We manage security 24/7 using Sophos.
Cloud Consultant at a construction company with 11-50 employees
Provides good security features, available 24/7, and is suitable for enterprises
Pros and Cons
- "The solution provides the best security features."
- "The product must provide zero trust security."
What is our primary use case?
What is most valuable?
I am satisfied with the product. The solution provides the best security features. We don't have a 24-hour security engineer in our organization. Now, Sophos MDR acts as a 24/7 resource and helps us when an issue is activated.
What needs improvement?
The product must provide zero trust security. The security tools for the endpoints must communicate with the firewalls.
For how long have I used the solution?
I have been using the solution for three to four years.
Buyer's Guide
Sophos MDR
November 2024
Learn what your peers think about Sophos MDR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
What do I think about the scalability of the solution?
The product is better suited for enterprises.
What's my experience with pricing, setup cost, and licensing?
I will not recommend the tool to the private sector or small companies. The tool is too expensive for small companies.
What other advice do I have?
We use the tool in our company. Our customers also use it. We are partners and resellers. I recommend the product to other organizations. Overall, I rate the solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Jun 19, 2024
Flag as inappropriateTechnical Head at Systech Services Pvt. Ltd
Monitors and provides automated emails and updates that helps to resolve issues
Pros and Cons
- "The tool's ability to work with security threats is competitive. The best part is monitoring and the way we receive automated emails and updates. When an issue arises, a ticket automatically gets raised, clearly outlining the necessary actions to be taken from our end."
- "The only challenge we face with the tool is the pricing. Clients often compare it with other products in the market and try to negotiate prices. This concern has caused some challenges in closing deals. Otherwise, as a product, we have no worries."
What is our primary use case?
Since we installed Sophos MDR, we have thankfully had peace of mind. Before the Sophos MDR installation, we had a very bad experience with several clients. Post-installation, this issue has decreased, and it's very effective.
What is most valuable?
The tool's ability to work with security threats is competitive. The best part is monitoring and the way we receive automated emails and updates. When an issue arises, a ticket automatically gets raised, clearly outlining the necessary actions to be taken from our end.
The solution's integration with our IT workflow is easy.
What needs improvement?
The only challenge we face with the tool is the pricing. Clients often compare it with other products in the market and try to negotiate prices. This concern has caused some challenges in closing deals. Otherwise, as a product, we have no worries.
The support's response time can also be faster.
For how long have I used the solution?
I have been working with the product for two years.
What do I think about the scalability of the solution?
I rate the solution's scalability to the maximum, i.e., a ten out of ten.
How are customer service and support?
We have local distributors who support us. Sometimes the call centre gets really busy, which can be a challenge. Thankfully, we have local distributor support that handles most of our issues. We only resort to reaching out to the main support when necessary.
How would you rate customer service and support?
Positive
How was the initial setup?
There are no challenges associated with the tool's deployment.
What other advice do I have?
The tool is recommended for enterprises. The pricing model can be a bit challenging for small companies. I rate it a ten out of ten. I recommend the product. We have migrated most of our clients to Sophos MDR.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: May 17, 2024
Flag as inappropriateBuyer's Guide
Sophos MDR
November 2024
Learn what your peers think about Sophos MDR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
Support Engineer at a comms service provider with 201-500 employees
Provides 24/7 monitoring services and has a straightforward process
Pros and Cons
- "Sophos MDR has improved the threat detection process by identifying and addressing the issues before they become severe."
What is our primary use case?
We use the product for 24/7 monitoring services for threat detection.
For how long have I used the solution?
We have been using Sophos MDR for about two and a half years.
What do I think about the stability of the solution?
I rate the platform’s stability a ten out of ten.
What do I think about the scalability of the solution?
The platform is easy to scale. I rate the scalability a ten out of ten.
How was the initial setup?
The initial setup is straightforward. I rate the process a ten out of ten.
What's my experience with pricing, setup cost, and licensing?
The product is reasonably priced considering the cybersecurity features.
What other advice do I have?
Sophos MDR has improved the threat detection process by identifying and addressing the issues before they become severe. It helps us maintain cybersecurity with 24/7 device monitoring.
In one of the incidents, the product was instrumental in mitigating a threat by enabling us to mark the machine with a phishing attack. In this way, we isolated the device before it infiltrated the organization.
The AI analysis and MDR features automatically isolate the issues without manual effort.
I rate it a ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer:
Network Engineer at a comms service provider with 10,001+ employees
Seamless integration, remote control access, high overall security protection
Pros and Cons
- "The most valuable aspect of this solution is the ability to interact with the firewall and workstations seamlessly to shut down the threats. Additionally, you are able to control the workstations remotely."
- "There is room for improvement in performance and upgrades."
What is our primary use case?
We are using this solution in conjunction with others. We usually put both endpoint detection solutions in some of our desktops and in others, we have the Sophos desktop solution combined with Sophos firewall switches.
What is most valuable?
The most valuable aspect of this solution is the ability to interact with the firewall and workstations seamlessly to shut down the threats. Additionally, you are able to control the workstations remotely. This most robust solution out in the industry today.
There is a high level of protection to prevent both ransomware and malicious software from the exterior of the network, down to the workstations. The workstations are analyzed to prevent threats that come in through network packets, such as in email. You need to keep email secure because a lot of these malicious threats are coming in from email.
Nowadays, a lot of social interactions are through the internet and if somebody giving out passwords or is not keeping up with security best practices they could be vulnerable to attacks.
What needs improvement?
There is room for improvement in performance and upgrades.
For how long have I used the solution?
I have been using the solution for approximately one year.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
I have found the scalability to be good. We do not have plans to increase usage in the near future.
How are customer service and technical support?
The technical support has been good, we had no problems.
How was the initial setup?
The installation was straightforward and the implementation took approximately three months.
What about the implementation team?
We have a team of three people that do the deployment and maintenance of the solution.
What's my experience with pricing, setup cost, and licensing?
The cost of the solution is based on how many users use it.
What other advice do I have?
My advice to others thinking about implementing this solution is to negotiate for a lower price and it is a benefit to have someone who understands firewalls and their basic implementation.
I would recommend this solution to those who want to have complete security protection.
I rate Sophos Managed Threat Response a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
System Engineer at Ensure Support Services Limited
Provides good cybersecurity, but its integration should be made easier
Pros and Cons
- "Sophos MDR enhances our clients' cybersecurity."
- "The solution's integration should be made easier because it is difficult."
What is most valuable?
Sophos MDR enhances our clients' cybersecurity. Our clients do not have to worry about security threats like malware or intruder activity because the Sophos MDR team is very experienced and takes immediate action. The solution provides an easier VPN connection.
What needs improvement?
The solution's integration should be made easier because it is difficult. Sophos MDR should improve its artificial intelligence capabilities. Sophos MDR uses artificial intelligence in cybersecurity, but it should be made more attractive or scalable.
For how long have I used the solution?
I have been using Sophos MDR for six months.
What do I think about the stability of the solution?
I rate the solution’s stability an eight out of ten.
What do I think about the scalability of the solution?
Around five clients use Sophos MDR.
I rate the solution’s scalability a nine out of ten.
How are customer service and support?
The solution’s technical support is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The solution's initial setup is not easy. It is quite difficult to integrate the tool. The solution's deployment takes around one and a half to two hours. Sometimes, my senior helps me with the installation. Other times, I deploy the tool by myself.
What's my experience with pricing, setup cost, and licensing?
Sophos MDR is less expensive than other products like Fortinet or Palo Alto.
What other advice do I have?
Sophos MDR is very helpful for remote help, security pickup, policy editing, or policy deployment. I would recommend Sophos MDR to other users because it helps detect suspicious network activity.
Clients don't trust Sophos MDR because it is a new cloud product that has been around for one and a half years.
Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Google
Disclosure: My company has a business relationship with this vendor other than being a customer:
Last updated: Sep 10, 2024
Flag as inappropriateFounder at Computech infosysetm
Offers good security parameters, stability and remote deployment available
Pros and Cons
- "There are lots of benefits because it includes real-time network threat detection (RNT), IP spoofing prevention, and a 24/7 support system. There is also protection against ransomware attacks."
- "It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky, McAfee Antivirus, and more."
How has it helped my organization?
There are lots of benefits because it includes real-time network threat detection (RNT), IP spoofing prevention, and a 24/7 support system. There is also protection against ransomware attacks.
So basically, customers will benefit greatly after purchasing and using this sophisticated anti-malware software.
What is most valuable?
Security parameters are good; that's why we recommend it to our customers.
What needs improvement?
It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky, McAfee Antivirus, and more.
For how long have I used the solution?
What do I think about the stability of the solution?
I would rate the stability a ten out of ten.
What do I think about the scalability of the solution?
I would rate the scalability a ten out of ten. It is very scalable because it has many features and can handle a lot of data. We have more than 30 to 40 customers. We have many branches across India, so it has more than 5,000 users across India.
How are customer service and support?
The customer service and support by Sophos are good. We don't have any complaints about that product because they help us 24/7. So, if we have any problem, day or night, and we can't solve it, we contact Sophos' technical team. We try to call the local technical team first, and if that doesn't connect, we go directly to customer support. We don't have any problem. If there's a problem, we can usually resolve it within one or two hours, depending on the issue.
How was the initial setup?
The installation process is very smooth. We haven't encountered any errors when installing it on Windows 11 or Windows 12. We have been trained twice a year by, so our team knows how to install it at our customer's site and troubleshoot any problems. We are very familiar with the product.
We have some clients who use the cloud and others who use the offline software. However, the majority of our clients (over 80%) use the offline version, and 20% use the cloud solution.
What about the implementation team?
Every requirement needs three supports: MDR, support for endpoints, and product support feed.
In Kolkata, there are many technical people available. So when we receive a query, we directly hand it over to Sophos' technical team. They then install it at our customer's premises. We haven't had any ransomware or attacks at our client's customer service.
At the time of installation, we use remote access tools like AnyDesk, AltraViewer, or TeamViewer to access your solution. Our team can install it remotely if they receive a call or encounter any problems or new requirements.
We have more than 35 customers. They have their own technical teams. After getting the order, we first train their technical team. Our technical team will also help because they first try to install it at their office. If there are any problems, they can contact us, and then we will start the solution from our end.
We have a support team composed of ten personnel who can provide support on software. We are also the team that can support hardware.
What's my experience with pricing, setup cost, and licensing?
You need a license to activate the software.
What other advice do I have?
I would highly recommend it because our office is also secured by Sophos software. We inform our customers to buy support. It's a great product with excellent support. If you have any questions or problems, their technical team is always available to help.
Overall, I would rate the solution a ten out of ten. The distribution is okay, and the product is good.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Technical Director at Plant Lipids Private Limited
An affordable and easy-to-deploy solution that provides good visibility into the organization’s cybersecurity
Pros and Cons
- "The product gives us good visibility into what is happening inside the company."
- "Endpoint protection is very slow."
What is most valuable?
The product saves us a lot of money. I do not have to engage any employees for cybersecurity monitoring. The product also provides insurance. The team responds frequently to any attacks. They call us, inform us about the issues, and guide us on what to do. I do not have to worry about it. The product gives us good visibility into what is happening inside the company.
What needs improvement?
Endpoint protection is very slow. When we copy something, it takes too much time. Sometimes the email gateway is down, and the emails return to the sender. These are the two problems we face frequently.
The solution should release a feature similar to Zscaler, which would route all the traffic through my firewall when we connect to VPN. The product should provide zero trust.
For how long have I used the solution?
My organization started using the solution recently.
What do I think about the stability of the solution?
The tool is stable.
What do I think about the scalability of the solution?
As soon as we send the purchase order, the team adds the license fee, and we start using the solution. The tool is scalable. More than 1000 people in our organization are using the solution.
How are customer service and support?
Support is good.
Which solution did I use previously and why did I switch?
We have switched to Sophos in our UK plant too. Earlier, we were using SentinelOne. We switched to Sophos because of its dashboard. We can see everything in a single dashboard. That is the beauty of Sophos.
How was the initial setup?
The initial setup is very easy. It is not complex.
What about the implementation team?
We can download and implement the product easily. It is only a one-line command. It's not a big task for me. Frequently, we check the servers and the dashboard. We can find any discrepancies easily. It is easy to maintain the tool.
What's my experience with pricing, setup cost, and licensing?
I am comfortable with the pricing. Compared to other tools, Sophos has a pretty good price.
What other advice do I have?
We are using the latest version of the product. We have a hands-on experience with the solution. We get all controls like endpoint, firewall, and email gateway on a single dashboard. Overall, I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cybersecurity SME at a tech services company with 11-50 employees
Offers a high degree of automation for cyber threat activity, good integration capabilities with other Sophos products and flexible
Pros and Cons
- "The user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents."
- "The integration with third-party solutions as an area for slight improvement"
What is our primary use case?
We use it for managed services, primarily for customers who lack resources. MDR is a tool that not only identifies and shows the impact of viruses but also requires no technical staff for operation.
So, the user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents.
We don't need to invest in manpower. For example, if we are investing in an IT guy for endpoint solution security, we are investing our money in a guy. And the ROI will not be much because they will only do analytics parts. But what happens when the engine has a ransomware attack is that they will not be able to resolve the ransomware, which Sophos MDR will help you resolve very quickly.
How has it helped my organization?
Sophos MDR is very flexible. It works on top of existing EDR and XDR solutions. You don't need to buy Sophos's EDR or XDR products specifically. It can integrate with other EDR, XDR, and even Application Firewalls from other vendors. That's a big advantage in terms of compatibility.
Secondly, Sophos MDR offers a high degree of automation for cyber threat activity. They also provide cyber insurance for system downtime, but that's a separate service.
When it comes to the incident response processes, their response time is 38 minutes. They also have a three-step process, with the first tier being called "Rapid Response Services." This means for incidents that happen very quickly, they will prioritize those.
Sophos MDR integrates well with various tools, including Sophos firewalls, Microsoft products, and other third-party solutions, ensuring seamless authentication. It offers straightforward integration, whether it's with another firewall or different data authentication needs. The process is quite simple.
What is most valuable?
What I really like is the centralized management console. It is a single management console. You don't have to deal with multiple management tools. Even if you have firewall support, you can just use the same console to access your firewall, MDR, EDR, encryption, and NDR – everything can be managed in a single dashboard.
You don't need to jump between multiple tools. That's one of the best things I like and something I would definitely recommend to customers.
Sophos MDR also offers 24/7 monitoring features. But 24/7 is part of a package. Sophos MDR has two service tiers, I forget the exact names, but one is a basic option. It integrates with other EDR/XDR solutions a customer might have, along with standard Sophos support. The other tier is a complete MDR service, with rapid response and full cybersecurity protection.
What needs improvement?
One aspect I'm examining is the MDR network detection with Sophos Firewall, which works well. I understand it can also integrate with other firewalls, but it's optimal with Sophos products, given the slight drawbacks when using non-Sophos solutions.
For how long have I used the solution?
I've worked with Sophos Encryption and Sophos MDR.
What do I think about the stability of the solution?
I haven't faced any issues with its stability.
What do I think about the scalability of the solution?
It is a scalable product. Our customers typically look for solutions like Sophos that can grow with their needs. Many wonder about the necessity of investing in a separate security operations center (SOC) or a third-party vendor for management.
They question what tools are available to protect their devices from various threats, including those from the internet and specific applications. Sophos MDR, with its automation capabilities, often emerges as the best fit for their needs.
How are customer service and support?
The customer service and support are very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The setup process is straightforward and not complex for us.
What about the implementation team?
We have a small team of four or five people who manage the deployment.
The deployment involves a careful preparation process, where we gather all necessary product information and follow specific technical procedures. We ensure our customers are well-informed about the process before beginning. The steps involve coordination with our team to ensure everything is uploaded and configured correctly.
The deployment process currently doesn't require many resources. The deployment timeframe varies but is not extensive. It generally takes three to four hours. We spend time gathering detailed information from the customer to ensure a comprehensive implementation plan.
Depending on the complexity and the need for third-party integrations, the process can take from two to five days, though most tasks are completed within two days. Delays may occur if specific files or integrations are required and not immediately available. For example, sometimes, when we need Fortinet integration and it is not available, it might delay things.
Maintenance is minimal and manageable.
What was our ROI?
There are cost savings when it comes to Sophos MDR. For example, a ransomware attack happens, and you're completely locked out. Your IT people don't know when or where it happened. They have to research it, which can take an hour or even a day. They might not be specialists in handling incidents. MDR takes care of that. Any suspicious activity or attack triggers their monitoring. They investigate, resolve it, and even isolate infected systems. This saves you completely.
I use this analogy: Imagine you invest in four IT staff who can't resolve an incident. It takes them hours, and they might not be trained in analytics. That investment could cost more than MDR. I tell managers that buying four resources is a higher cost in the long run, even though MDR is a recurring cost. They can resolve your issue 24/7, and it's a mid-range cost compared to potentially failing to resolve an incident.
Therefore, the ROI is definitely there.
What other advice do I have?
It's good, the offer and everything about it is satisfactory. I would definitely recommend using it.
Overall, I would rate the solution a ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Apr 6, 2024
Flag as inappropriateBuyer's Guide
Download our free Sophos MDR Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Managed Detection and Response (MDR)Popular Comparisons
IBM Security QRadar
Intercept X Endpoint
Binary Defense MDR
CrowdStrike Falcon Complete MDR
Huntress Managed EDR
Arctic Wolf Managed Detection and Response
SentinelOne Vigilance
Secureworks Taegis Managed XDR / MDR
Red Canary
Blackpoint Cyber MDR
Field Effect MDR
Adlumin Cybersecurity
Fortra's Alert Logic MDR
Trend Micro Managed XDR
Rapid7 MDR
Buyer's Guide
Download our free Sophos MDR Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How do you estimate ROI of a Managed Detection and Response (MDR) solution?
- When evaluating Managed Detection and Response (MDR), what aspect do you think is the most important to look for?
- Which solution do you prefer: Optiv Managed Security Services or eSentire?
- Why is Managed Detection and Response (MDR) important for companies?