Sophos MDR Reviews

Since we installed Sophos MDR, we have thankfully had peace of mind. Before the Sophos MDR installation, we had a very bad experience with several clients. Post-installation, this issue has decreased, and it's very effective.

The tool's ability to work with security threats is competitive. The best part is monitoring and the way we receive automated emails and updates. When an issue arises, a ticket automatically gets raised, clearly outlining the necessary actions to be taken from our end.

The solution's integration with our IT workflow is easy. 

The only challenge we face with the tool is the pricing. Clients often compare it with other products in the market and try to negotiate prices. This concern has caused some challenges in closing deals. Otherwise, as a product, we have no worries.

The support's response time can also be faster. 

I have been working with the product for two years. 

I rate the solution's scalability to the maximum, i.e., a ten out of ten. 

We have local distributors who support us. Sometimes the call centre gets really busy, which can be a challenge. Thankfully, we have local distributor support that handles most of our issues. We only resort to reaching out to the main support when necessary.

Positive

There are no challenges associated with the tool's deployment. 

The tool is recommended for enterprises. The pricing model can be a bit challenging for small companies. I rate it a ten out of ten. I recommend the product. We have migrated most of our clients to Sophos MDR. 

We use the product for 24/7 monitoring services for threat detection.

We have been using Sophos MDR for about two and a half years.

I rate the platform’s stability a ten out of ten.

The platform is easy to scale. I rate the scalability a ten out of ten.

The initial setup is straightforward. I rate the process a ten out of ten.

The product is reasonably priced considering the cybersecurity features.

Sophos MDR has improved the threat detection process by identifying and addressing the issues before they become severe. It helps us maintain cybersecurity with 24/7 device monitoring.

In one of the incidents, the product was instrumental in mitigating a threat by enabling us to mark the machine with a phishing attack. In this way, we isolated the device before it infiltrated the organization.

The AI analysis and MDR features automatically isolate the issues without manual effort.

I rate it a ten out of ten.

We use Sophos MDR to protect our office environment.

The product’s most valuable features are integration and endpoint protection.

The product's stability needs improvement.

We have been using Sophos MDR since February.

The product takes up more RAM space while adding more users.

We have 125 Sophos MDR users. It is a scalable product.

The initial setup process is easy. It is deployed on the Sophos cloud.

I rate Sophos MDR an eight out of ten.

We are using this solution in conjunction with others. We usually put both endpoint detection solutions in some of our desktops and in others, we have the Sophos desktop solution combined with Sophos firewall switches.

The most valuable aspect of this solution is the ability to interact with the firewall and workstations seamlessly to shut down the threats. Additionally, you are able to control the workstations remotely. This most robust solution out in the industry today.

There is a high level of protection to prevent both ransomware and malicious software from the exterior of the network, down to the workstations. The workstations are analyzed to prevent threats that come in through network packets, such as in email. You need to keep email secure because a lot of these malicious threats are coming in from email.

Nowadays, a lot of social interactions are through the internet and if somebody giving out passwords or is not keeping up with security best practices they could be vulnerable to attacks.

There is room for improvement in performance and upgrades.

I have been using the solution for approximately one year.

The solution is very stable.

I have found the scalability to be good. We do not have plans to increase usage in the near future.

The technical support has been good, we had no problems.

The installation was straightforward and the implementation took approximately three months.

We have a team of three people that do the deployment and maintenance of the solution.

The cost of the solution is based on how many users use it.

My advice to others thinking about implementing this solution is to negotiate for a lower price and it is a benefit to have someone who understands firewalls and their basic implementation.

I would recommend this solution to those who want to have complete security protection.

I rate Sophos Managed Threat Response a nine out of ten.

Sophos MDR enhances our clients' cybersecurity. Our clients do not have to worry about security threats like malware or intruder activity because the Sophos MDR team is very experienced and takes immediate action. The solution provides an easier VPN connection.

The solution's integration should be made easier because it is difficult. Sophos MDR should improve its artificial intelligence capabilities. Sophos MDR uses artificial intelligence in cybersecurity, but it should be made more attractive or scalable.

I have been using Sophos MDR for six months.

I rate the solution’s stability an eight out of ten.

Around five clients use Sophos MDR.

I rate the solution’s scalability a nine out of ten.

The solution’s technical support is very good.

Positive

The solution's initial setup is not easy. It is quite difficult to integrate the tool. The solution's deployment takes around one and a half to two hours. Sometimes, my senior helps me with the installation. Other times, I deploy the tool by myself.

Sophos MDR is less expensive than other products like Fortinet or Palo Alto.

Sophos MDR is very helpful for remote help, security pickup, policy editing, or policy deployment. I would recommend Sophos MDR to other users because it helps detect suspicious network activity.

Clients don't trust Sophos MDR because it is a new cloud product that has been around for one and a half years.

Overall, I rate the solution a seven out of ten.

There are lots of benefits because it includes real-time network threat detection (RNT), IP spoofing prevention, and a 24/7 support system. There is also protection against ransomware attacks. 

So basically, customers will benefit greatly after purchasing and using this sophisticated anti-malware software.

Security parameters are good; that's why we recommend it to our customers.

It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky,  McAfee Antivirus, and more. 

I would rate the stability a ten out of ten.

I would rate the scalability a ten out of ten. It is very scalable because it has many features and can handle a lot of data. We have more than 30 to 40 customers. We have many branches across India, so it has more than 5,000 users across India.

The customer service and support by Sophos are good. We don't have any complaints about that product because they help us 24/7. So, if we have any problem, day or night, and we can't solve it, we contact Sophos' technical team. We try to call the local technical team first, and if that doesn't connect, we go directly to customer support. We don't have any problem. If there's a problem, we can usually resolve it within one or two hours, depending on the issue.

The installation process is very smooth. We haven't encountered any errors when installing it on Windows 11 or Windows 12. We have been trained twice a year by, so our team knows how to install it at our customer's site and troubleshoot any problems. We are very familiar with the product.

We have some clients who use the cloud and others who use the offline software. However, the majority of our clients (over 80%) use the offline version, and 20% use the cloud solution.

Every requirement needs three supports: MDR, support for endpoints, and product support feed.

In Kolkata, there are many technical people available. So when we receive a query, we directly hand it over to Sophos' technical team. They then install it at our customer's premises. We haven't had any ransomware or attacks at our client's customer service.

At the time of installation, we use remote access tools like AnyDesk, AltraViewer, or TeamViewer to access your solution. Our team can install it remotely if they receive a call or encounter any problems or new requirements.

We have more than 35 customers. They have their own technical teams. After getting the order, we first train their technical team. Our technical team will also help because they first try to install it at their office. If there are any problems, they can contact us, and then we will start the solution from our end.

We have a support team composed of ten personnel who can provide support on software. We are also the team that can support hardware.

You need a license to activate the software. 

I would highly recommend it because our office is also secured by Sophos software. We inform our customers to buy support. It's a great product with excellent support. If you have any questions or problems, their technical team is always available to help.

Overall, I would rate the solution a ten out of ten. The distribution is okay, and the product is good. 

The product saves us a lot of money. I do not have to engage any employees for cybersecurity monitoring. The product also provides insurance. The team responds frequently to any attacks. They call us, inform us about the issues, and guide us on what to do. I do not have to worry about it. The product gives us good visibility into what is happening inside the company.

Endpoint protection is very slow. When we copy something, it takes too much time. Sometimes the email gateway is down, and the emails return to the sender. These are the two problems we face frequently.

The solution should release a feature similar to Zscaler, which would route all the traffic through my firewall when we connect to VPN. The product should provide zero trust.

My organization started using the solution recently.

The tool is stable.

As soon as we send the purchase order, the team adds the license fee, and we start using the solution. The tool is scalable. More than 1000 people in our organization are using the solution.

Support is good.

We have switched to Sophos in our UK plant too. Earlier, we were using SentinelOne. We switched to Sophos because of its dashboard. We can see everything in a single dashboard. That is the beauty of Sophos.

The initial setup is very easy. It is not complex.

We can download and implement the product easily. It is only a one-line command. It's not a big task for me. Frequently, we check the servers and the dashboard. We can find any discrepancies easily. It is easy to maintain the tool.

I am comfortable with the pricing. Compared to other tools, Sophos has a pretty good price.

We are using the latest version of the product. We have a hands-on experience with the solution. We get all controls like endpoint, firewall, and email gateway on a single dashboard. Overall, I rate the solution an eight out of ten.

We use it for managed services, primarily for customers who lack resources. MDR is a tool that not only identifies and shows the impact of viruses but also requires no technical staff for operation. 

So, the user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents.

We don't need to invest in manpower. For example, if we are investing in an IT guy for endpoint solution security, we are investing our money in a guy. And the ROI will not be much because they will only do analytics parts. But what happens when the engine has a ransomware attack is that they will not be able to resolve the ransomware, which Sophos MDR will help you resolve very quickly.

Sophos MDR is very flexible. It works on top of existing EDR and XDR solutions. You don't need to buy Sophos's EDR or XDR products specifically. It can integrate with other EDR, XDR, and even Application Firewalls from other vendors. That's a big advantage in terms of compatibility.

Secondly, Sophos MDR offers a high degree of automation for cyber threat activity. They also provide cyber insurance for system downtime, but that's a separate service.

When it comes to the incident response processes, their response time is 38 minutes. They also have a three-step process, with the first tier being called "Rapid Response Services." This means for incidents that happen very quickly, they will prioritize those.

Sophos MDR integrates well with various tools, including Sophos firewalls, Microsoft products, and other third-party solutions, ensuring seamless authentication.  It offers straightforward integration, whether it's with another firewall or different data authentication needs. The process is quite simple.

What I really like is the centralized management console. It is a single management console. You don't have to deal with multiple management tools. Even if you have firewall support, you can just use the same console to access your firewall, MDR, EDR, encryption, and NDR – everything can be managed in a single dashboard. 

You don't need to jump between multiple tools. That's one of the best things I like and something I would definitely recommend to customers. 

Sophos MDR also offers 24/7 monitoring features. But 24/7 is part of a package. Sophos MDR has two service tiers, I forget the exact names, but one is a basic option. It integrates with other EDR/XDR solutions a customer might have, along with standard Sophos support. The other tier is a complete MDR service, with rapid response and full cybersecurity protection.

One aspect I'm examining is the MDR network detection with Sophos Firewall, which works well. I understand it can also integrate with other firewalls, but it's optimal with Sophos products, given the slight drawbacks when using non-Sophos solutions.

I've worked with Sophos Encryption and Sophos MDR.

I haven't faced any issues with its stability.

It is a scalable product. Our customers typically look for solutions like Sophos that can grow with their needs. Many wonder about the necessity of investing in a separate security operations center (SOC) or a third-party vendor for management. 

They question what tools are available to protect their devices from various threats, including those from the internet and specific applications. Sophos MDR, with its automation capabilities, often emerges as the best fit for their needs.

The customer service and support are very good. 

Positive

The setup process is straightforward and not complex for us.

We have a small team of four or five people who manage the deployment.

The deployment involves a careful preparation process, where we gather all necessary product information and follow specific technical procedures. We ensure our customers are well-informed about the process before beginning. The steps involve coordination with our team to ensure everything is uploaded and configured correctly.

The deployment process currently doesn't require many resources. The deployment timeframe varies but is not extensive. It generally takes three to four hours. We spend time gathering detailed information from the customer to ensure a comprehensive implementation plan. 

Depending on the complexity and the need for third-party integrations, the process can take from two to five days, though most tasks are completed within two days. Delays may occur if specific files or integrations are required and not immediately available. For example, sometimes, when we need Fortinet integration and it is not available, it might delay things. 

Maintenance is minimal and manageable.

There are cost savings when it comes to Sophos MDR. For example, a ransomware attack happens, and you're completely locked out. Your IT people don't know when or where it happened. They have to research it, which can take an hour or even a day. They might not be specialists in handling incidents. MDR takes care of that. Any suspicious activity or attack triggers their monitoring. They investigate, resolve it, and even isolate infected systems. This saves you completely.

I use this analogy: Imagine you invest in four IT staff who can't resolve an incident. It takes them hours, and they might not be trained in analytics. That investment could cost more than MDR. I tell managers that buying four resources is a higher cost in the long run, even though MDR is a recurring cost. They can resolve your issue 24/7, and it's a mid-range cost compared to potentially failing to resolve an incident.

Therefore, the ROI is definitely there. 

It's good, the offer and everything about it is satisfactory. I would definitely recommend using it. 

Overall, I would rate the solution a ten out of ten.