Sophos Intercept X Pros and Cons

The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer.

The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this.

The package we use also comes with spam filtering features, which are quite useful.

It is a practically maintenance free intelligent system that independently protects environments from malicious attacks.

It is not just a simple virus scanning product. It handles more advanced needs.

The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are valuable assets.

Scalability is good.

Technical support is responsive and adept.

Anti-virus captures malicious threats and an aggressive next generation firewall.

The most valuable feature is the behavioral, non-signature-based threat detection.

The initial setup is simple.

The most valuable features are the cloud administration and the strength of the ransomware protection.

There do not seem to be any limitations to the scalability of this product.

The deployment is quick. It just depends on the environment and what you may be replacing.

This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients.

The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them.

The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?"

The initial setup can be a bit challenging.

The product defends very well on its own but could possibly use enhancement in giving users more controls.

This product does not handle USB drives well.

There is some issue with the reporting and refreshing information on resources that have been eliminated.

Deployment on cloud needs to be carried out manually.

When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two.

It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first.

The technical support is the lone sore-point when dealing with this product.