Sophos Intercept X Room for Improvement

Mike Parsons
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?" I see that all the time. That's a question I always have in the reports I give my customers. "Okay. So this happened last month. And as you can see, there were all these attacks knocking at the door, but none were allowed through." If someone got through, then I'm going to be concerned. View full review »
Mohamed Y Ahmed
Technical & Pre-Sales Manager at GateLock
I guess really the best part of the package is the same thing that could use the most improvement. The machine learning is good and it is already developed in the database and its engine. I guess they already have processes to cover more intelligent attacks. I am not sure about the improvements possible in this area. They have developed it to discover new attacks. But it is just an engine. There are no features that users have to look inside it. I think allowing more user modification could improve this at least for purposes of customization. But I don't know if it is possible and it is just to continue to improve on what already works. As far as added features, I would like to see some type of event management in the product. It should not just depend on the logs only. It would be something to deal with the events on PCs in a similar way to enhance the effectiveness of Intercept X and EDR. View full review »
reviewer1238874
Network Administrator at a tech services company with 11-50 employees
What I think Sophos can improve is with the data-loss feature, especially when it comes to using USB sticks and USB hard disks. The feature blocks access to these USB sticks and disks and there seems to be no immediate workaround for that. Our customer was not satisfied with the feature. We actually ended up having to deactivate this feature because it is too aggressive and could not meet the client's needs. View full review »
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: July 2020.
441,726 professionals have used our research since 2012.
Charles Golliday
Manager of Information Security at a healthcare company with 201-500 employees
Refreshing the reports could be improved. It looks like sometimes when systems no longer exist those systems can still show up on the reporting. For example, if you spin up a virtual desktop and a virtual server, and then you change the name of that virtual server, what happens is Intercept X still maintains a record of the device by the old name. It does that even though it no longer exists in the system because the name has been changed. So, refreshing the data is probably something that needs to be addressed. I can not really address what I think needs to be added to the product right now because I still think our organization is focusing on learning what the product can do and discovering the capabilities. I have been so involved with it from the perspective of understanding what it does currently that I am still trying to figure out what else we would like to see. View full review »
reviewer1418319
IT Infrastracture Consultant at a healthcare company with 201-500 employees
Sophos Central does not provide all of the information that is available, so it requires us to take the additional step of retrieving details from the firewall. It would be more productive if the information between Sophos products were automatically correlated and updated in Sophos Central. When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two. Automatically correlating these events would save us time. View full review »
reviewer1265718
Founder at a tech services company with 1-10 employees
The one thing that I think probably needs the most attention with this product is the technical support. Some of our customers are starting to complain about that. It is a good product, generally. I can not really give it any criticism or go on about missing or broken features. I have got nothing to say that needs improvement other than the support. View full review »
Hassan_MOUSSAFIR
Chief Information Security Officer at Wafa assurance
It would be a value-add if they can include integration with other technologies or solutions, like Fortinet, Blue Coat, etc. View full review »
Matteo Mazzei
CTO & CISO at Aksilia Srl
The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions. Sophos would benefit from a cloud server implementation on top of the cloud provider (whether it's Google, Amazon, Azure, etc.). The solution is great, however, it's still intended for traditional off-cloud usage. It's focused on endpoint protection of the end-user. It's less targeted on servers, especially Linux or newer implementations that have microservices contained within the environment. View full review »
Alex Clerici
System Integrator IT Manager at Tecnimex srl
Something that could be improved is to better integrate all different platform available at the moment (not only allow pcs, servers but also other o.s. platforms, Android & IOS and so on too). It should be more user-friendly, automated and able to manage and analyze the logging of the operation, provided that Intercept X is one part of a more complete security solution (Syncronized Security - between firewall, endpoint, mobile devs). Logging & reporting is very important for us, especially in Italy. View full review »
reviewer1138731
Security Engineer at a tech services company with 51-200 employees
The price of this solution can be improved. The lesser the price, the more people will purchase it in the future, and it will become more popular and more widespread. View full review »
Israel Caravantes
CIO LATAM at i-Track Systems Development, S.A. de C.V.
In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit. View full review »
Majid Nassir
IT Manager at TAP30
Sophos Intercept X has room for improvement in the user management of live events. They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event. View full review »
reviewer1413273
Senior Security Consultant at a tech services company with 1,001-5,000 employees
The pricing could be a bit lower to match the normal retail pricing. View full review »
Ahmed Mohamed Abdelmaged
Network Security Engineer at Gateworx
Sophos Intercept X has room for improvement. We need a new version and more third-party solutions for Intercept X. Intercept X is on the cloud and some customers and some users prefer to have on-premise solutions. We need to generate a new product for Intercept X on-premise. Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond. Then I could get support for my issue or my problem faster. View full review »
reviewer1416969
Network Engineer at a tech services company with 201-500 employees
There are a lot of things that can be added based on the user's need for the solution. Where this solution has room for improvement generally is in the integration with Sophos Central and firewalls. View full review »
reviewer1291920
Head-Information Technology at a real estate/law firm with 201-500 employees
I would like to have a built-in firewall, rather than having to integrate one. Having both a personal firewall and an endpoint firewall would be an improvement. It does have firewall monitoring capability but it is integrated with the Windows firewall. Having their own endpoint firewall would be better. View full review »
LuukRos
Consultant at a tech services company with 5,001-10,000 employees
To be a perfect product, the price would have to be a bit better. View full review »
Andrey Rogov
CEO at a government with 1-10 employees
This product has room for improvement in business areas for brand enterprises. Sophos Intercept X could improve in areas dealing with business, i.e. their internal processes. View full review »
reviewer1156602
Technology Solutions Specialist at a tech services company with 501-1,000 employees
We’ve only been using the solution for two months, so we don’t have a grasp of the full system to comment too much. They might want to offer an MSP model for licensing, to offer the solution as a software as a service. View full review »
seniorse527517
Senior Security Consultant - Checkpoint Technologies at a tech services company with 11-50 employees
We haven't had any issues with the solution, so I can't speak to any improvements that can be made at this time. View full review »
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: July 2020.
441,726 professionals have used our research since 2012.