Sophos EPP Suite Reviews

The solution is used for endpoint protection and recovery. We have XDR.

We also use firewalls and access points. The product interacts well with other Sophos products we have.

We are getting too much logging sometimes. The logging issues must be fixed. We need more control over loggings. The solution must provide integration with SIEM solutions.

I have been using the solution for five years. I am using the latest version of the solution.

I rate the tool’s stability a nine out of ten.

I rate the tool’s scalability an eight out of ten. In my organization, 300 people are using the product. Depending on the growth of our organization, we might increase the usage.

Five to six years ago, we used McAfee and Trend Micro.

It is a cloud solution. Sophos has its own cloud environment. We log in to the Sophos environment and manage configurations and log-ins. I don't know where it is hosted. It has an agent on the endpoints. We need to install the agents. It is done remotely from Sophos or by Microsoft Intune. We have a connection to Intune.

It took us a few minutes to deploy the agents. There’s not much work for us when we roll out new devices. We do a bit of maintenance. Maintenance is done automatically by Sophos. We only have to ensure that the adjustments are right on the dashboard within the Sophos environment.

The tool’s price is the same as its competitors. It is not the cheapest, but it is not the most expensive. I rate the pricing a five out of ten.

We evaluated Microsoft Defender. It was not very clear to use. Sophos was easier to manage.

The firewall management is on the local dashboard, but it is also manageable on the cloud. We have a solution provider who provides us with technical support. I will recommend the product to others. We have no problems with Sophos. We have had no ransomware attacks. Overall, I rate the solution an eight out of ten.

Earlier deployments were on-premises, but we have worked on the on-cloud and on-prem setup phases wherein the use cases were about protecting all the endpoints as there was a, you know, increase in the remote work-from-home and office happenings. There was a requirement for a customer to track the endpoints as well and not give them access to pen drives or any other things as it was an office setup or office assets. So that's the kind of policy I have created. Also, use cases included in a way, like, some URLs had to be blocked, certain URLs should not work while ensuring that applications are secure. So, whatever applications an IT administrator is providing, we have to give access to the applications. There was one of the use cases wherein some users were trying to do a POC on simulators, where the attack would be generated in certain machines, and how Sophos is trying to protect that. So, they wanted to see that. So that was also being evaluated from my end. Sophos proved around seventy percent protection score, while the other antivirus solutions were not able to do that. With the value added by Sophos, we can say that Sophos is very big in terms of endpoints.

It has web gateway protection. It can filter out at the granular level for the URL filtering and everything. So it can also give you all the detailed reporting wherein what file has been executed. Also, it has a lightweight agent wherein it has a huge database where it is constantly upgrading. Based on that, it becomes effective in catching certain threats.

The update part is a bit tricky in the solution. Sometimes what happens is the client thinks that the agent is holding, causing the CPU or memory to spike up. So that is where the issue occurred, which was reported earlier. In short, the solution's update part's shortcoming is an area to be improved.

There should be granularity in terms of filtering. So, if you say application-based filtering, then there should be some layer-7 filtering added.

I have been using Sophos EPP Suite for five to six years.
My company is an SI for the solution. Also, I am using the solution's latest version.

The agent was creating the features. So, the memory of their laptop was spiking. In terms of the cloud, there is a bit of lag whenever we try to log in on Sophos, which is not that much, but sometimes I figure out when that is there. If you log in, you have to wait for some time until the circle spins up before setting up the dashboard. So it takes some time, even though if you apply certain policies, it takes some time to get onto the system.

If you have purchased a license for two hundred users, and then the customer says that there is a sudden increase in our recruitment after three months, because of which four hundred people have to be hired. Then, you can suggest or ask to get them to get an add-on license from Sophos. So then, they will provide a hundred users based on the remaining timelines. Like, suppose you have purchased for three years and one year has already passed for those endpoints, then you add it for two years for those hundred new users, and you'll get the licenses. So, its scalability is good.

Scalability-wise, I rate the solution an eight out of ten.

One of our clients was large, with one thousand users, and others were midsized, with around three hundred to five hundred users.

The support is not that good. The support's approach needs to be changed, especially from their end, because even though you try to send a mail or you do a phone call, based on the severity, the reply never comes from their end. I mean, it takes around two minutes for a person to reply. Initially, I have only done the research and development part to resolve the issues.

I rate the support a six out of ten.

Neutral

Speaking of compatibility, it is not compatible with Windows 10, which is pretty much understandable. Microsoft itself is at an end-of-life stage. So, it will not support that kind of environment, and the agent can be installed on Windows 10 or a higher version. I have faced these challenges wherein it was a legacy system of Windows 7, and the customer was trying to install it on that. After checking with the product management team of support, they mentioned it would not work.

The setup is very easy, which takes around twenty minutes to set up the cloud setup and the licensing portal. Then, if you talk about the agent, the agent will also take around twenty minutes or fifteen, or twenty minutes depending on the speed of the desktop or laptop. Regarding deployment, it takes, like, forty minutes to deploy completely. For one agent, if you wanted to install it on a large scale, then there should be involvement of the servers team which will use WSUS to import those files and try to execute with the script. So for a particular one agent or two agents, it might take around, like, half an hour, especially if you are very well versed with it and if you create certain policies. So, policy creation is also very easy. Instead of using the default policy, we can use or create our clone, basically. That is the best option where we can clone it, and we can directly get it to our set of policies.

The number of users depends on how you scale or what type of deployment is required. So if I am using only twenty-five users, which is their base bundle, that includes ten to twenty-five users, one engineer is enough for deployment and to install the agent in the machine of other users. So, it can take one or two weeks maximum for a particular engineer if they fully work for at least four to five hours a day.

As Sophos is already doing the maintenance, we have to understand where exactly the laptop is being carried from by the users, and once it is received, we already know that basic checks are to be done on those laptops. Else, you may have a solution deployed to take care of other things. So maintenance in terms of checking the policies, we have to do that, and we have to check which laptop is creating the issue from the dashboard. So, we can do that, and we can isolate that and patch it based on the requirement. If you have a thousand users or two thousand users, it is difficult for a particular user to decide how many people are required for maintenance. If you deploy it with the help of a certain engineer, initially, you might get certain threats that are bombarding the portal. But later on, you can remove those resources one by one. So, initially, you can add five people if you have a thousand users, and slowly, you can remove them later on.

Price-wise, it is cheap. We need to pay 1,500 to 2,000 INR per user. The licensing of the solution is on a yearly basis. Customers have to initially pay for the cloud portal and then for the subscription licenses.

On a scale of one to ten, where one is very cheap, and ten is very expensive, I rate the pricing a three out of ten.

I recommend the solution to those planning to use it. I rate the overall solution a nine out of ten.

We use Sophos EPP Suite to prevent our clients from getting malware.

It was successful in preventing malware distribution. We have a large number of clients, over 13,000 in total, and we serve the majority of them.

Sophos EPP Suite doesn't really have a lot of features.

This signature-based malware prevention method is a little out of date. We are currently attempting to migrate to a newer, cloud-based solution in which we not only use signature-based antivirus scanning but also EDR with processes and similar tools to better recognize potential attacks, which is what the actual version cannot do.

It has not been developed in the last few years.

There are also issues with the compatibility of the OS. When using Sophos with Windows and devices, most of them work well, but as soon as we work with macOS and Linux, many issues arise that we do not want to have.

macOS is incompatible.

I have been working with Sophos EPP Suite for 10 years. It was already in place when I joined the company.

The server has never been as stable as we would have liked. It is one of the reasons why we would like to move away from Sophos and toward a completely new solution.

The support is deteriorating.

We use the previous version, which will be phased out next year, the Sophos Central console. It's Intercept X's on-premises version.

The initial deployment was completed entirely in-house, either through our software distribution, Barramundi or through the use of any custom script.

The infrastructure is currently maintained by myself, a single person, under the current solution. We have a central server console to which all clients connect, but we also have 14 support groups with their own admins for each department, where they manage their own devices.

In terms of pricing, it's not because I don't care about the cost; I simply tell them what we require, and someone else will obtain the necessary license.

This problem is that it is no longer implementable because, as previously stated, it was out of sale last year and will be obsolete by next year. If they have to go to the new central solution intercept one, which I have only had limited experience with up to now, So there's nothing I could really say to other potential customers.

Keeping in mind our environment, I must say that we have a very complex environment at our university. And from that perspective, I would rate Sophos EPP Suite a five out of ten.

We use the Sophos suite for a lot of things. We use it for the DLP and we can use it for the EDR. We use it for mobile device management and in application control as well. Those are some of the main uses of the application.

The solution's most valuable aspect, for us, is the DLP portion of the product. 

It's just a good endpoint solution. I can't say that it's better or worse than any other product, however, it has a pretty good feature set. There are good rules, etc.

That application, so far, is actually able to tell us if there are any issues with the machine and what they are.

I'm not sure if the solution is missing anything. For us, it seems to be covering our needs quite well.

The solution has a strange technical support process where you need to move through all of these tiers before you can get to someone who can help you. They should streamline the process and make it easier to speak to the correct level of support from the outset.

SentinelOne has what they call a rollback feature. It would be great if something similar was added to Sophos.

We've been using the solution for the past six months.

We've only been using the solution for six months. That said, it appears to be stable. We haven't had any issues. There aren't bugs and glitches, at least, not that I've experienced. It doesn't crash. It's been good.

So far, we've been able to scale the solution quite well. In terms of where we are right now, it's scaling quite well to other parts of the organization, and the experience has been pretty painless so far.

We've probably got about 700 to 800 people on it so far. We have administrators, and then first-level users, which I guess are just reviewers or support, and then support teams. That's probably about it. The security team, which is what I'm a part of, too, has access to the solution for reporting purposes.

We've been in touch with technical support.

They're very responsive and very timely in their responses. We find them to be quite knowledgeable as well. That said, you hate everything with the first level call and the second level call and the third level call. However, for the most part, they're very timely.

This is our first EDR solution, I probably don't have much to compare it to.

The initial setup was not complex at all. It was a straightforward implementation. Everything was very simple.

We handled the implementation ourselves completely in-house. We didn't hire any integrators or outside consultants.

I'm not sure of what our licensing costs are. There are two and three-year packages available. I know we took a three-year package with a large discount applied to it. I'm not sure if there are different tiers, like silver or platinum. There might be. I don't know what the differences would be between them if there are.

I've seen other solutions such as SentinalOne, Carbon Black, and McAfee. I've seen them, however, to be truthful, I can't really explain what I'm missing and what features these options offer instead.

We're just a Sophos customer. We don't have a special relationship with the client.

We're using the latest version of the solution.

In terms of adopting this technology, I'd advise other organizations to work with their integration team and know the products in and out before getting started. They will have to spend a lot of time planning the process with Sophos. However, Sophos has a team that will help companies do that, which really helps simplify the process.

We personally didn't use them for the integration piece, but we did have the conversation with how to get it deployed, and testing, and all those kind of things within our environment.

I'd rate the solution nine out of ten.

Our customers mainly use the Sophos Endpoint Protection Suite for an all-rounded solution, including simple DLP, next-generation firewall, antivirus, EDR, and rollback capabilities for ransomware.

Sophos EPP Suite provides effective threat detection by identifying suspicious behavior and terminating malicious processes. It also offers rollback capabilities for ransomware, which is not available in some other antivirus solutions.

The AI and EDR features are the most effective for threat detection and security. The behavioral-based AI can recognize suspicious activities and terminate malicious processes. The rollback capability for ransomware is also a valuable feature.

The resource usage of the agent should be less intensive on the CPU and RAM. This would make Sophos EPP Suite a better antivirus solution, especially for clients with only the minimum required specifications.

I have been working with Sophos Endpoint Protection Suite for over two years.

I rate the stability of Sophos Endpoint Protection Suite as a seven. It can be resource-intensive, consuming significant CPU and RAM, which can affect performance.

I have not faced any scalability issues. Even if the number of licenses exceeds the limit, Sophos EPP Suite still provides coverage for all endpoints.

For tech support, I rate it between seven and eight. It might take some time to get a response, however, the support is considered good.

Neutral

Previously, I worked with McAfee, an on-premise solution where the agent could be pushed directly from the antivirus server.

Setting up Sophos EPP Suite is relatively easy, and I would rate it as a nine out of ten. The deployment process for one PC takes about 30 to 40 minutes, considering the time needed to download signatures and files from the cloud.

The response time of Sophos EPP Suite is effective if the customer has their security operation center (SOC). Proper alerts are generated and can be analyzed by security operation engineers.

Sophos EPP Suite is relatively expensive. If I were to rate the cost, it would be an eight out of ten.

I have evaluated other vendors. That said, currently, I only have experience working with Sophos EPP Suite.

The protection offered by Sophos EPP Suite is versatile. It can detect hidden Trojans before they execute and protect vulnerable versions of Windows from exploitation.

I'd rate the solution nine out of ten.

We use the solution for our internal antivirus protection and traceability. One of the main reasons we use the solution is to identify problems in case of any issues with the endpoint or cyber-attacks.

The product’s selling point is its ability to protect against zero-day threats and its integration with the firewall.

We do not quite like the product. There are a lot of limitations to it. It is a hassle every time we want to unlock it. We need to uninstall the license to move to another endpoint. It is troublesome to uninstall too.

Sometimes, we need to call support because the product doesn’t work properly. There are limitations to the product’s analytics and traceability too.

I have been using the product for about two years.

We face glitches occasionally, but it is not too frequent.

About 20 people use the solution in our organization.

The customer support is okay.

Before Sophos, we used Kaspersky.

The initial setup is simple.

The pricing is not cheap. When compared to Fortinet, the renewal and subscription is quite expensive. I rate the pricing a two or three out of ten.

The solution is cloud-based. I rate the solution a five out of ten.

We are using Sophos EPP Suite for web and application control, and antivirus

The most valuable feature Sophos EPP Suite is that it protects the computer beyond the premise. Whether the user is at home, in the office, or traveling, you are able to apply the policies as the user moves.

Sophos EPP Suite could improve the way it can be installed. They used to have one installer and now they have two, one for the server and one for the client. I don't know the difference, it brings confusion.

I have been using Sophos EPP Suite for approximately five years.

Sophos EPP Suite is stable because once we do the deployment, rarely do you receive corruptions. Additionally, once you deploy something on the cloud, it automatically applies to the client as long as the system is online.

Sophos EPP Suite is highly scalable. We have close to 40 computers using this solution.

I have contacted the support and I am satisfied with the speed of the answers.

Sophos EPP Suite could be easier to implement and it is slow with the web installer. However, it depends on the internet speed.

There are licenses to use this solution and we are on a three-year license.

I would recommend this solution to others. The solution is highly scalable and we are using it in two companies and it works very well. You have control of what you want to be done or applied within your multiple sites.

I rate Sophos EPP Suite a nine out of ten.

I mainly use this software for managing my business operations and enabling efficient port forwarding to make my applications accessible on the Internet. It helps me handle my portfolio needs and occasionally aids in device management for monitoring network traffic.

Sophos EPP Suite stands out with its user-friendly dashboard and strong web filtering features for enhanced online security.

In terms of improvement, the main challenge is setting up VPN connections. I have tried online resources and even turned to Kubernetes for help, but the primary issue I face is the complexity of creating VPN connections, and I'm seeking ways to make this process easier. Additionally, I have also faced difficulties with web filtering. In future Sophos releases, I would like to see simplified processes. For example, make port forwarding setup take just two or three clicks, streamline web filtering to two or three steps, and ease the separation of PCs from mobile devices within five clicks. The aim is to make these tasks more user-friendly and less time-consuming.

I have been working with Sophos EPP Suite for a few years.

It is a stable solution. I would give it an eight out of ten for stability.

In my personal usage, I have set up Sophos EPP Suite for two scenarios. The first has over 50 users, and the second, in a hospital, has fewer than 60 users. The second deployment is still in the testing phase, with around 15 active machines on the network currently.

I usually turn to internet searches and Sophos documentation from their website for help when I face issues or have specific needs, so I haven't needed to contact Sophos technical support directly.

I have experience with SonicWall. I used it about twelve years ago.

The initial deployment is quite easy and it takes less than an hour to deploy the solution. Setting up the basic installation and getting internet access is straightforward. However, complexity arises when trying to apply specific rules to the system, which can be a real challenge. I'm not currently handling maintenance for this product in the client's environment. In the past, I attempted to do so by trying to renew licenses for two devices, but the response was negative. I'm considering trying again and hoping for a better outcome in the future.

I find the pricing of the product to vary in different ranges. While it is not overly expensive, it can be a significant cost from the client's perspective, which makes me cautious about spending the money. I would rate it as a seven out of ten in terms of affordability.

I would definitely recommend Sophos EPP Suite to others. Overall, I would rate it as an eight out of ten.