Intercept X Endpoint Reviews

The solution is deployed concerning all our users, of which there are between 500 and 600. We utilize it for whoever is making use of our company assets. 

Sophos Intercept X has a host of valuable features,  which is why we selected it. These include the prevention of lost data, device and web control, and the application level controls with the anti-malware feature. The anti-malware feature was key for us and we benefit from all these other attendant ones.

Features that should be improved in the upgrade involve the excessive consumption of the the solution's processor, RAM and resources. 

We have often encountered pain points, such as field users having insufficient resources at their disposal. Their system may offer, say, i3 processor or four GB of RAM, and become slow, owing to the large number of features. While it is okay that this results in the system slowing down, it remains a challenge for us, as our users and employees are complaining that it is becoming progressively slower.

In the next release it would be great to also see VPN integrated or in-built in the solution.

We have been deploying Sophos Intercept X for nearly two years. 

We have not expanded the solution. As nearly two-and-a-half years have elapsed, the number of users have already been added. We have not increased the number of users in the past year. There is no increase in increment planned for now but, perhaps, there will be in six months' time. 

As mentioned, we consider the solution's technical support to be good.

The initial setup was straightforward and easy.

Since prior to using Sophos Intercept X we were using the on-premises solution of Sophos Central, our use has exceeded two years.

The deployment took from five to ten days.

The licensing is annual, which means that we have already procured licenses for three years.

We are happy with the pricing across all Sophos products. Comparatively, the cost is very low.

Prior to going with Sophos Intercept X, we evaluated McAfee, Trend Micro, Seqrite and Symantec. 

Sophos Intercept X does not have any specific version. It started out on-premises but is now cloud-based. As such, we are using it on the cloud, meaning, Sophos Intercept X Advanced.

We use EDR for both solutions.

There are currently around 550 to 600 users making use of the solution across our company.

For someone contemplating implementing the solution who is looking for a single product containing many features, Sophos Intercept X is the best available. It has features like web, application, and device control, as well as DLP. For someone solely interested in an anti-malware solution, but without DLP, Sophos Intercept X would be so-so.

I would rate Sophos Intercept X as an eight out of ten. 

We are not only using Sophos Endpoint with this solution, we are also using Sophos Email Security and firewall. It is a completely synchronized security package.

The solution is overall quite good, the services are performing well. It is very good for those who are using standard PC configurations. It does not block their system up by taking up a lot of resources. 

This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it. I do not think a lot of companies know about this solution, it could be a lack of marketing that is the reason why it is not at the top.

I have been using the solution for two years.

The solution is very good for small-sized businesses.

The technical support sometimes is a bit delayed, but sometimes they are responding very fast. Overall they are good but could improve on the times they are having delays.

Previously we used McAfee for our endpoint protection for our company. It was very problematic, it was using up a lot of resources and delaying the work of users. Users were not able to do multitasking in the system. It is blocking all access to our server at the time of scanning. We decided to move to some other good antivirus. After analyzing the market, we found Sophos. Sophos is best for the standard configuration PC.

Due to some circumstances, we are going to switch from this solution to Symantec. Additionally, we have evaluated Kaspersky before choosing Symantec as the replacement for this solution. Kaspersky has had a very good rating amongst review sites along with Symantec.

I rate Sophos Intercept X a nine out of ten.

My client is a BPO with three branches. One branch is in the US, and two branches are in India. We are using Sophos for the best connectivity. We are using Sophos for endpoint, DLP, and encryption. We are also using it for content filtering and managing security policies. Currently, we are using its latest version.

It is stable and has a good price. I find it very good.

They need to focus on their SLA or technical support. They also need to focus on their UI.

They should also improve their content filtering tool and update it so that correct categories are there. Sometimes, when I want to block an online gaming website, it is not shown under the correct category. It is shown under another category. They need to review their content filtering tool on a bi-weekly or monthly basis and update the sites and categories. This will be really helpful for them.

I have been using this solution for two to three years.

I am happy with its stability.

I have not scaled it. Currently, I have only one client who is using it.

They need to work on their SLA or technical support. Their technical support is not as good as Cisco's support. 

They get back in one or two hours, which is not good enough for a security or firewall solution. This is because an organization's security and all the outgoing and incoming traffic depends on the firewall. When they take one hour and two hours to provide the support, an organization is in danger during that whole duration. There are many threats on the internet, and they need only five minutes to hack.

We also work with Fortinet, Palo Alto, and Check Point solutions. If a client has Check Point, we work with that. Similarly, if a client has Sophos, we work with Sophos. We have knowledge of different end products. As compared to Cisco ASA, Sophos is good. However, Palo Alto and Check Point are better than Sophos.

If you have more than five years of experience in network security or network administration, it is easy, but if you are a fresher, it is very difficult.

In terms of duration, it takes two days for it to be completely functional in production. Just connecting it doesn't take more than three to four hours.

Price-wise, it is good. Currently, we have a three-year plan.

I would definitely recommend this solution. I find it very good. If you have an experienced engineer with more than five years of experience, you can easily maintain a Sophos solution. An experienced engineer would not require any support and will be capable of handling it. However, if you have someone with two or three years of experience, it will be difficult to handle all the features.

I would rate Sophos Intercept X an eight out of ten.

We're currently implementing this solution in our company, but we generally implement it for our clients. I'm a director and we are resellers of Sophos Intercept X.

The product is very stable which is great. 

The after sales service and support could be improved, particularly on the technical side. The solution has room for additional features. 

I've been using this solution for two years. 

The product is stable, although one of my clients suffered a bit from downtime. The clients are happy with it. 

We purchase different boxes according to the needs of the client, because every single box  has a limitation on number of users. The lowest one, which is 110, supports up to 20 users, 10 to 20 users. 125 supports around 30 users and so on. Most of our clients are medium and enterprise size companies. 

I'd like to see the price lowered. 

Although this is quite an expensive solution when you compare it to products like Automate or Cisco, Sophos does better on pricing.  

I rate this solution a seven out of 10. 

We have split our operations into work at home and on-premise. We have over 2,000 or 3,000 work-at-home agents. Some of them do not connect to us via a virtual private network. They connect directly to our CRM clients. In order for us to ensure that we have visibility and to be able to protect our PCs, we are using Sophos Intercept X via the cloud.

We have been a client of Sophos for close to nine or ten years, and we have not been compromised with ransomware or anything like that during this period. The whole Sophos solution set has been very useful.

There are additional security features in Sophos Intercept X as well as proxy rules and settings that help us in minimizing the sites that our agents can go to, even after their work hours. 

We had some initial problems with our deployment, and they were more around uninstalling Sophos Basic and installing Sophos Intercept X. We had some challenges with some of the uninstallation scripts. They can improve the deployment of Sophos Intercept X when there is already an existing Sophos version. They can also provide more information in the form of best practices and lessons learned from previous findings. A knowledge base with this type of information would be helpful.

We've been a Sophos client for close to nine or ten years. We started using Sophos Intercept X last year.

After everything is deployed, I've not heard anything negative from my team. It seems stable. 

Given that it is a cloud implementation, Intercept X is very scalable.

We have about 6,000 or 7,000 users. The majority of them are customer service agents. We are using both Sophos Basic and Intercept X, and our plan is to migrate the rest of the nodes to Sophos Intercept X. However, our migration plan might change because we are getting a requirement for Cynet from our clients who use Cynet. They are about 4,000 in number. 

We are rather satisfied. It has not gone to that level where I have to escalate to Sophos Philippines for support. The only pain point that we had was related to the installation and deployment, given that we had to deploy outside of our network.

We had some initial problems with our deployment, and it was more around uninstalling Sophos Basic and installing Sophos Intercept X. 

Its setup was rather complex because we support different clients, and the configuration of the PCs of each client is different. If every PC is the same, the initial setup might be straightforward, but we support over 30 different campaigns, which makes it challenging. We were able to deploy it for 2,000 or 3,000 agents, but it was not as seamless as we wanted it to be. It ended up taking four or five months.

We had Sophos Philippines and a local partner of theirs to assist us in this whole process. Overall, the experience was positive, but it could have been better. We could have received some more assistance from Sophos, either Sophos Philippines or Sophos headquarters, in terms of script development. Some of the issues were resolved by my own engineers by tweaking some scripts.

I am not sure about the cost. I would guess it to be between $50 to $60 per license. This would be the cost of the overall subscription. There is no additional fee.

At this point, we are kind of positive about Sophos Intercept X. Our overall experience, after the deployment challenges, has been rather good.

I would rate Sophos Intercept X an eight out of ten.

We use it for all of its features, with the exception of mobile device management. We use it for DLP, malware protection, some forms of asset tracking, application blocking, and so forth.

It is deployed on-premises and on the cloud. We are using its latest version.

Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful.

It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support.

Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it.

I have been using this solution for close to two years.

It is a very reliable solution.

It is very easily scalable. We have scaled it, and we had very minor problems in expanding it across the organizations and new acquisitions.

They provide a great response. They are available through email and phone calls. After you create a ticket, they will respond within 24 hours.

We've only used Symantec. Symantec is nowhere near this solution.

The initial setup was straightforward.

Our team did the deployment. We got the training from them, and we did the deployment ourselves.

Compared to other solutions, such as CrowdStrike, we are most certainly happy with its pricing. We did a three year-business deal.

I most certainly would recommend this solution. One of the recommendations would be to make sure that you have a plan and a dedicated team to be able to manage all of the functions that are in the Sophos solution.

I would rate Sophos Intercept X an eight out of ten.

The main use cases of this solution are for protection from ransomware and malware. Although we don't have EDR because of its high cost, we do have the capability to filter the website. Our use case is more about capturing crypto and the like that can encrypt files. I'm a system administrator and we are customers of Sophos. 

I've found that the most valuable feature is the anti-virus that captures malicious threats and the next generation firewall which is more aggressive in terms of not only looking for viruses, but also for SaaS and the movement of equipment. If something strange comes up we're automatically notified and it's either blocked or quarantined. It enables you to prevent future viruses and enables us to inform the user of malicious websites they have visited.

To date, we haven't had any incidents related to viruses or any types of attacks and we barely get any false positives. It's good to know that any malicious anti-virus detected is automatically blocked, although it makes things more difficult for our IT department.

There is an issue when deploying on cloud because it needs to be done manually. For an enterprise company that can have 10,000 or even 50,000 end users, it's a lot to deploy manually. An additional feature they might include would be the ability to control the lockdown on hardware; to control all the entry points such as a USB, a camera or any external storage. 

I've been using this solution for three years. 

I think this solution is stable. It doesn't allow you to do anything that may cause a problem. If you try to download something that is prone to hacking, the solution won't allow it. It's important to use the admin lock to prevent malicious programs being downloaded. It's good at preventing remote users from downloading malware. 

The solution is very scalable because they don't generally deal with small size office deployments of 10 or 15 users. The solution can scale to 100,000 or even up to 200,000 users.  

Initially we didn't have phone support, but now it's part of the enterprise portfolio which we have. We only use the support if we have an issue with the server. It's the benefit of the cloud, there are no concerns about the server whereas on-premise you need to synchronize your server or upgrade the new version to get those features.

We migrated from Symantec enterprise to Sophos and SentinelOne. The approach is the same for all of them. 

Initial setup for the cloud is very straightforward because it's managed by the company. It's just a matter of downloading the agent and installing to your end point. The on-premise implementation is more difficult, particularly if you're not familiar with it but the support is very helpful. I believe there's a way to roll out without the need to visit individual users. I believe they integrate with an active directory, and then post from there. Deployment time depends on availability of the user's desktop or and/or laptop. If it's on premise, you can push that one, it would take less than 15 minutes. To deploy in a company would take less than a month. 

If you start with the standard solution, move to Intercept X, and then go to the EDR version, it's almost double the price in comparison to other vendors. It's a choice for any company. Check Point's SandBlast, for example, has two payables but the additional payable includes encrypting your hard drive - not everyone needs that feature. 

This is a good product but it comes at a high price. As a result, I would rate this solution an eight out of 10.

The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are probably the biggest areas of the product that we employ. We also make use of web content filtering and application control as well.  

I would probably say that the DLP portion of the product is the most valuable for what we do. That just happens to be the side of the house I sit in. But the EDR alerting is also relevant when talking about valuable features.  

Refreshing the reports could be improved. It looks like sometimes when systems no longer exist those systems can still show up on the reporting.  

For example, if you spin up a virtual desktop and a virtual server, and then you change the name of that virtual server, what happens is Intercept X still maintains a record of the device by the old name. It does that even though it no longer exists in the system because the name has been changed. So, refreshing the data is probably something that needs to be addressed.  

I can not really address what I think needs to be added to the product right now because I still think our organization is focusing on learning what the product can do and discovering the capabilities. I have been so involved with it from the perspective of understanding what it does currently that I am still trying to figure out what else we would like to see.  

We have been using Sophos Intercept X for probably a little over six months now.  

We have about 1500 endpoints. That is a pretty good volume. While I do not know exactly how to rate it, the scalability is excellent from the standpoint of adding endpoints. We have not run across any issues with the scalability of it. I would tell you that it is very applicable to this company right now and certainly is up to the task of matching our needs.  

To this point-in-time, we have found that the technical support is very responsive. We can reach them by phone and by email, and we get answers to the issues and questions we bring up.  

I think the initial installation and setup were very straightforward.  

Once the rollout started, we had to incorporate 1500 devices — and that is just the desktops alone. It probably took about two months. The amount of time it took was because of the scale of resources dedicated to onboarding the solution. It was not because of distribution.  

We did not need to use an integrator or consultant for deployment. It was all done internally.  

We did evaluate other options before choosing Sophos. For example, we looked at Sentinel One. We also looked at a couple of different solutions like Trend Micro and CrowdStrike. Looking at those four seems to have been a good enough comparison of products in the category.  

My biggest bit of advice for people taking on Intercept X is to train your staff on all of the functions of that solution. There are a number of solutions within the one product and it is best to know how to use them all and if they apply to your circumstances.  

The biggest lesson we have learned from using Sophos is that the product can be a bit overwhelming with information and data. That is the situation where your training and your resources come into play.  

Make sure you have a complete plan to utilize the tool or you will have pieces that are just sitting there and nothing is happening to utilize them. There are a lot of capabilities that the solution has and you need to make the effort to discover them.  

On a scale of one to ten (where one is the worst and ten is the best), I would rate Sophos Intercept X as probably about a nine-out-of-ten. It is not until you see other applications like CrowdStrike and do a comparison to see what they can do that you really have an idea of what applications in the category are capable of.