Intercept X Endpoint Reviews

The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are probably the biggest areas of the product that we employ. We also make use of web content filtering and application control as well.  

I would probably say that the DLP portion of the product is the most valuable for what we do. That just happens to be the side of the house I sit in. But the EDR alerting is also relevant when talking about valuable features.  

Refreshing the reports could be improved. It looks like sometimes when systems no longer exist those systems can still show up on the reporting.  

For example, if you spin up a virtual desktop and a virtual server, and then you change the name of that virtual server, what happens is Intercept X still maintains a record of the device by the old name. It does that even though it no longer exists in the system because the name has been changed. So, refreshing the data is probably something that needs to be addressed.  

I can not really address what I think needs to be added to the product right now because I still think our organization is focusing on learning what the product can do and discovering the capabilities. I have been so involved with it from the perspective of understanding what it does currently that I am still trying to figure out what else we would like to see.  

We have been using Sophos Intercept X for probably a little over six months now.  

We have about 1500 endpoints. That is a pretty good volume. While I do not know exactly how to rate it, the scalability is excellent from the standpoint of adding endpoints. We have not run across any issues with the scalability of it. I would tell you that it is very applicable to this company right now and certainly is up to the task of matching our needs.  

To this point-in-time, we have found that the technical support is very responsive. We can reach them by phone and by email, and we get answers to the issues and questions we bring up.  

I think the initial installation and setup were very straightforward.  

Once the rollout started, we had to incorporate 1500 devices — and that is just the desktops alone. It probably took about two months. The amount of time it took was because of the scale of resources dedicated to onboarding the solution. It was not because of distribution.  

We did not need to use an integrator or consultant for deployment. It was all done internally.  

We did evaluate other options before choosing Sophos. For example, we looked at Sentinel One. We also looked at a couple of different solutions like Trend Micro and CrowdStrike. Looking at those four seems to have been a good enough comparison of products in the category.  

My biggest bit of advice for people taking on Intercept X is to train your staff on all of the functions of that solution. There are a number of solutions within the one product and it is best to know how to use them all and if they apply to your circumstances.  

The biggest lesson we have learned from using Sophos is that the product can be a bit overwhelming with information and data. That is the situation where your training and your resources come into play.  

Make sure you have a complete plan to utilize the tool or you will have pieces that are just sitting there and nothing is happening to utilize them. There are a lot of capabilities that the solution has and you need to make the effort to discover them.  

On a scale of one to ten (where one is the worst and ten is the best), I would rate Sophos Intercept X as probably about a nine-out-of-ten. It is not until you see other applications like CrowdStrike and do a comparison to see what they can do that you really have an idea of what applications in the category are capable of.  

We are a small consulting group. We are not really end-users but we sell to them. We are primarily recommending Sophos Central Intercept X as a client solution for endpoint security. They are going to be using it for the security apps, their desktops, and there is a server version as well. I would think that someone buying the server product would expect that to include endpoint security, including ransomware protection, advanced threat protection, and zero-day threat protection.  

Many of our users also use Sophos firewalls and the solutions integrate with each other nicely.  

I would say that the most valuable features are the cloud administration and the strength of the ransomware protection.  

The one thing that I think probably needs the most attention with this product is the technical support. Some of our customers are starting to complain about that.  

It is a good product, generally. I can not really give it any criticism or go on about missing or broken features. I have got nothing to say that needs improvement other than the support.  

We have been recommending Sophos to users for maybe four years. The proper product name is actually Sophos Central Intercept X Advanced.  

I do not know of any limitations having to do with the scalability of this product. We are a small company so the number of clients that we have is not that large. The total would be maybe around 10 clients. The number of endpoints under management for those clients that we are involved with is about 1000. I do not see that we are even close to any limitations in scaling this product with those numbers.  

The one thing that needs the most attention according to our customers is the product's technical support. We do not really hear anything about the product having larger issues but there have been a few comments on the gaps in tech support.  

The initial setup is probably straightforward but there are times when it could be difficult. We are about to do a project where we are going to have to replace a Symantec product. We will see how hard that is to do. The potential problems have more to do with a question of how difficult it is to remove Symantec completely than it is about installing Sophos. There is a tool from Sophos for doing a replacement. We had not used it before so we will get to see how well it works.  

The deployment is quick. It just depends on the environment. If you have a lot of remote sites, that could take more time. If you got to replace something, you never know how hard it is going to be because of how another product sets down its roots. There is a point where you have to just do as well as you can and then deal with issues if any arise.  

When we deploy it into client sites we are the integrators and consultants for the deployment. It deploys as you would expect and there are no surprises. Again, it could be hard to remove an existing solution.  

Intercept X for endpoints is around $35 per user per year. The server version is $95 per server per year.  

I would advise anybody who is using a Sophos firewall and is looking to migrate to another solution to give Intercept X the serious consideration it deserves because the Sophos firewall integrates well with the Intercept X solution and that is an advantage.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this solution as a nine-out-of-ten.  

We are using Sophos as an endpoint protection solution.

It's too early for me to really evaluate the solution at this company, as I've only been at the organization for a month. That said, I have used Sophos before.

So far, the protection aspect seems to be good. 

I have used Sophos in my previous job and it has been a stable product. 

The product scales well. 

The initial setup is pretty straightforward. 

The challenge with Sophos is whenever there's an escalation to a level 3 or level 4 or a certain kind of important issue, or if you want to reach out to the leadership, it's difficult to do so.

They don't have the full stack of offerings as compared to the other competitive products that we see.

While I've only been at the organization for about one month, it's my understanding that the company has been using the solution for about a year.

The solution is stable. From what I have witnessed, it doesn't crash or freeze and there are no bugs or glitches. Historically, the performance has been good and I've found it to be reliable. 

The solution is very scalable. If a company needs to expand it, it can do so. It's not a problem.

We have about 5,000 users on the solution currently.

The support on offer isn't ideal. In terms of the support on offer, for example, if there was a zero-day kind of attack or something, the turnaround time that Sophos offers is not acceptable. They should improve their responsiveness. We are not 100% satisfied. 

I've only been at this company for one month and have yet to contact technical support on behalf of this company.

The installation process is very simple and straightforward. It's not overly complex or difficult. A company should have any issues handling deployments. 

Currently, we are considering other solutions and may move away from this product.

We're just customers and end-users. The company does not have a business relationship with Sophos. 

I cannot speak to the exact version of the solution we're using. My understanding is that we are on whatever the latest version is. 

I'd rate the solution at a seven out of ten.

I wouldn't recommend the solution at this time as we are considering going to another solution. 

We have split our operations into work at home and on-premise. We have over 2,000 or 3,000 work-at-home agents. Some of them do not connect to us via a virtual private network. They connect directly to our CRM clients. In order for us to ensure that we have visibility and to be able to protect our PCs, we are using Sophos Intercept X via the cloud.

We have been a client of Sophos for close to nine or ten years, and we have not been compromised with ransomware or anything like that during this period. The whole Sophos solution set has been very useful.

There are additional security features in Sophos Intercept X as well as proxy rules and settings that help us in minimizing the sites that our agents can go to, even after their work hours. 

We had some initial problems with our deployment, and they were more around uninstalling Sophos Basic and installing Sophos Intercept X. We had some challenges with some of the uninstallation scripts. They can improve the deployment of Sophos Intercept X when there is already an existing Sophos version. They can also provide more information in the form of best practices and lessons learned from previous findings. A knowledge base with this type of information would be helpful.

We've been a Sophos client for close to nine or ten years. We started using Sophos Intercept X last year.

After everything is deployed, I've not heard anything negative from my team. It seems stable. 

Given that it is a cloud implementation, Intercept X is very scalable.

We have about 6,000 or 7,000 users. The majority of them are customer service agents. We are using both Sophos Basic and Intercept X, and our plan is to migrate the rest of the nodes to Sophos Intercept X. However, our migration plan might change because we are getting a requirement for Cynet from our clients who use Cynet. They are about 4,000 in number. 

We are rather satisfied. It has not gone to that level where I have to escalate to Sophos Philippines for support. The only pain point that we had was related to the installation and deployment, given that we had to deploy outside of our network.

We had some initial problems with our deployment, and it was more around uninstalling Sophos Basic and installing Sophos Intercept X. 

Its setup was rather complex because we support different clients, and the configuration of the PCs of each client is different. If every PC is the same, the initial setup might be straightforward, but we support over 30 different campaigns, which makes it challenging. We were able to deploy it for 2,000 or 3,000 agents, but it was not as seamless as we wanted it to be. It ended up taking four or five months.

We had Sophos Philippines and a local partner of theirs to assist us in this whole process. Overall, the experience was positive, but it could have been better. We could have received some more assistance from Sophos, either Sophos Philippines or Sophos headquarters, in terms of script development. Some of the issues were resolved by my own engineers by tweaking some scripts.

I am not sure about the cost. I would guess it to be between $50 to $60 per license. This would be the cost of the overall subscription. There is no additional fee.

At this point, we are kind of positive about Sophos Intercept X. Our overall experience, after the deployment challenges, has been rather good.

I would rate Sophos Intercept X an eight out of ten.

We primarily use the solution for malware protection.

Without a doubt, this product has helped our organization. We've been deploying Sophos Firewall for probably 15 years now. We haven't had a lot of trouble, and prior to using the Sophos product, we were using a lot of Symantec products and occasionally some others. We have not had a lot of problems with infections. By that I mean, if we had three attacks over the 15 years I'd be kind of surprised, That's usually due to the fact that somebody was doing something stupid. Otherwise, we've been very well protected. Basically, if a lot of people are looking maliciously at any of our clients, they aren't getting very far.

The reporting is pretty good up on the Sophos side. We can see if anything's going on, at least from Sophos' perspective. 

The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer. 

Occasionally, we do get noticed, however, we don't always get noticed, and I sometimes wonder is that just due to the fact that our client computers are tough to get at? We also deploy the Sophos Firewall on client sites, and it's relatively difficult for a bad guy to get in there.

We've been happy with it and we've been happy with the training that Sophos has. They keep us up to date on any changes that the solution has.

I don't know how many infections this protected us from. It might be nice to have a view of what has come at us. You're blocking certain types of traffic. It's not malware per se. You would get a message for this, however, you never really know if this was really a bad guy or just some 16-year-old who knows computers.

There's always room for improvement in pricing. 

From a corporate perspective and from a customer perspective, switching is very difficult to do. It's not an easy task. 

The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them.

I would like to see a templated selection of items that ought to be implemented, that right out of the gate, you can just turn on. This is what we recommend for standard workstations that are running under normal circumstances. It's not that you can't have a template in there. You can create your own template and stuff like that, however, they haven't yet spent a whole lot of time figuring out if you're in the, I don't know, medical business and you need HIPAA and you need this and that, these are all the standard things you ought to deploy. It would be ideal if you could just flip the switch, and it turns them all on.

Also, after you've turned this stuff on in mass like that, you sometimes don't immediately know what the problem is if they all of a sudden can't talk to vendor X. Like in banking, they get a lot of offsite services. You should be able to say "Okay, so I blocked them somehow with one of these things. I don't know which one it is, Help me find it so I don't have to turn everything off." Otherwise, I've got to turn off the whole thing and switch them on one by one, which is time-consuming.

I've been dealing with the solution for a year and a half. The company has been deploying Sophos for 15 years or so.

Thinking back on it, we only ran into maybe one bug in the whole time we've used the product. One time, when we upgraded Windows, it wasn't compliant and I remembered that my business partner told me that he had to go to Sophos for help. They quickly resolved the problem.

We've had very few issues. A company should not fear installing it. It's pretty reliable.

Our clients are all small businesses generally. The solution seems to be quite easy to scale in the market that we serve, which would be up to a hundred or so users. We haven't had any problems, however, I haven't deployed it for 10,000 users -which would be a totally different thing. Therefore, while it scales well for small businesses, I can't speak to how it would scale at an enterprise-level.

We do work with a university, and we do some work with a couple of different school districts in the San Diego area. We do some consulting for all three of those. If they asked us to recommend a product, we do recommend a product like this and we help people out with that sort of thing.

Technical support could be faster. We can't really get a hold of them when we need to. They really need to improve their services.

Issues get resolved quick enough. However, there are just issues that cause a lot of unnecessary back and forth. For example, we had a client for who we had installed a temporary license for Intercept X, and then subsequent to that, when we tried to put on the real license, bought it, paid for it, got the key, tried to plug it in, that worked fine. However, all of a sudden it started telling us it was having problems with the temporary license, which was supposed to have been replaced. That was a back and forth. It really took us about two weeks to get that resolved with them. Not a huge problem, not causing alarms that people were getting in, that shouldn't get in, however, I kind of thought somebody would get back to me in a day or two. It didn't take them two weeks to get back to me, but there was a fair amount of back and forth about how to resolve this.

I would say that the quality of the support when you talk to them is very good. I would rate that a nine out of ten. That said, the lack of availability at times of support is concerning, particularly if we were to have an ongoing hack. Sophos now offers a service where they will jump in there for quite a large fee and mitigate everything quickly. However, when you already have bought a product that's supposed to be doing that same job, it seems strange they would charge you again to actually do the job.

Having talked to some of those guys on the tech side, they are extreme. Those guys on that side are super knowledgeable and they can jump in there quickly and check a lot of things way faster than I could ever do it, simply due to the fact that they're so much more familiar with the product and with the way that attacks run.

I don't see them every day so, even though I go to training and I watch it on the training and so forth, it's not something that I fiddle with all the time. I simply don't need to, which is great. It keeps me a step removed from it.

We previously used Symantec among other products.

Symantec has changed a lot over the last 10 years. They used to be a totally different company. We were not only concerned about the product and the quality of the product and the availability of support and all of these sorts of things at first. However, they were also beginning to fall behind in terms of their technical capabilities on their product, and then we also already had a relationship with Sophos because of the firewalls, so it was a natural transition away from Symantec.

We were deploying the UTMs or what they call the SG line, and they've subsequently come out with the XG line, and if you have their cloud-based management solution, you can manage the XG line of firewalls with Intercept X, and they can look at each other's data and make decisions, AI kinds of decisions, or just scripted decisions, based on what the other is finding. It's much more advanced.

The initial setup isn't too difficult. Once you learn it, it's pretty straightforward.

There is a learning curve, and if you haven't learned it, and I would assume this is the same with anybody's product, then you're not really sure what options you want to enable and not enable and so forth. If you turn on too much stuff, let's put it that way, your end user's computer ends up running slowly. You have to be smart about what you're doing.

It doesn't have every function that's out there in the universe. However, it's really quite good and it's a reasonable value for the money compared to some of the alternatives that I've seen. However, I'm not super familiar with the alternatives. I know their names, I kind of know what they do, I read the reviews on your site and others, and we're always looking at it, however, I haven't really studied them.

We're Sophos partners and resellers.

We always deploy the latest version of the solution. We deploy the Intercept X Advanced with EDR.

All the management is done through the cloud. Then there's a client piece you put on, on-premises. We do the management through the cloud and we put the client piece on the premises.

I like a lot of the things that Sophos is doing. They didn't have one this year, however, they have an annual conference, and one of the things they had done, this was right before they got bought by this other company, is they had hired a lot of really top talent. These guys, when I was at the conference for a few days, just listening to them talk, you're mesmerized with how sharp and bright these guys are and what they're adding into the program. Not to say that others aren't getting some of this stuff too, however, it was really impressive. You felt like they had it together. You trust that by sticking with these guys, you're absolutely going to have minimal, to no issues at all.

I'd recommend the solution. It's a really good product. I realized that there are other good products out there and it's not that other companies shouldn't take a look at other products. However, it works, it does what it's supposed to do, and, once you learn it, it's easy to manage and the link to the firewall is really good and a great idea. It's smart to implement a single plan across people's networks. It just makes a lot of sense.

Overall, I would rate the solution nine out of ten.

The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring. Server lockdown prevents malware installation and automatically removes any unauthorized software. Auto-remediation reverses encryption attempts by malware, ensuring data integrity.

In terms of improvements, Intercept X could enhance its support services, particularly in terms of response time and resource allocation. While the product itself is solid, better support documentation and faster response times would be beneficial.

I have been working with Intercept X Endpoint for four years.

I would rate the stability of the solution as a nine out of ten.

I would rate the scalability of the solution as a ten out of ten.

I would rate the technical support as a seven out of ten.

Neutral

While I found Symantec easier to implement and manage, it is not a fair comparison to say it is better than Sophos. My experience with Symantec's interface was good, but both products have their strengths.

Configuring Intercept X is generally straightforward and user-friendly. It is designed to be easy to understand and use. I would rate the easiness of the initial setup as an eight out of ten.

The deployment time for Intercept X varies depending on factors like network complexity and organizational policies. Typically, for around 100 users, it can be completed in a day or two. Maintenance is generally straightforward unless support assistance is required, which can sometimes be challenging to coordinate.

Intercept X falls within the average price range compared to other solutions on the market. While not the cheapest option available, it also isn't considered expensive.

Intercept X has enhanced our ability to prevent malware and ransomware infections. It is a top-notch product, providing robust protection against various threats, including zero-day attacks, while also monitoring encryption levels.

Intercept X has been instrumental in managing and responding to ransomware attacks. I have witnessed multiple organizations using Intercept X remain completely secure when ransomware incidents hit the news. 

Deep learning technology enhances our security posture by providing a deeper analysis of malware behavior. It monitors and analyzes malware actions in real time, leveraging extensive threat intelligence data collected since 1985. This comprehensive approach improves our ability to detect and respond to malware threats effectively.

The exploit prevention capabilities of Intercept X effectively safeguard against various attack methods, including SQL injection and CodeSight scripting. It continuously monitors system vulnerabilities and application processes to prevent exploitation attempts. 

For those considering Intercept X Endpoint, I would recommend prioritizing its comprehensive protection and user-friendly experience. Even after transitioning from server management, I continue to use Intercept X for mobile security, highlighting its effectiveness and versatility.

Overall, I would rate Intercept X as an eight out of ten.

The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI.

The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature.

I have been using Sophos Intercept X for approximately three years.

There are minor scalability elements that could improve. However, overall it is good.

I rate the stability of Sophos Intercept X a seven out of ten.

We do not have too many workstations, we have approximately 300 and we have not had an issue with the scalability. However, if there were more workstations there could be some issues.

I rate the scalability of Sophos Intercept X a seven out of ten.

We had support but it was through local support vendors. It could improve.

I rate the support from Sophos Intercept X a five out of ten.

Neutral

I have used Comodo and it is a good solution. When the agents are installed on the endpoints it provides inventory management. However, in Sophos Intercept X it is possible but you need to export and do it manually. The Comodo solution has better email, asset, and website management capabilities. Overall, Sophos has good security when compared to other solutions.

The price of Sophos Intercept X is expensive. The license is paid on an annual basis. There are extra features that can be added depending on the endpoints. The solution is priced twice as much as the Comodo solution.

We have recently moved to a less expensive solution, which was half the price.

I rate Sophos Intercept X an eight out of ten.

We primarily use the solution for security. We protect the computer network from threats as some users had some kinds of malicious threats. We have some policies for web control. and have used this solution to find some unwanted traffic and some unwanted site access by some users. 

The server protection has been great. That's been the best thing for us.

The reporting has been very useful.

 We have found that the EDR functionality has been very good.

The setup process has been very simple. 

The solution has been very stable so far.

You can scale the solution if you need to, and it is an easy process.

We have found the pricing to be reasonable.

We would like the solution to be more complete so that we don't have to involve so many third parties.

We would like more application control in order to be able to schedule times and access. For example, we'd like to set it so that certain documents can only be accessed between 8 AM and 4 PM.

We did a POC with the solution that lasted six months. It's been in the production environment for three months. Therefore, for almost nine months we have been running on Sophos.

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

We have about 450 devices on this solution.

Currently, we have 3 administrators. There are only 2 super admins and 2 other users for the control panels, et cetera.

We use this solution on a daily basis.

The product is scalable. After we purchased only one user license, we decided to do an installed service also. It's a one or two-minute process in order to provide a temporary license for 1 month and, after that, we hope to stay covered. Therefore, we do have plans to increase usage.

Technical support has been good. During the installation process, we had the principal change, and it didn't affect the process. They have been very helpful so far. We have no complaints. 

We did use Kaspersky.

There were ultimately some issues with the Kaspersky team in Sri Lanka and with the principal in Kenya. We didn't have support from the principal. We had issues for two or three years. We ended up having to change the product and we were with Kaspersky for maybe 8 years.

The initial setup is not difficult to manage. It's very easy and very straightforward. 

With six people we were able to complete the setup.

So far, the maintenance has been little to now. The deployment that is connected to the internet automatically updates, and sort of maintains itself.

We did have some external help for the implementation process. 

The pricing is good.

For testing purposes, we did try a variety of solutions. This product, however, was simple, the cloud was good, and the pricing was reasonable. 

We are using the latest version of the solution.

We are using the cloud version of Sophos, however, there are some computers that are not connected to the internet, so we have to install something locally on-site as well. We are half on-premise and half in the cloud.

I would recommend the solution to other companies.

We've been satisfied with its capabilities. I would rate it at a nine out of ten.