Intercept X Endpoint Reviews

The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are probably the biggest areas of the product that we employ. We also make use of web content filtering and application control as well.  

I would probably say that the DLP portion of the product is the most valuable for what we do. That just happens to be the side of the house I sit in. But the EDR alerting is also relevant when talking about valuable features.  

Refreshing the reports could be improved. It looks like sometimes when systems no longer exist those systems can still show up on the reporting.  

For example, if you spin up a virtual desktop and a virtual server, and then you change the name of that virtual server, what happens is Intercept X still maintains a record of the device by the old name. It does that even though it no longer exists in the system because the name has been changed. So, refreshing the data is probably something that needs to be addressed.  

I can not really address what I think needs to be added to the product right now because I still think our organization is focusing on learning what the product can do and discovering the capabilities. I have been so involved with it from the perspective of understanding what it does currently that I am still trying to figure out what else we would like to see.  

We have been using Sophos Intercept X for probably a little over six months now.  

We have about 1500 endpoints. That is a pretty good volume. While I do not know exactly how to rate it, the scalability is excellent from the standpoint of adding endpoints. We have not run across any issues with the scalability of it. I would tell you that it is very applicable to this company right now and certainly is up to the task of matching our needs.  

To this point-in-time, we have found that the technical support is very responsive. We can reach them by phone and by email, and we get answers to the issues and questions we bring up.  

I think the initial installation and setup were very straightforward.  

Once the rollout started, we had to incorporate 1500 devices — and that is just the desktops alone. It probably took about two months. The amount of time it took was because of the scale of resources dedicated to onboarding the solution. It was not because of distribution.  

We did not need to use an integrator or consultant for deployment. It was all done internally.  

We did evaluate other options before choosing Sophos. For example, we looked at Sentinel One. We also looked at a couple of different solutions like Trend Micro and CrowdStrike. Looking at those four seems to have been a good enough comparison of products in the category.  

My biggest bit of advice for people taking on Intercept X is to train your staff on all of the functions of that solution. There are a number of solutions within the one product and it is best to know how to use them all and if they apply to your circumstances.  

The biggest lesson we have learned from using Sophos is that the product can be a bit overwhelming with information and data. That is the situation where your training and your resources come into play.  

Make sure you have a complete plan to utilize the tool or you will have pieces that are just sitting there and nothing is happening to utilize them. There are a lot of capabilities that the solution has and you need to make the effort to discover them.  

On a scale of one to ten (where one is the worst and ten is the best), I would rate Sophos Intercept X as probably about a nine-out-of-ten. It is not until you see other applications like CrowdStrike and do a comparison to see what they can do that you really have an idea of what applications in the category are capable of.  

We are a small consulting group. We are not really end-users but we sell to them. We are primarily recommending Sophos Central Intercept X as a client solution for endpoint security. They are going to be using it for the security apps, their desktops, and there is a server version as well. I would think that someone buying the server product would expect that to include endpoint security, including ransomware protection, advanced threat protection, and zero-day threat protection.  

Many of our users also use Sophos firewalls and the solutions integrate with each other nicely.  

I would say that the most valuable features are the cloud administration and the strength of the ransomware protection.  

The one thing that I think probably needs the most attention with this product is the technical support. Some of our customers are starting to complain about that.  

It is a good product, generally. I can not really give it any criticism or go on about missing or broken features. I have got nothing to say that needs improvement other than the support.  

We have been recommending Sophos to users for maybe four years. The proper product name is actually Sophos Central Intercept X Advanced.  

I do not know of any limitations having to do with the scalability of this product. We are a small company so the number of clients that we have is not that large. The total would be maybe around 10 clients. The number of endpoints under management for those clients that we are involved with is about 1000. I do not see that we are even close to any limitations in scaling this product with those numbers.  

The one thing that needs the most attention according to our customers is the product's technical support. We do not really hear anything about the product having larger issues but there have been a few comments on the gaps in tech support.  

The initial setup is probably straightforward but there are times when it could be difficult. We are about to do a project where we are going to have to replace a Symantec product. We will see how hard that is to do. The potential problems have more to do with a question of how difficult it is to remove Symantec completely than it is about installing Sophos. There is a tool from Sophos for doing a replacement. We had not used it before so we will get to see how well it works.  

The deployment is quick. It just depends on the environment. If you have a lot of remote sites, that could take more time. If you got to replace something, you never know how hard it is going to be because of how another product sets down its roots. There is a point where you have to just do as well as you can and then deal with issues if any arise.  

When we deploy it into client sites we are the integrators and consultants for the deployment. It deploys as you would expect and there are no surprises. Again, it could be hard to remove an existing solution.  

Intercept X for endpoints is around $35 per user per year. The server version is $95 per server per year.  

I would advise anybody who is using a Sophos firewall and is looking to migrate to another solution to give Intercept X the serious consideration it deserves because the Sophos firewall integrates well with the Intercept X solution and that is an advantage.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this solution as a nine-out-of-ten.  

We use the tool for complete surface deployment. My company uses it not only to manage endpoints but for mobile management as well. 

I am impressed with the tool's common dashboard feature. The solution is also easy to deploy and manage. Reporting is also easy with the software. 

The tool should be made compatible with Linux and Microsoft operating systems. 

I have been working with the tool for five years. 

The product's stability is really good. It is a solid solution. I would rate the solution's stability a nine out of ten. 

The tool is scalable. I would rate its scalability a nine out of ten. 

The product's tech support is good. 

The product's deployment is easy and straightforward. The tool's deployment is quick and gets completed in an hour. 

The solution offers both a three-year license and an annual license. I would rate the product's pricing a one out of ten. 

I would rate the solution a nine out of ten. The tool is a really good product. If you are looking to use the solution, give it a try. You will not be disappointed with its use. Most of the tool's competitors have either difficulty in management or installation. We have used all of them. 

The main use case is to have the reversible ransomware attack aspect of Intercept X. It's more of an antivirus solution rather than an EDR solution - a slightly different product to Carbon Black in that respect.

The scalability capabilities are fine.

The stability on offer is fine.

The initial setup can be a little complex. 

The deployment part needs to be improved. It doesn't feed into our SOCs. That's the only thing we have to try and figure out - how we're going to do that. The SOC is our interface with our security partners who monitor our security events. That's done for us on a 24/7 basis.

I've worked with the solution for five years. It's been a while.

We haven't had any issues with stability. It doesn't crash or freeze. It's reliable. 

The entire organization uses Sophos right now. It's pretty ubiquitous.

The solution can scale well, even on our hardware. it hasn't been an issue. 

We also use Carbon Black, although we use it in a bit of a different way. Carbon Black is also easier to set up than Sophos.

The initial setup is a lot harder than, for example, Carbon Black. It's more difficult and complex. Its implementation isn't exactly easy.

It took us a few months to finally get it set up. We ran into some issues.

We're just a customer and an end-user. We don't have a business relationship with Sophos.

The solution is deployed on hardware as well as virtual machines. 

I would rate the solution at a seven out of ten overall. 

We use the solution for endpoint protection and particularly against ransomware. There is CryptoGuard capability within Intercept X. They're also competitive, so people actually leverage it to test the environment against ransomware. It also has the capability to send a warning in any attack. Say they want to assist in the environment so that we are able to run a case incident. I know what has happened, what's happening right now, and then probably what we need to be concerned about.

We have used the solution on-premise previously, but we currently use it on cloud.

I'm aware the on-premise is fading out, so I'm migrating other clients that are running companies to the cloud.

The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit. It would have actually hit the environment before it was protected and Sophos was able to prevent it from ruining the environment. Sophos does this with the firewall to be able to achieve synchronized security, whereby we are able to see an automatic isolation of infected devices or compromised devices on the network.

The detection and the AI capabilities should be improved upon. I also find it narrow of an attack. Even though we have Sophos running on the network, we still have the system being hit. That was probably because Sophos is not running our data. 

Improvement should actually be made on remote capabilities. I would like to see additional features that provide capabilities that show a lot of sources that the attackers are actually making.

I have been using this solution since it was released. We are working with the latest update.

The solution is stable and reliable.

It is easy to scale.

Technical support is good.

Previously, I worked with McAfee. I also have experience using Kaspersky.

McAfee has a component for exploit prevention which works similarly to Intercept X. I've actually seen Intercept X working better than that, especially because in Intercept X you're also leveraging from machine learning.

It's a big issue that there isn't a way to do remote deployment. It's actually difficult because you have to depend on a third party to make sure it actually works. I'm inexperienced on third party use, and it becomes very tedious and almost unmanageable. We have to start helping customers fix their issues at no cost.

The solution requires maintenance, but it is automated.

It's not bad, but compared to competitors, it's a little bit on the high side. The price could be more competitive.

I would rate this solution 9 out of 10. I would recommend Intercept X to other users.

We primarily use the solution for security. We protect the computer network from threats as some users had some kinds of malicious threats. We have some policies for web control. and have used this solution to find some unwanted traffic and some unwanted site access by some users. 

The server protection has been great. That's been the best thing for us.

The reporting has been very useful.

 We have found that the EDR functionality has been very good.

The setup process has been very simple. 

The solution has been very stable so far.

You can scale the solution if you need to, and it is an easy process.

We have found the pricing to be reasonable.

We would like the solution to be more complete so that we don't have to involve so many third parties.

We would like more application control in order to be able to schedule times and access. For example, we'd like to set it so that certain documents can only be accessed between 8 AM and 4 PM.

We did a POC with the solution that lasted six months. It's been in the production environment for three months. Therefore, for almost nine months we have been running on Sophos.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We have about 450 devices on this solution.

Currently, we have 3 administrators. There are only 2 super admins and 2 other users for the control panels, et cetera.

We use this solution on a daily basis.

The product is scalable. After we purchased only one user license, we decided to do an installed service also. It's a one or two-minute process in order to provide a temporary license for 1 month and, after that, we hope to stay covered. Therefore, we do have plans to increase usage.

Technical support has been good. During the installation process, we had the principal change, and it didn't affect the process. They have been very helpful so far. We have no complaints. 

We did use Kaspersky.

There were ultimately some issues with the Kaspersky team in Sri Lanka and with the principal in Kenya. We didn't have support from the principal. We had issues for two or three years. We ended up having to change the product and we were with Kaspersky for maybe 8 years.

The initial setup is not difficult to manage. It's very easy and very straightforward. 

With six people we were able to complete the setup.

So far, the maintenance has been little to now. The deployment that is connected to the internet automatically updates, and sort of maintains itself.

We did have some external help for the implementation process. 

The pricing is good.

For testing purposes, we did try a variety of solutions. This product, however, was simple, the cloud was good, and the pricing was reasonable. 

We are using the latest version of the solution.

We are using the cloud version of Sophos, however, there are some computers that are not connected to the internet, so we have to install something locally on-site as well. We are half on-premise and half in the cloud.

I would recommend the solution to other companies.

We've been satisfied with its capabilities. I would rate it at a nine out of ten.

It is easy to interact with, and its cost is also good.

The Data Loss Prevention module can be better. It should also have threat hunting capabilities.

I am really new to it because I just joined a new organization. It has not even been two weeks.

Its stability is good so far.

It is scalable.

Its cost is good.

I would recommend it for small and medium enterprises. I would rate Sophos Intercept X a six out of 10.

We use this solution to protect all of our computers against viruses — malware in general.

It does its job — it protects us from viruses. We don't really interact with it very much. 

It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources.

We're interested in some behavioral analysis regarding activities on all of our networks so that we can anticipate intrusions and problems before they occur. My understanding is that Sophos doesn't provide such a facility. Darktrace seems to offer an artificial intelligence solution along these lines. 

I have been using Sophos Intercept X for roughly two to three years. 

This solution seems very stable. We just installed it and forget about it.

On the rare occasion that we've asked for help, the IT support company has delivered. 

We have a company that provides IT support for us. They recommended it and they set it up. All we had to do was install the agent on each laptop, which was a pretty easy thing to do.

The price of this solution is reasonable. 

Overall, on a scale from one to ten, I would give this solution a rating of eight.

I would recommend this solution; it does its job as far as I'm aware. I can't tell you if it's better or worse than other software packages for security. It's the one suggested by our IT services provider. It seems to do the job. We're a bit bothered about the performance hit on the laptops, but other than that, it seems fine.