR. We use it for mobile device management and in application control as well. Those are some of the main uses of the application.

The solution's most valuable aspect, for us, is the DLP portion of the product. 

It's just a good endpoint solution. I can't say that it's better or worse than any other product, however, it has a pretty good feature set. There are good rules, etc.

That application, so far, is actually able to tell us if there are any issues with the machine and what they are.

I'm not sure if the solution is missing anything. For us, it seems to be covering our needs quite well.

The solution has a strange technical support process where you need to move through all of these tiers before you can get to someone who can help you. They should streamline the process and make it easier to speak to the correct level of support from the outset.

SentinelOne has what they call a rollback feature. It would be great if something similar was added to Sophos.

We've been using the solution for the past six months.

We've only been using the solution for six months. That said, it appears to be stable. We haven't had any issues. There aren't bugs and glitches, at least, not that I've experienced. It doesn't crash. It's been good.

So far, we've been able to scale the solution quite well. In terms of where we are right now, it's scaling quite well to other parts of the organization, and the experience has been pretty painless so far.

We've probably got about 700 to 800 people on it so far. We have administrators, and then first-level users, which I guess are just reviewers or support, and then support teams. That's probably about it. The security team, which is what I'm a part of, too, has access to the solution for reporting purposes.

We've been in touch with technical support.

They're very responsive and very timely in their responses. We find them to be quite knowledgeable as well. That said, you hate everything with the first level call and the second level call and the third level call. However, for the most part, they're very timely.

This is our first EDR solution, I probably don't have much to compare it to.

The initial setup was not complex at all. It was a straightforward implementation. Everything was very simple.

We handled the implementation ourselves completely in-house. We didn't hire any integrators or outside consultants.

I'm not sure of what our licensing costs are. There are two and three-year packages available. I know we took a three-year package with a large discount applied to it. I'm not sure if there are different tiers, like silver or platinum. There might be. I don't know what the differences would be between them if there are.

I've seen other solutions such as SentinalOne, Carbon Black, and McAfee. I've seen them, however, to be truthful, I can't really explain what I'm missing and what features these options offer instead.

We're just a Sophos customer. We don't have a special relationship with the client.

We're using the latest version of the solution.

In terms of adopting this technology, I'd advise other organizations to work with their integration team and know the products in and out before getting started. They will have to spend a lot of time planning the process with Sophos. However, Sophos has a team that will help companies do that, which really helps simplify the process.

We personally didn't use them for the integration piece, but we did have the conversation with how to get it deployed, and testing, and all those kind of things within our environment.

I'd rate the solution nine out of ten.

The main use case of this solution is for endpoint and crypto protection as well as protection against threats like ransomware and zero-day attacks. I'm a senior system administrator.

The solution has helped us by preventing attacks. 

We can control the application usage of users from the endpoint because for users not under the firewall, particularly those working from home, we have good control and can implement policies and on-the-web control as well as the other file sharing applications. We can also have policies for external device connections and read-write access. They are great functionalities. When there is malicious code or malicious attachments on emails, Sophos is very good at blocking those attacks. 

I'd like to see some kind of delegated administration privileges for large organizations and differential permissions for admins. We've had some issues with Macs accessing parts of the website and it was difficult to tackle the situation because the support was not able to adequately solve the problem. They gave us workarounds rather than providing a properly tested solution. The customer support is a little slow and could be improved.

I've been using this solution for four years. 

This is a stable product. 

The scalability is reasonable. If the company grows we'd be likely to add more endpoints with the increase in usage.

The Sophos customer support needs to be improved. 

Neutral

The previous solution we used didn't provide ransomware protection. In comparison to Sophos, it was difficult to deploy, scale, and manage. It was completely in-house including the server and it became a nightmare to manage the systems and the notes.

The initial setup was pretty straightforward because we deployed in-house through the MSI. We had two engineers who carried out the implementation. We have a presence in several countries. Deployment in our main office in Dubai took two days. The remainder of the setup took a week because of the different time zones which required some management along with the technical aspect.

The ROI comes from the functionalities. If you have multiple functionalities along with endpoint protection, you get ROI.

We're paying about $US 8,250 annually for 190 endpoints. Technical support is included in the license. The price has gone up significantly so it's relatively expensive. 

The other solution we evaluated was Trend Micro. 

It's important to plan the organization level access and permissions, make sure they're clear and create the policy accordingly. Talk to the stakeholders and get it approved. Otherwise, users might complain that it's not working. 

I rate this solution seven out of 10.