We just raised a $30M Series A: Read our story

Sophos Intercept X OverviewUNIXBusinessApplication

Sophos Intercept X is #6 ranked solution in EDR tools and #8 ranked solution in endpoint security software. IT Central Station users give Sophos Intercept X an average rating of 8 out of 10. Sophos Intercept X is most commonly compared to Microsoft Defender for Endpoint:Sophos Intercept X vs Microsoft Defender for Endpoint. Sophos Intercept X is popular among the large enterprise segment, accounting for 41% of users researching this solution on IT Central Station. The top industry researching this solution are professionals from a comms service provider, accounting for 28% of all views.
What is Sophos Intercept X?

Sophos Intercept X stops the widest range of attacks with a unique combination of deep learning malware detection, exploit prevention, anti-ransomware, and more.

Sophos Intercept X was previously known as Intercept X.

Sophos Intercept X Buyer's Guide

Download the Sophos Intercept X Buyer's Guide including reviews and more. Updated: November 2021

Sophos Intercept X Customers
Flexible Systems
Sophos Intercept X Video

Archived Sophos Intercept X Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
ITCS user
Senior Security Consultant - Checkpoint Technologies at a tech services company with 11-50 employees
Consultant
A solution that offers good forensics, good ransomware mitigation, and good stability

What is most valuable?

The forensics within the solution are quite good. The ransomware mitigation is also impressive.

What needs improvement?

We haven't had any issues with the solution, so I can't speak to any improvements that can be made at this time.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and technical support?

The technical support of the solution is satisfactory. We've never had any problems or issues dealing with them.

What other advice do I have?

We're a reseller for Sophos. The newest release has got the EDR, so I think they're moving in the right direction in terms of the development.  I'd rate the solution ten…

What is most valuable?

The forensics within the solution are quite good. The ransomware mitigation is also impressive.

What needs improvement?

We haven't had any issues with the solution, so I can't speak to any improvements that can be made at this time.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and technical support?

The technical support of the solution is satisfactory. We've never had any problems or issues dealing with them.

What other advice do I have?

We're a reseller for Sophos.

The newest release has got the EDR, so I think they're moving in the right direction in terms of the development. 

I'd rate the solution ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
LuukRos
Consultant at a tech services company with 5,001-10,000 employees
Consultant
Range and restriction features make this a good choice for customers who want endpoint protection

Pros and Cons

  • "The most valuable features are the range and restriction."
  • "To be a perfect product, the price would have to be a bit better."

What is our primary use case?

The primary use case is for protection. We sell this solution to our customers.

What is most valuable?

The most valuable features are the range and restriction. This is why our users choose Intercept X.

What needs improvement?

To be a perfect product, the price would have to be a bit better.

For how long have I used the solution?

I have been using this solution for two years.

What do I think about the stability of the solution?

This solution is stable.

We haven't had any issues with Sophos Intercept X and we haven't had any complaints from our customers.

What do I think about the scalability of the solution?

This solution is scalable.

We have one customer who is scaling quickly, increasing by ten to twenty users each month. We sell them new licenses, put them in their client central, and all they have to do is pull it out to their new devices. 

How are customer service and technical support?

We have contacted Sophos technical support in the past, but not Intercept X.

How was the initial setup?

For our customers, the deployment of Sophos Intercept X is easy and it's easy to manage.

What's my experience with pricing, setup cost, and licensing?

The price is pretty good.

Which other solutions did I evaluate?

For my customers who do not want the range and restriction features, I instead recommend using Windows Defender.

What other advice do I have?

I would recommend this solution if they want endpoint protection.

Always check the Sophos Central to make sure that the device is activated with the current updates and scanning.

Customers should log onto the portal to see if the scan has been updated.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,586 professionals have used our research since 2012.
RR
Technology Solutions Specialist at a tech services company with 501-1,000 employees
Reseller
An excellent protection against ransomware that’s stable and easily scalable

Pros and Cons

  • "After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works."
  • "They might want to offer an MSP model for licensing, to offer the solution as a software as a service."

What is our primary use case?

Clients primarily use the solution for ransomware.

What is most valuable?

There isn’t a specific feature; the solution itself secures your infrastructure. We had a partner whose client was using a different solution that was hit by ransomware recently. It was an inferior product and it didn’t protect them. They didn’t buy a license to protect them for ransomware. After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works.

What needs improvement?

We’ve only been using the solution for two months, so we don’t have a grasp of the full system to comment too much.

They might want to offer an MSP model for licensing, to offer the solution as a software as a service.

For how long have I used the solution?

We’ve been a distributor of the solution for two months.

What do I think about the stability of the solution?

The solution is pretty stable.

What do I think about the scalability of the solution?

The solution is easily scalable to thousands of users. It’s very capable.

How are customer service and technical support?

So far, we haven’t had to deal with technical support at all.

How was the initial setup?

The initial setup is easy.

What other advice do I have?

We are distributors of Sophos.

I’d rate the solution ten out of ten. I think Sophos is at the top of their game and offering a good protection solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
LB
Security Engineer at a tech services company with 51-200 employees
MSP
Good performance, flexible, and powerful centralized policy management

Pros and Cons

  • "All of the features are very important for anyone who is supporting a large number of computers."
  • "The price of this solution can be improved."

What is our primary use case?

I work with a number of Sophos products, mainly those managed through Sophos Central.

I provide general support for this solution, and my experience is with deployment and some configuration. I have been using the premium edition at home for more than a year, and have been dealing with training and support for approximately six months.

We are using this solution for cloud-based support, and using a cloud-based deployment.

How has it helped my organization?

We provide managed services to Sophos clients as part of our business offering.

What is most valuable?

The performance of this solution is good. This product does not overload the machine, even on relatively old hardware. It is a good experience in terms of CPU utilization, and how many of the cycles are going to the antivirus scanner.

This solution is easy to install, and it is flexible in terms of configuration.

The centralized management is a great feature for assigning certain policies to machines.

All of the features are very important for anyone who is supporting a large number of computers.

What needs improvement?

The price of this solution can be improved. The lesser the price, the more people will purchase it in the future, and it will become more popular and more widespread.

For how long have I used the solution?

I have been using this solution for more than a year.

What do I think about the stability of the solution?

I have never seen the "Blue Screen of Death" based on interactions between Sophos and the operating system. Similarly, I have not seen the computer stuck, or frozen during the virus scanning process. My overall impression of stability is very good.

How are customer service and technical support?

I would rate the technical support for this solution a nine out of ten.

What other advice do I have?

This product works as expected. From the point of view of a Sophos Trainee and Sophos Support Specialist, I admire what this product is doing. It is flexible and the management console is easy to work with.

Overall, this product is doing fine and I have nothing to complain about.

My advice to anybody who is researching similar solutions is that if they are looking for something that is simple and reliable, then this is a good choice. There will be less effort from the local IT support, and they will have well covered and protected endpoints. If they are not willing to spend a lot of time designing policies, precisely tuning everything for maximum performance and protection, then Sophos is the best choice. With very little effort you have a fully functional and very secure system.

Sophos is the best in its class, although there are no perfect systems.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Mohamed Y Ahmed
Technical & Pre-Sales Manager at GateLock
Reseller
Top 5Leaderboard
Provides dependable, intelligent attack defenses and is easy to manage and work with

Pros and Cons

  • "It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
  • "The product defends very well on its own but could possibly use enhancement in giving users more controls."

What is our primary use case?

We are providing this product and support for it in many sectors like health care, retail, sports, and communication sectors. We are also working with Sophos, but with Sophos Endpoint, not XG, or Sophos UTM. We work with Raya (Contact Center) that provides services here in Egypt (they are also using Sophos 550 XG models).

How has it helped my organization?

It improves organizations by providing dependable, intelligent attack defenses.

What is most valuable?

The most valuable feature in Intercept is its engine for machine learning. It is awesome. Its detection capabilities are saving many of our customers' databases from ransomware and other random attacks. The most interesting thing in the Sophos center is the EDR. It is easy to manage and work with. There is no need to have a cyber-security team define its tasks. In the next few years, it will be an agent EDR.

What needs improvement?

I guess really the best part of the package is the same thing that could use the most improvement. The machine learning is good and it is already developed in the database and its engine. I guess they already have processes to cover more intelligent attacks. I am not sure about the improvements possible in this area. They have developed it to discover new attacks. But it is just an engine. There are no features that users have to look inside it. I think allowing more user modification could improve this at least for purposes of customization. But I don't know if it is possible and it is just to continue to improve on what already works.

As far as added features, I would like to see some type of event management in the product. It should not just depend on the logs only. It would be something to deal with the events on PCs in a similar way to enhance the effectiveness of Intercept X and EDR. 

For how long have I used the solution?

I have been using Sophos Intercept for six years

What do I think about the stability of the solution?

The stability of the product is very good as is the performance. As it works in the background there is never instability in the form of hanging at the work stations or producing false positives. It is very easy to deploy, very simple to use, very light on the operating systems' resources. But there are some guidelines that customers or anyone making the deployment have to keep in mind. They have to make rules and use the product intelligently to avoid any extra false positives or any performance issues. For example, they will want to make full scanning of the environment in times where there is a lower load on the system — in off-hours and not during the prime-time hours. But that responsibility is on the operator. 

The performance of the product itself is very stable and very good.

What do I think about the scalability of the solution?

Scalability can happen in one click. If you have another device to add to the environment, you just make the deployment from the server on-premises. The customer does not have to depend only on the cloud server to scale. They also have an on-premise server that makes the rules between the cloud and the LAN environment to avoid any internet disconnects, or bandwidth and performance issues. They can depend on the cache server to communicate on behalf of the client to the on-cloud dashboards.

How are customer service and technical support?

I personally think the company's technical support is perfect. They always address issues satisfactorily.

How was the initial setup?

The initial setup is very straightforward.

What about the implementation team?

I am not just using it in our department, we are also dealing with installations for customers. We play the role of IT. We enable Sophos products for partners. We do all the work if the customer doesn't have a technical team. We make projects for implementation and providing training.

What other advice do I have?

On a scale from one to ten, I would rate Intercept X as a nine out of ten. I don't think I can rate any software security product a ten because nothing in software security is100%. 

We are deploying Intercept X on Cloud, not on-premises. The reason for this is because the previous versions of Sophos made the agents different between the anti-virus, endpoint and the Intercept X. Now with the Cloud, Sophos is making one agent for the three technologies — the endpoint, Intercept X, and EDR (Intelligent Endpoint Detection and Response). The three components are in one agent and managed by one dashboard, Sophos Central.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Alex Clerici
System Integrator at Tecnimex srl
Real User
Top 5
It is very stable and I like the monitoring I get over my clients

Pros and Cons

  • "A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
  • "The initial setup was not very user-friendly."

What is our primary use case?

Our primary use case for this solution is to offer a complete and monitored solution regarding ransomware protection to all my clients & servers.

How has it helped my organization?

Sophos improved our organization allowing us to setup a very efficient solution, cloud managed, introducing a new modern concept: Syncronized Security (between Firewall and end-point)

What is most valuable?

A valuable feature offered by Sophos is called Naked Security and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client. So we have a central management console where we can observe and act and manage all our customers. It's like a proper perfect solution.

What needs improvement?

Something that could be improved is to better integrate all different platform available at the moment (not only allow pcs, servers but also other o.s. platforms, Android & IOS and so on too). It should be more user-friendly, automated and able to manage and analyze the logging of the operation, provided that Intercept X is one part of a more complete security solution (Syncronized Security - between firewall, endpoint, mobile devs). Logging & reporting is very important for us, especially in Italy.

For how long have I used the solution?

We've been using Sophos Intercept X ( /products/sophos-intercept-x-reviews ) for two to three years now on public cloud.

What do I think about the stability of the solution?

I am satisfied with the program's stability. There were some maintenance problems, but very rarely. We generally receive an alert from Sophos when there will be maintenance operations, so we can plan accordingly.

What do I think about the scalability of the solution?

The program is very scalable. We have about 300 computers, servers, work stations and mobile devices in our company. We have one staff member who is responsible for maintenance. We are all system integrators in our office and we plan to increase our usage soon.

How are customer service and technical support?

The support wasn't very good initially, but they became better. Compared to other brands' support, I'm quite satisfied about the support we get now.

Which solution did I use previously and why did I switch?

We used a few different products to achieve one objective, but now, with Sophos Intercept, we've solved our problem, reducing dramatically manual monitoring activities.

How was the initial setup?

The initial setup was not very user-friendly, but it improved during the evolution. It was rather difficult at first. Our deployment took half a day. Especially if we consider the Intercept X inside the final solution. We had to plan the setup. It all depends on the number of clients, of course. We did everything by ourselves because we are certified partners; we don't need external consultants.

What's my experience with pricing, setup cost, and licensing?

We pay an annual license fee.

What other advice do I have?

My advice to others would be to get certification over time because without certification, it's not so easy to setup and use. Users should familiarize themselves with all the features of the program. On a scale of one to ten, my rating is nine, because of the few missing features that I think should be added in a close future.

Disclosure: My company has a business relationship with this vendor other than being a customer: Silver Solution Partner
Israel Caravantes
CIO LATAM at i-Track Systems Development, S.A. de C.V.
Reseller
Top 20Leaderboard
Enables us to watch the throughputs and the loading of the device to see how much traffic is happening

Pros and Cons

  • "The most valuable feature is the supervisory side of it where we can watch the throughputs, and even the loading of the device, to see how much traffic is happening."
  • "In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit."

What is most valuable?

The most valuable feature is the supervisory side of it where we can watch the throughputs and even the loading of the device, to see how much traffic is happening.

What needs improvement?

In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit.

For how long have I used the solution?

I've been using the solution for 18-20 months.

What do I think about the stability of the solution?

So far, the solution has been very stable.

What do I think about the scalability of the solution?

At the moment, we have no plans to expand further. We might in the next six months or so. I believe it will easily scale. We've just not gone into that yet but it looks promising. At the moment, we have around 50 users.

How are customer service and technical support?

I've only had to deal with technical support in relation to site-to-site VPN problems. I did find them to be very helpful.

What was our ROI?

At the moment, we don't have ROI because we've been given a very generous period of trial for this machine, we've not had to actually spend any money so far. So, in terms of return of the investment, it's not really applicable at the moment.

What other advice do I have?

In terms of advice, I would make sure that, in terms of capacity, to get the right version, to find the right level of device. MX64 is a fairly small business-scale device. We were a bit hesitant about going for that, given the scalability of it at that point. But, obviously, make sure that you go in with enough extra capacity to deal with any increases you have in traffic demand.

If you're setting up a VPN on the MX64, if both ends end up being a Meraki device, then it's simple to set it up. But when it isn't, it's a bit more complex. Eventually, it causes a lot of statistical information that they could provide if the devices are Meraki at both ends. If they could provide that same facility for setups where the network doesn't involve an MX64 or a Meraki device at both ends, that would be great.

I would rate this solution an 8 out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Andrey Rogov
CEO at a government with 1-10 employees
Real User
Good price and stability for firewall security but we had problems with using the software

Pros and Cons

  • "We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
  • "Sophos needs to create a YouTube channel with educational material for technicians or engineers."

What is our primary use case?

We develop software for brands and some enterprise companies. We need Sophos Intercept X to create hardware and software solutions. 

We need to create research for a next-generation firewall security solution. We offer software and hardware solutions for banks, enterprises, and big companies.

How has it helped my organization?

We had some technical problems. Maybe in the new update of this solution, they could fix some technical bugs. 

Sophos Intercept X has slow internal processes that could be better. Because of this, it hasn't improved our organization.

What is most valuable?

We most value the price and interface quality with Sophos Intercept X. We focus on solution quality.

What needs improvement?

This product has room for improvement in business areas for brand enterprises. Sophos Intercept X could improve in areas dealing with business, i.e. their internal processes.

For how long have I used the solution?

I have been using this solution for six months.

What do I think about the stability of the solution?

For the stability of the solution, I had some problems with uptime.

How are customer service and technical support?

Technical support could be of better quality.

How was the initial setup?

The initial setup was complex. Our deployment took six months to one year. It took us around one year to fully set up Sophos and get it running to take action for work.

What about the implementation team?

For the deployment, I set it up myself.

What other advice do I have?

Sophos needs to create a YouTube channel with educational material for technicians or engineers.

I would rate Sophos Intercept X at seven out of ten because of the technical problems that we have experienced.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Majid Nassir
IT Manager at TAP30
Real User
Integrated anti-malware, next-generation firewalls, and IPS for network security solutions

Pros and Cons

  • "We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
  • "They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."

What is our primary use case?

Our primary use case is the interception solution in Sophos Intercept X.

How has it helped my organization?

We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization.

What is most valuable?

The future's about anti-malware, next-generation firewalls, and IPS. We value the IDS features of Sophos Intercept X the most. This is the best solution that we use and need.

What needs improvement?

Sophos Intercept X has room for improvement in the user management of live events.

They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event.

For how long have I used the solution?

I have been using this solution less than a year.

What do I think about the stability of the solution?

The stability of this solution was great. Sophos is a very powerful tool for all of our needs.

What do I think about the scalability of the solution?

We have an enterprise company. There are branches all over the world. Support for 50 schools over the internet is what we're supposed to intercept. It is scalable.

We have about 500 end users. For deployment and maintenance, we require just a few people. It is done by me and one of my colleagues.

How are customer service and technical support?

The technical support is not good because we are in Iran. We don't have any solidarity support from the company. We have some sanctions on. We just handle everything by ourselves.

Which solution did I use previously and why did I switch?

Before Sophos, we had older hardware that was not able to handle this software. We decided to change the solution to the Sophos device.

How was the initial setup?

The setup of Sophos Intercept X was straightforward. Our deployment took about two days, each day six to seven hours of work.

What about the implementation team?

We have used both consultants and a reseller.

What's my experience with pricing, setup cost, and licensing?

We renew the license for one year at $10,000.

What other advice do I have?

Sophos Intercept X is easy to deploy. It has all the features for a small, medium, or large scale business. On a scale from 1 to 10, I would rate this product an eight. 

The security of other devices on Cisco is more reliable and stable, but the user control in Sophos is a feature that Cisco doesn't have.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Ahmed Mohamed Abdelmaged
Network Security Engineer at Gateworx
Real User
We use the on-premise version for intercepting bad network traffic requests

Pros and Cons

  • "It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users."
  • "Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond."

What is our primary use case?

We use the on-premise version of Sophos Intercept X for intercepting bad network traffic requests. Sophos has two versions: one for on-premise, one for the cloud. 

Many of our customers prefer to have the on-premise solution.

How has it helped my organization?

I install Sophos Intercept X on the customer's site by myself. There is no need for extra people for the configuration.

What is most valuable?

Sophos Intercept X has a lot of excellent features. It's a very powerful tool.

What needs improvement?

Sophos Intercept X has room for improvement. We need a new version and more third-party solutions for Intercept X. 

Intercept X is on the cloud and some customers and some users prefer to have on-premise solutions. We need to generate a new product for Intercept X on-premise.

Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond. Then I could get support for my issue or my problem faster.

For how long have I used the solution?

About three years ago, I started to use Intercept X. It's a very powerful tool from Sophos.

What do I think about the stability of the solution?

The stability of this solution is the best. I tried many solutions to intercept at the end-point.

What do I think about the scalability of the solution?

It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users. Sophos Intercept X is easy to configure and very simple to set up. 

The scalability of this product will be very easy.

How are customer service and technical support?

The technical support is very easy for Sophos. If you want tech support, it can take a lot of time to respond. I get support from Sophos, but it takes one or two days for them to respond.

Support can be improved if they could respond more quickly.

How was the initial setup?

The initial setup is very straightforward. All of the features for deployment take only about ten minutes to fifteen minutes to install at most.

What other advice do I have?

On a scale from one to ten, I would rate Sophos Intercept X at a nine because we had some problems with technical support.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Sophos Intercept X Report and get advice and tips from experienced pros sharing their opinions.