Sophos SafeGuard Reviews

We primarily use the solution as an endpoint antivirus action for the system.

In terms of security, we were a bit lacking before we introduced Sophos. I was using another Endpoint solution before. While we were using that, I realized that I was seeing a few security challenges. The biggest plus for me is the fact that I could manage web traffic, web services or other traffic using the Endpoint solution. I can lock it, and basically I'm the only person that can control everything. 

I use all the features. they're all excellent. One of the aspects of the solution that I like the most is the fact that I can control my peripherals without having to use it for part of the application.

With Sophos, I only need to generate the password and give that to a user to be able to allow them to log in to the admin page of the Endpoint and do whatever they need to do. The user cannot go ahead and uninstall it. It's kept us much more secure because of this. Should any event happen on a particular system, I'm given the username and the system IP address. I get notifications and can deal with issues right away.

With Central Synchronisation, the Sophos Endpoint can be linked with Sophos firewall to constantly monitor the health status of computers on your network.

A policy on the health status of each computer can be configured to determine actions that will be take should a computer be found infected.

if the health status of the computer changes, the computer can be denied access to the internet and other segments of the network and reported to the admin and Sophos Endpoint will disinfect the system, report the health status to Sophos firewall and access to the internet and other segments of the network will be granted to the computer.

all of these is done without human intervention.

Sophos Sandstorm is a powerful, cloud-based, next-generation sandbox that detects, blocks and reports on ransomware and evasive threats. A sandbox is an isolated environment used to execute suspicious files attached to emails and downloaded from websites to determine if they contain malware

If you're talking about technical support, their endpoint support needs improvement. Their UTM is doing well, however.

If it's possible, they should make all the features available because it's got a lot of features on offer, but you have to buy the license in order to add those features to the normal Endpoint. If they could make all those features available and/or offer a bundling option it would be better.

I've been using the solution for two years.

The solution is 95% stable.

In terms of scalability, if you have a license, you could add more licenses, except that, for instance, if I already bought a 50 user license, and then I want to buy an additional 50 later. The new license will not read the new date. It will be reading the old date of the old license. Both license will expire at the same time. In that sense, I don't think it's really that good for scalability purposes. 

Currently, we have 110 users. We have plans to increase usage in the coming months.

The customer service has really improved.

They ensure that your case is treated same day and assign a case ID for future reference.

We previously used Kaspersky Advanced. We switched because we discovered that there were a lot of features that we didn't have on Kaspersky that were available on Sophos. One is Intercept X which takes care of whatever infection there is on your system before you even know it.

You could synchronize Sophos Endpoint with a Sophos UTM and define which system or what category of system should be allowed access to the internet, based on their health status. That's not available with the previous antivirus I was using.

In the end, Sophos gave us a better price, with better features and better offers.

The initial setup was straightforward, except for the fact that because it has to download the installation file online, it takes a while. It would be easier if they could make an offline installation possible. Deployment takes from 20 minutes and up.

I handled the implementation myself.

We have a yearly license with Sophos which is around $1000-$1200 or so per annum. There are no additional costs beyond the standard licensing fee.

We did not evaluate other options before switching from Kaspersky to Sophos.

We use the on-premises deployment model.

I would recommend the solution. New users should ensure that they get every module that they need. 

I had a friend whose server was attacked by ransomware. It became a challenge for them. However, by installing Sophos Intercept X for servers, you could lock down that server, so that no executive file or no program would run unless you unlock them. The programs that would function would only be the ones that you have listed on Sophos. I didn't know that existed until I started using Sophos Endpoint. The antivirus is not just running on my system to protect it against viruses, it's also allowing me to lock my systems so that nobody can execute anything without my authorization. It gives me enormous peace of mind.

I would rate the solution ten out of ten.

The customer needs a complete end-to-end solution to protect and synchronize their data.

The most valuable feature is the synchronized security. It's a unique feature on the market at this time only offered by Sophos. As a reseller, we often win bids and get clients because of this unique trademark feature.

It's a complete end-to-end solution, which is a huge advantage. 

It's easy to explain to customers.

We don't have to go from one product to another to address the needs of our customers. Everything you need is in the solution, and the license is embedded in the firewall.

When you compare Sophos SafeGuard to Palo Alto and other enterprise firewalls solutions, Sophos doesn't have the same market. 

Palo Alto targets the SMB market and Sophos would like to approach the enterprise market, but it can be difficult to approach these customers without having the right offering.

Sophos has a rich roadmap to cover this area, but we are not aware of it, so it difficult for us to approach these customers without having the right offering.

In the next release, I would like to see more automation with the endpoint logging, but it's a special feature that is quite complicated to explain. There is a trick to implementing it. You have to implement some scripting into it.

I have been reselling Sophos SafeGuard for three years.

This solution is quite stable, but that was not the case two years ago. There was an issue with the UTM Firewall to the XG Firewall. However, with this latest version, there haven't been any issues.

This solution is scalable.

The project system throughout the entre firewall is the same. This means that we don't have different versions from the smaller to the larger models, making the scalability quite simple.

Our clients have less than five hundred users.

I have not contacted technical support. The service provider that we use filters the issues our customers have.

Approximately five years ago, I was using another solution but it was very different, and everything has changed. We are only dealing with Sophos software solutions. I can't compare it to a solution that I used five years ago. 

The initial setup is quite simple and straightforward.

The length of deployment depends on the environment of the customer and the number of endpoints. On average, it can take four to five days.

Normally, one person is more than enough to deploy this solution, but that person must have network and security experience.

We have a small team in our company to implement this solution for our clients and on occasion, we leverage two other deployment partners.

The maintenance is provided by another service provider that we use, who specializes in this area. They monitor and upgrade this product. Along with the maintenance, they offer a service desk to support the security and the operating system.

The licenses are renewed every three years.

The licenses are dependant on the number of users and computers you have to protect.

This is a complete product that is offering full-feature bundles. 

On occasion, if a customer is looking for better performance with their email protection, I offer a separate appliance for email protection. These features can be extracted from the firewall and used as a separate dedicated appliance to address the issues surrounding email protection. This is for on-premises versions only and is available to everyone. This is an extra feature which would be an additional cost.

It's a good solution for the SMB market but not enterprise.

Sophos is the leading brand for information security. 

Sophos is a complete solution that has a range of firewalls and all of the software bundles from the endpoint to the data center.

Along with our service providers and our team, who have a good understanding of the product, we use Sophos technicians to do the webcast for our customers. This occurs as part of the process, but typically not during the implementation phase.

Most of the time the customer doesn't require special features to be added. 

I would rate this solution a nine out of ten.

We use this solution for encrypting our laptops.

This is an anti-theft solution because I can even encrypt the boot sector, which means that the user has to enter a password to unlock the operating system. If the laptop is stolen then everything is encrypted.

This solution helps us to improve security, especially for sensitive data. It helps to prevent the leakage of data from the laptops.

This solution allows us to easily manage devices from Sophos Central cloud.

Policy deployment is easy and quick to do.

This solution integrates well with the antivirus solution.

I would like to have more control over the files in the Sophos encryption system.

This solution needs to have more data loss prevention techniques. Having a DLP integrated with the encryption engine would be very good.

This is a stable solution. We have had no issues with it.

This solution is used on a daily basis.

The cloud version is easy to scale. I just add a new license with the number of users. It is already deployed, and there is no more configuration.

We have about ten technical people, including admins, and about seventy-five end-users. As the company grows, so will our use of this solution.

The Sophos technical support is very helpful. We can open a chat or email them. They have a knowledge base for all cases of deployment.

Sometimes we have issues that take a long time to solve. They have a lot of teams, so once in a while, we open the case with one person but somebody else completes the ticket. This does not happen for the majority of the time.

We did not use another solution prior to this one.

The initial setup of this solution depends on the deployment model.

The cloud version is very straightforward to set up. Just select the package you want and send it to the client.

The on-premises version is very complicated. You have to first create the policy, then apply it and integrate your Active Directory, then install it on the machines. It's a very complicated process.

For the on-premises version, it takes about fifteen minutes to deploy after the initial setup and configuration. The initial configuration takes perhaps two days. It involves setting the policies for each of the users. 

Our in-house team performed the implementation. There were five people involved.

Licensing for this solution is on a yearly basis. They tell you from day one how much it costs and what features you get. One of the great things about Sophos is if we have any added features that they send out, it will be included in the pricing. The price will not increase.

We evaluated other encryption solutions and we found that this was the easiest one to use, especially with cloud management.

Another reason that we chose this solution is that it is a standalone package. Kaspersky have an encryption solution, but it is part of a bundle with their endpoint solution. The advantage to standalone is that you can use it even if you don't have any Sophos endpoints. 

We are using the cloud version of this solution because the on-premises version does not have anti-ransomware or machine learning capability.

My advice for anybody who is implementing this solution is to also use the cloud version, rather than the on-premises edition. This is especially true if they have teleworkers or mobile users that are often off-premises.

The security of our data is important. One of our teams has a person who lost their laptop, and the team was not using this solution so it was not encrypted. We consider that to be data leakage.

I would rate this solution an eight out of ten.

It is used in environments where there are mobile executives and the data can't be compromised. For example, if a laptop is lost or stolen, you have to ensure that the data is not compromised. I have deployed it at a motor company in the Bay area for securing the local laptops. It is used at a hospital for securing medical records and CFO-related files. It is also used at a Law firm for encrypting pleadings and legal documents. 

I like its ease of use the most. The management console is really nice. I like having one pane of glass that does everything. It does the Sophos anti-virus and encryption. Everything that you need is in one place. It is easy to use, and it is also pretty fast.

It provides some pretty good details, and it lets you know who has access to a file. You can also add additional people to the encrypted documents, which is pretty good. Its stability and performance are also very good.

It just needs a little bit more on the reporting side. Its reporting can be improved a little bit in terms of being able to know that things are in the right status. I should be able to pull a report to make sure that everything is all right. 

It could also have cloud integration. At the time I was using it, it wasn't a cloud product.

I've been in the IT industry for several years. I work with a lot of different companies, and I've deployed and managed Sophos SafeGuard at quite a few companies over a period of about three years.

Its stability and performance were good. I never had any crashes. I didn't notice it causing any performance problems or high CPU usage, making applications slower. 

We had Sophos in the image. We rolled out the machines, so it was already there. It was already part of our base image, and then for servers, we use SCCM. Sophos also has its own console that you can use for deployments, but we didn't use that.

Most of our clients are large businesses. Most of the time, smaller businesses can't afford to call in consultants to roll out stuff for them.

I have never used their tech support.

Different companies used different solutions. They usually switched when their license agreements ran out. The company for which I did the biggest installation had ESET and McAfee ePO. I removed both ESET and McAfee ePO and placed two different environments with Sophos. This switch was a result of viruses happening and not getting caught by their protection systems.

The initial setup of Sophos is also easier than other solutions such as Trend Micro and BitLocker. The setup of both these solutions is much more complex. If you try to go old school with PGP, it has a command-line setup, and it gets a lot more complex.

I am currently using BitLocker, which is a little bit more difficult. You have to use some power show commands. Sometimes, you have to use scripting and create GTOs. There are many different places you have to go to for configuring policies and rules to make it all work. In Sophos SafeGuard, everything that you need is in one place.

It was pretty straightforward. If you don't know how encryption works, it could be a little bit complex, but it would still be easier to do it with Sophos than any other tool in the market, such as Trend Micro and BitLocker.

It is a good product. I would advise calling an expert to deploy it. 

I would rate Sophos SafeGuard an eight out of ten.

The primary use case for this solution is data encryption and decryption.

It is giving our customers the capability to encrypting their sensitive data from being breaches by attackers as even if dropped for any reason in them hands it will be encrypted and not useful. 

It is working for too many kinds of data, data in rest, data in use and data in motion. By full disk encryption, file encryption, portable devices encryption and encryption in the cloud. 

With a familiar dashboard and central management it makes the job easier for IT professionals. 

It is also managed through Sophos Central cloud not all features but it's in them road map. 

Sophos SafeGuard has one of the most perfect advantages, which is the data keys for encryption.

This solution uses an agent, and the agent is talking with many operating systems. It encrypts on the cloud and on the hard disk.

Even if you want to create it with login access before the Windows boot, it is working for the booting process and you can encrypt files on the mobile and use its agent also.

The features that I have found most valuable are encryption tools that encrypt the hard disk and the USB sticks. The data that is moved and the data at rest need to be encrypted.

They are not using the booting encryption because it creates heavy processing on the work station, and that delays the work. Instead, they have chosen to encrypt files that are in transit, or that are in rest only.

The encryption could be improved. If they could find a way to make the encryption and decryption to be the same on the work-stations, it would be better.

Some of the encryption settings have a complex configuration.

Here in Egypt, they don't prioritize the selling of this solution and there is no compliance from the government. There is not enough marketing for this solution. If they give it some priority it will become more familiar to customers. Many of our customers need a solution that uses encryption technology.

The security does not have 100% authentication.

This solution is complex in the development process. Customers are asking for things that are needed in the development and this solution is not easy to develop.

In the next release, I would like to see processing on the appliance and not to install it on any machine. It will be in the network layers and able to communicate with all workstations.

It would be better to have the encryption and decryption processing on the appliance and not on the workstations.

This is a stable solution.

This solution is very easy to scale. It does not need any upgrades. You make it to your sizing and keep it to expand with the company's needs, and they can expand it at any time.

The technical support is very good, but there are delays at times with the response.

The initial setup is straightforward, not complex.

The more customers that use this solution the better it will be in terms of developing or improving the technical issues. It will be an opportunity to have issues resolved as it will give it some importance.

They are progressing and doing some amazing things because Sophos Central is now managing the encryption but not all features.

I would recommend this solution.

I would rate this solution an eight out of ten.

We primarily use the solution for endpoint encryption within our organization.

The management and the removable media encryption are two of the solution's most valuable features, in my opinion. They're very useful.

It's quite easy to integrate Safeguard with BitLocker.

In the latest versions, from Windows 8 onwards, everything is encrypted using BitLocker. What we require is key management, and in particular, policy management surrounding keys. There should be an option wherein I should be able to set the policy to exploit the BitLocker POA keys, and able to manage and reset the keys. Right now, the solution doesn't have this as an option.

From version eight, Windows 8 onwards, SafeGuard doesn't work 100% of the time. So we have to use BitLocker for the encrypting. Only the key management is done by SafeGuard. 

When you have the PPM chipset, you can have the power-on authentication, when you boot up your machine, you can set the six-digit passcode. As of right now, SafeGuard can't manage the six-digit passcode in terms of the expiration, and I need that added as a feature.

I have used the solution for maybe more than five years.

We've found the solution quite effective in terms of stability. There aren't bugs or glitches. We don't experience crashes. It's reliable.

Our organization hasn't run into any issues with scaling. If a company needs to expand its usage, it should be able to do so quite easily.

Currently, it's just my team that handles Safeguard in the company. Not everyone in the organization has access to it. We do use it daily.

We have contacted technical support in the past, and so far I can say that we've been completely satisfied. They've been very helpful and we don't have any complaints to speak of.

The initial setup was quite easy. We didn't find it to be complex.

Deployment doesn't take much time. It depends on the hard disk. Most installations shouldn't take more than thirty minutes at a maximum to finalize.

Our team was able to deploy the solution ourselves. We didn't require an integrator, consultant, or reseller to assist us in this endeavor.

We're merely a customer of the solution. We don't have a special relationship with Sophos.

We mostly deploy the solution on-premises, and only occasionally on the cloud.

I don't think I have much advice to give to other companies in regard to this product. We use it to manage BitLocker and find it very easy to set up. Organizations shouldn't have trouble implementing it into their business. We never have had issues with it in terms of implementation.

I'd rate the solution seven out of ten.

We primarily use the solution for endpoint encryption. 

It's a straightforward solution.

The solution is pretty simple to use.

We haven't had any real issues with the product.

Technical support has been helpful and they are responsive. 

The encryption is very good.

Overall, Sophos is a great product.

BitLocker comes from the OS license with Windows. It's a free solution. However, Sophos is a product we need to pay for. Therefore, using it is more expensive for our organization. It's also, in general, a pricey option. We'd like to lower costs.

Sophos requires separate BAU operations and separate infrastructure. We require a server and few other things, as well as portals. However, a solution like BitLocker is integrated with the CCM now. It doesn't require any other infrastructure. 

It would be ideal if the solution had different features within one agent. 

Sophos has been used in our bank for between three to four years (or more) at this point. We've used it for a while. 

We have about 24,000 users on the solution right now. We have many users in our organization.

The technical support has been very good. They are helpful and responsive. We are satisfied with their level of support.

We need to pay for this solution currently, however, if we switch to Bitlocker, it would be free as it's a part of Microsoft's OS. 

We are currently doing a POC with Bitlocker. I want to decommission the Sophos Safeguard and enable BitLocker for my bank. I'm working on that right now.

We're basically an end-user. We're a bank. We have a vendor the provides resources to us. 

I'm a solution architect and not fully working on the solution directly, per se. I'm looking for a way to switch over from Sophos to Bitlocker. 

Whether or not this is the right solution depends on each individual company. They have to decide if it is compatible and comparable with a paid solution or a free solution. I advise users to go with a free solution, such as BitLocker, as when we compare Sophos and BitLocker both cover the same aspects such as encryption. We can do what we need to do with both solutions and yet we only have to pay for one.

I'd rate the solution at a nine out of ten. It's a very good product overall. The main reason I would like to switch is based on the cost. If I don't have to pay for something, I would prefer not to. 

I'm the head of security at our company and we are customers of Sophos SafeGuard. 

The valuable feature is the intrusion detection system, the firewall itself.

The Office 360 integration could be improved, it's not so straightforward. It's been a challenge. When I moved from my mail in-house, on-prem, to Office 360 on cloud, I had a lot of challenges getting my mail to pass through the firewall. That's something I'm currently working on.

Additional features I'd like to see would be more help results to the product. Maybe they could provide a way to train on the product, provide tutorials that could be easily accessed for people to easily understand the product quickly. I think that would help. The issue is not always the product but the configuration and the know-how to easily manage the system that sometimes make you not get the best out of the system. It's a matter of making resources available. 

I've been using this solution for five years. 

It's a stable solution, I haven't had any challenges except when I was doing the migration.

The solution is scalable, we have over 500 staff using it. 

We purchased the solution in Ghana through a rep who has not been helpful. The company doesn't provide any support, we do everything in-house. If necessary, I sometimes go to the community to see if somebody has reported something that can help us. 

The price could be lower. I think it's one of the disadvantages of the solution. 

I would recommend that people choosing this solution find the right technical people or  vendor to provide support and assistance to ensure the product is working fine.

I would rate this product a six out of 10.