We performed a comparison between Cisco Secure Endpoint and Intercept X Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Endpoint stands out for its threat-hunting capabilities, sandboxing, and swift response to attacks. Users also praised the solution's seamless integration with Talos for continuous protection. Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Cisco Secure Endpoint could benefit from providing more scenario-based information and a simpler, more customizable main dashboard. Integration with artificial intelligence and IoT is another area for improvement. Intercept X Endpoint could integrate more seamlessly with third-party vendors and improve support for virtual infrastructures.
Service and Support: Users said Cisco support is efficient and responsive, and customers also found it easy to find answers in the documentation without help. Some users recommend enhancing training programs and streamlining management consoles to further enhance the level of support provided. Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness.
Ease of Deployment: Users generally found Cisco Secure Endpoint easy to set up, but some users reported challenges related to agent behavior and configuration. The initial installation involves downloading an agent and installing it on endpoints, and total deployment time ranged from a week to several months. Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation.
Pricing: Cisco Secure Endpoint's pricing is seen as fair and reasonable. Some users requested additional discounts, particularly for educational purposes. Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale.
ROI: Cisco Secure Endpoint offers cost savings and the potential to earn money by extending services. Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment.
Comparison Results: Our users favor Cisco Secure Endpoint over Intercept X Endpoint. Cisco Secure Endpoint offers more comprehensive protection, better customer service, and support, making it the preferred choice. Cisco Secure Endpoint has some advanced features for finding and resolving threats that Intercept X lacks. Users also appreciate Cisco Secure Endpoint's pricing, whereas some users say Intercept X Endpoint has room to improve on price.
"The solution was relatively easy to deploy."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The price is low and quite competitive with others."
"The setup is pretty simple."
"The stability is very good."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"The most valuable feature of the solution is its technical support."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities."
"The pricing is fair. It's not too costly for our small organization."
"The most effective features of Intercept X Endpoint for threat prevention are ransomware protection, miscellaneous behavior detection, and network threat protection."
"It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level. While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best."
"It is a very scalable solution."
"The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit."
"The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring."
"We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"ZTNA can improve latency."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Cannot be used on mobile devices with a secure connection."
"We find the solution to be a bit expensive."
"The only minor concern is occasional interference with desired programs."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"I haven't seen the use of AI in the solution."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"It could be improved in connection with artificial intelligence and IoT."
"It does not include encryption and decryption of local file shares."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."
"It cannot currently block URLs over websites."
"In the next version of this solution, I would like to see the addition of local authentication."
"On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the new 3000 series of firewalls where we would also be able to look more into the traffic that we're monitoring and get more security layers in our services. That would definitely be a big step."
"Sophos needs to create a YouTube channel with educational material for technicians or engineers."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"I am not very satisfied with the product's reporting overall, and it needs improvement in this area."
"It consumes a lot of resources, and something needs to be done for that."
"The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
"When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two."
"The EDR could be improved, and perhaps the User Interface."
"The deployment part needs to be improved."
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 44 reviews while Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews. Cisco Secure Endpoint is rated 8.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Cisco Umbrella, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Trend Micro Apex One. See our Cisco Secure Endpoint vs. Intercept X Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.