Sophos MDR Reviews

We use it for managed services, primarily for customers who lack resources. MDR is a tool that not only identifies and shows the impact of viruses but also requires no technical staff for operation. 

So, the user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents.

We don't need to invest in manpower. For example, if we are investing in an IT guy for endpoint solution security, we are investing our money in a guy. And the ROI will not be much because they will only do analytics parts. But what happens when the engine has a ransomware attack is that they will not be able to resolve the ransomware, which Sophos MDR will help you resolve very quickly.

Sophos MDR is very flexible. It works on top of existing EDR and XDR solutions. You don't need to buy Sophos's EDR or XDR products specifically. It can integrate with other EDR, XDR, and even Application Firewalls from other vendors. That's a big advantage in terms of compatibility.

Secondly, Sophos MDR offers a high degree of automation for cyber threat activity. They also provide cyber insurance for system downtime, but that's a separate service.

When it comes to the incident response processes, their response time is 38 minutes. They also have a three-step process, with the first tier being called "Rapid Response Services." This means for incidents that happen very quickly, they will prioritize those.

Sophos MDR integrates well with various tools, including Sophos firewalls, Microsoft products, and other third-party solutions, ensuring seamless authentication.  It offers straightforward integration, whether it's with another firewall or different data authentication needs. The process is quite simple.

What I really like is the centralized management console. It is a single management console. You don't have to deal with multiple management tools. Even if you have firewall support, you can just use the same console to access your firewall, MDR, EDR, encryption, and NDR – everything can be managed in a single dashboard. 

You don't need to jump between multiple tools. That's one of the best things I like and something I would definitely recommend to customers. 

Sophos MDR also offers 24/7 monitoring features. But 24/7 is part of a package. Sophos MDR has two service tiers, I forget the exact names, but one is a basic option. It integrates with other EDR/XDR solutions a customer might have, along with standard Sophos support. The other tier is a complete MDR service, with rapid response and full cybersecurity protection.

One aspect I'm examining is the MDR network detection with Sophos Firewall, which works well. I understand it can also integrate with other firewalls, but it's optimal with Sophos products, given the slight drawbacks when using non-Sophos solutions.

I've worked with Sophos Encryption and Sophos MDR.

I haven't faced any issues with its stability.

It is a scalable product. Our customers typically look for solutions like Sophos that can grow with their needs. Many wonder about the necessity of investing in a separate security operations center (SOC) or a third-party vendor for management. 

They question what tools are available to protect their devices from various threats, including those from the internet and specific applications. Sophos MDR, with its automation capabilities, often emerges as the best fit for their needs.

The customer service and support are very good. 

Positive

The setup process is straightforward and not complex for us.

We have a small team of four or five people who manage the deployment.

The deployment involves a careful preparation process, where we gather all necessary product information and follow specific technical procedures. We ensure our customers are well-informed about the process before beginning. The steps involve coordination with our team to ensure everything is uploaded and configured correctly.

The deployment process currently doesn't require many resources. The deployment timeframe varies but is not extensive. It generally takes three to four hours. We spend time gathering detailed information from the customer to ensure a comprehensive implementation plan. 

Depending on the complexity and the need for third-party integrations, the process can take from two to five days, though most tasks are completed within two days. Delays may occur if specific files or integrations are required and not immediately available. For example, sometimes, when we need Fortinet integration and it is not available, it might delay things. 

Maintenance is minimal and manageable.

There are cost savings when it comes to Sophos MDR. For example, a ransomware attack happens, and you're completely locked out. Your IT people don't know when or where it happened. They have to research it, which can take an hour or even a day. They might not be specialists in handling incidents. MDR takes care of that. Any suspicious activity or attack triggers their monitoring. They investigate, resolve it, and even isolate infected systems. This saves you completely.

I use this analogy: Imagine you invest in four IT staff who can't resolve an incident. It takes them hours, and they might not be trained in analytics. That investment could cost more than MDR. I tell managers that buying four resources is a higher cost in the long run, even though MDR is a recurring cost. They can resolve your issue 24/7, and it's a mid-range cost compared to potentially failing to resolve an incident.

Therefore, the ROI is definitely there. 

It's good, the offer and everything about it is satisfactory. I would definitely recommend using it. 

Overall, I would rate the solution a ten out of ten. 

The solution has good firewall functionality.

They should include better tools in the solution. Also, its pricing and stability need improvement.

I have been working with the solution for two years.

The solution could be more stable. I rate its stability five out of ten.

It is a scalable solution. I rate its scalability nine out of ten. Our clients with enterprise businesses, including ten users, are using the solution.

The solution's technical support could be better.

Neutral

The solution's initial setup was straightforward. The deployment took less than a week.

The solution is expensive. I rate its pricing a seven out of ten.

I rate the solution a seven out of ten.

In the future, I would like to see a better integration between the endpoint and firewall, just like how web proxy is available inside the antivirus and the endpoint protection. There is also security or protection for the gateway and the border gateway in Sophos that we need to configure separately. In general, the gateway, firewall, and endpoint Sophos offers are not optimized, which I feel can function better together.

I have been using Sophos MDR for a year. My company is a platinum partner in Switzerland for Sophos.

It is a stable solution.

It is a scalable solution.

The support from the MDR team works satisfactorily.

I rate the technical team an eight out of ten points.

Positive

It is easy to deploy Sophos MDR.

The solution's deployment process takes four to eight hours, considering that my company has around ten customers with varying infrastructure sizes who need our service regarding the solution's deployment process. The deployment can be done in four hours for some of our company's smaller customers, while it may take eight to twelve hours to configure all the parameters for the bigger ones consisting of 300 to 400 users.

Sophos MDR is not a cheap product. Compared with other solutions in the market, Sophos MDR is available at a good price, especially considering its performance.

I am satisfied with the overall solution. So far we have had very few queries from Sophos. But these have always been handled quickly and satisfactorily.

It is a good thing that Sophos offers many products, along with the automatic integration of all the telemetry data. With other competitors or products like Fortinet in the market, you have to pay extra to integrate the MDR services offered.

I rate the overall product an eight out of ten.

Sophos MDR is used to take care of security, monitor the environment, and show it is safe and secure.

A lot of organizations in Africa have been in very bad shape. Some experienced staff might suddenly drop their registration letters, making it a challenge to find somebody new. That is one of the cases where Sophos MDR comes into play. Organizations do not necessarily have to invest too much in in-house personnel because Sophos takes care of the first channel of security that you require. You don't need entry or mid-level security personnel in-house.

A lot of organizations have also experienced attacks like ransomware. This has led to more than the loss of data. We face legal implications. We have our integrity damaged. These attacks come with a lot of financial implications, and Sophos addresses that aspect by offering up to $1 million in case of any environmental breach. Other organizations can take server insurance or integrate it to give them confidence that they can land on their feet if anything happens.

There is a feature called XDR Central. With this, Sophos can connect to third-party security solutions. This way, clients do not need to spend on a separate security OEM. Sophos MDR naturally integrates with any third party, and clients get the value they need from the solution.

With the level of AI in the hands of cybercriminals today, they have had a lot of success, and they continue to improve on their success. Hence, the only way forward is for any security solution to continue increasing the amount of data they have access to. Threat intelligence is one area any security company needs to expand because the better the data we have, the more precise a difference they can make regarding security. Threat intelligence is an area for improvement for MDR. Sophos MDR also needs to add more automation functions.

I have used Sophos MDR for three years.

I rate the stability of the solution a nine-point-six out of ten.

I rate Sophos MDR's scalability a ten out of ten. It is straightforward to increase the number of protected devices. You don't need to redeploy anything. It is automatically pushed from the central to all devices. It is seamless.

Sophos MDR cuts across every type of organization, from a small to a large enterprise organization. Large enterprises gain value because when it comes to cost, the higher you buy, the less you pay. For a large enterprise, it will make the price cheaper. Regarding capability, one of the recommendations is called synchronized security, which is the ability of your endpoint to communicate with the firewall and share intelligence. That's one of the things Sophos has been able to achieve. It has some of the components or architecture I require in the environment for large organizations and enterprises, but Sophos MDR speaks to enterprises and smaller to medium companies.

Customer support is top-notch.

Today, the best way to deploy a cloud solution like Sophos MDR for a large enterprise environment is to have it leverage soft packing on deployment. It is quite easy for customers using Sophos to add additional features to it because you don't need to redeploy. From the portal, you can push licenses to every endpoint you have. Sophos has made some advances in that aspect, but sadly, it depends on third parties to make deployment more seamless.

MDR is a complete enterprise solution, and compared to other OEMs, it is one of the cheapest. I rate the pricing a nine out of ten because it is affordable.

Sophos is one of the first security OEMs to recognize security perfectly through a single management platform whereby organizational security solutions can think and be managed from a single dashboard. That gives Sophos an edge over so many other OEMs. This is what MDR leverages today. Another point of note is that a few years ago, when ransomware software became rampant, Sophos released a component dedicated to helping providers combat any new variants of ransomware, which any other OEM could use. And Sophos was able to work with third-party security solutions, meaning that an organization currently using another OEM can still leverage the Sophos interface to ensure they are safe regarding ransomware. This gave Sophos an edge with MDR. Today they have XDR Central. XDR Central works with third-party security solutions and enables organizations to carry out forensic and threat-hunting analyses on those companies' devices and networks. These are things that give Sophos an edge over many other OEMs out there.

I rate Sophos MDR a nine out of ten.

We are a distributor of Sophos products in Pakistan. Our customers use Sophos MDR when they require a unified dashboard for integrating multiple vendors' solutions, enabling them to have visibility across all their systems. Sophos MDR is particularly valuable for organizations that lack an in-house expert to manage and secure their network.  

The most valuable feature is the ability to integrate multiple functions into a single dashboard regardless of the vendors being integrated.

Sophos MDR lacks integration with MDM solutions.

Sophos should provide a demo of MDR so that potential customers can utilize it through a free trial for POC.

I have been using Sophos MDR for five months.

I would rate the scalability of Sophos MDR a seven out of ten.

The initial setup is a seven out of ten.

Sophos MDR is expensive, and due to the financial instability in Pakistan, many customers prefer to opt for Intercept X Advanced with XDR. This allows them to have a comprehensive LDR solution rather than MDR.

I would rate the price of Sophos MDR as a nine out of ten, with ten being the most expensive.

I would rate Sophos MDR eight out of ten.

People are expecting Sophos MDR to be available on-premises as well, due to an existing compliance issue in Pakistan. This is a crucial aspect that customers have requested from me. Historically, two to three years ago, or even four years ago, our solution was on-premises; however, currently, we have already transitioned to the cloud. Now, in the banking sector of Pakistan, there are policies that prohibit hosting anything on the cloud. This presents a significant challenge for us in the Pakistani market, as we aim to offer and impress them with cloud-based solutions. Many other vendors provide their solutions in three ways: hybrid, on-premises, or on the cloud. Therefore, the drawback of Sophos MDR is that we don't offer an on-premises option. Nevertheless, despite this limitation, we can still provide Sophos MDR by adapting it to function on a highly secure server or in air gap mode.

Sophos MDR offers a 24/7 threat experts team that protects customers' networks from attacks or vulnerabilities. This feature is ideal for organizations that do not have a cybersecurity team. 

We use Sophos MDR for DLP (Data Loss Prevention), NGIPS (Next-Generation Intrusion Prevention System), URL filtering, application control, and visibility.

I like Sophos MDR's inbuilt feature for DLP (Data Loss Prevention). Just a subscription is enough to get a dedicated device for it.

Sophos MDR's support and basic training of their devices could be improved. The solution's curriculum does not give clear information about its certifications.

I have been using Sophos MDR for six months.

Sophos MDR is not quite stable.

I rate Sophos MDR a seven out of ten for stability.

Sophos MDR is a scalable solution. However, its integration with other devices is not as good as Cisco's. Our clients for Sophos MDR are medium manufacturing businesses.

I rate Sophos MDR a six out of ten for scalability.

Unlike Cisco, the initial setup of Sophos MDR is easy.

Sophos MDR is a cheap solution. I rate Sophos MDR a five out of ten for pricing.

Sophos MDR doesn't necessarily address the full-scale network requirements in terms of security. I recommend the solution for small to medium enterprises but not for large enterprises. With Sophos MDR, you get what you buy.

Overall, I rate Sophos MDR a seven out of ten.

The product’s most valuable feature is ease of use.

The product's pricing could be less expensive.

We have been using Sophos MDR for almost a year.

It is a stable product due to timely and automatic updation.

We have 100 clients for Sophos MDR. It is a scalable product.

The technical support services are customer-friendly.

The initial setup is easy and can be done immediately.

The product generates a good return on investment.

It is an expensive platform.

The product is user-friendly and cost-effective. I advise others to add MDR, XDR, and EDR solutions for complete security. I recommend the product to others and rate it an eight out of ten.

The product’s most valuable feature is rapid response. Most of the companies are targeted by ransomware attacks. Sophos MDR provides us with better data protection services than other providers.

Sophos MDR’s pricing is the biggest factor that needs improvement per customers and technical professionals. There could be a package or bundled subscription similar to Trend Micro. It will allow us to customize the package according to specific requirements.

We have been using Sophos MDR for more than two years.

I rate the product’s stability an eight out of ten.

The product is highly scalable. It is suitable for medium businesses. I rate its scalability an eight out of ten.

The initial setup is easy. The deployment time depends on the availability of resources from the client's end. We can complete the process in a day if everything is set up properly.

I rate Sophos MDR’s pricing a seven or eight out of ten. From a technical perspective, I understand that AI integration makes the product a little expensive. However, from customers’ perspective, it also needs to fit in their budgets.

I rate Sophos MDR a ten out of ten. I advise others to go for it. With more experience working on it, they will understand why it is expensive.