Sophos Endpoint Reviews

My focus with this solution has been on the firewall and endpoint protection. The  ransomware protection technique and pattern of detecting the malware happens using behavioral analysis. It then looks at where the attack is directed and which command and control servers are connected with that malware or that application. We are partners with Sophos and I'm a Sophos-certified technician. 

Synchronized security is a great feature. Basically, my firewall knows exactly what is happening in my endpoint. It takes my production level one step higher. The 100% application visibility means that questions are asked: What are the types of application in my endpoint which are attending to that cloud server? Is it for any command and control server or a genuine site? That type of thing. That flows onto the quality control in XG Firewall which checks whether there is any malicious activity present in the system so I can control access of that system.

The one challenge of this product is the lack of support. I know they are busy but the response time should be quicker. Even if they had someone to just pick the call up and then generate the cases, that would be an improvement. It could be like Cyberoam where they have one dedicated person who receives the calls and generates the case for the customer and then the engineer responds. With Sophos you can wait on the phone for two to three hours before you get anybody from the technical support team. It's a real challenge. 

For endpoint, if they could add the start and stop scanning or abort scanning button to the endpoints, that would be an improvement. Sometimes what happens is that the scan is being used but my system is slow and I have to do some urgent work, but I'm not able to pause the scan. I have to forcefully restart it or try something else. The inclusion of a feature like that would be helpful for end users. 

I've been using this solution for the past year. 

The solution is stable.

The scalability of the solution is good. 

The initial setup is easy but I never recommend anyone do it by themselves first time round because the setup is hardest for the level-one users who haven't used the firewall before. For anyone who is experienced it's not a problem. I implemented the solution for us. 

The price of the product is relatively high compared to other solutions. 

We might increase usage down the track but not for now, things are very uncertain with the coronavirus. If there was a guide available, that would be helpful for securing of the network. 

I would rate this solution an eight out of 10. 

We are a solution provider and the Sophos EPP Suite is one of the security products that we use to provide service to our clients. We primarily use it for endpoint protection.

The most valuable feature is the central administration and management.

The central monitoring capability is helpful.

It is easy to configure.

Technical support needs to be improved.

In the future, I would like to see better third-party integration so that it can work in conjunction with our ticket system.

We have about three years of experience with this product.

In terms of stability, we have not had any problems.

We are satisfied with the scalability.

The technical support offered by Sophos is very poor.

The initial setup is complex and the deployment will take approximately one month.

In summary, this is a good product and I recommend it.

I would rate this solution a nine out of ten.

We primarily use the solution on our endpoints for end-user security. We are planning to move to their new product, the XG.

The central management of the anti-virus features for our end user is a very valuable aspect of the solutions. 

We find it very good as a product. 

In the future, we're looking forward to having a new synchronization firewall on the endpoint.

The management console need improvement. 

I'd address the deployment side. If we could upgrade the deployment side to hand it off to the end-user, it would make it easier, as our campuses are far apart.

We'd appreciate if the solution could offer us assistance with a later deployment.

I've been using the solution for three or four years.

The stability is good. Everything is working fine at the moment.

The scalability is good. Our subscriptions are around 1500, and we have 600 to 700 users deployed. We don't plan to expand on-premises usage and will be moving to the cloud.

I was in touch with technical support last week, with the Phillippine country manager in Venado. So far, their assistance has been very helpful.

We previously used Trend Micro. We replaced it with Sophos. Trend Micro just didn't work for us. There were issues with the management file.

From our initial reporting, the system wasn't difficult to install. We didn't face any complexity or have any problems.

We need about four people for maintenance and deployment because we have different campuses.

We're looking forward to moving to the cloud and replacing our existing firewall when we move to Sophos XG.

I'd rate the solution eight out of ten.

The use case is that many businesses are trying to make an effort to secure their IT assets more rigorously. Right now, in 2020, and last year, in 2019, a lot of businesses became aware of the incidents that are happening in digital media with security issues. There were many incidents involving ransomware, hacking attempts, botnet — all those things. This made the people more aware and scared about the security of their systems. That is the reason we are selecting products to try and provide the best security endpoints possible for our clients. 

The main reason why we choose the Sophos EPP Suite is because of its capabilities to stop infections from spreading around the internal network once the problems have infiltrated it. For example, one computer gets infected. When that computer attempts to communicate with another computer — one client to another client — Sophos checks the behavior of the computer. It looks at what it is trying to communicate and what resources the computer is using. If it does something that is suspicious, like move an application that may be a virus, Sophos will stop the activity and disconnect the computer from the rest of the network immediately. It does this automatically without an administrator having to do or even be aware of anything. This is the main thing we like about the Sophos product. It is constantly monitoring all points and has the capability to detect and act on intrusions without other intervention.  

The area improvement is something very specific. Windows firewall security allows an exception where the user of a specific device can turn the firewall on or off. We need to configure our Windows firewall security in an active directory via group policy. We do not want to allow the exception or for individual users to be able to make this change. When using Sophos, instead of doing this in an active directory, we have to create a policy on the Sophos portal itself. In the Sophos policy, we can indicate which port is allowed and which port is not allowed for the Windows firewall and how it is handled.  

Previously, we were using ESET smart security which also has a Windows firewall base. We could control each and every link and port for everything. Like for people taking their desktop remotely, we could allow VNC (Virtual Network Computing) remote connections on a specific port only. All other ports are blocked from this type of access. This feature is something only ESET had. I am pretty much sure Sophos does not have this kind of policy available. They should make this adaptation. The rest of the Sophos product and the technology and utility of the suite is beautiful. I believe all network system administrators would be glad to have this feature. 

What I would also like to see added is information about update compatibilities. This should be included in a notification for upgrades from Sophos as to whether there is any reason to update Windows for Endpoint or not. The problem stems from the fact that Microsoft is releasing these updates and the patches for security every month. A lot of those patches have issues and incompatibilities. After Microsoft releases the updates, they sometimes have to release a fix to the update with patches. They usually do this in the next two to three days. It would be helpful if Sophos did the testing of the updates to inform all their clients so we can be sure these updates are OK. Then, in turn, we can inform our clients if updates are compatible with their servers or not.  

We deploy this solution to clients and have only been deploying it for several months after testing at our facilities.  

I do not have any experience regarding technical support for Sophos EPP directly. But to compare that to the technical support from SonicWall, which I researched on the web, the technical support for Sophos is currently just as good. I don't know personally. From what I have read, they responsive and they are quick to give users a solution. They resolve problems in a few seconds or within five minutes or ten minutes and are as fast and as accurate as SonicWall support. Once we engage in the full licenses, then we'll be able to find out for certain how the Sophos people will respond to help me out for any incidents that we have.  

We did not really previously use a particular solution — for ourselves or our clients — that will take care of all the things that the Sophos suite will as a unified product. We are constantly evaluating different products by checking out demos. We have used Sophos products for ourselves and with clients in the past but we still need to activate the Sophos EPP (Endpoint Protection Platform) for ourselves internally with formal licenses. We previously had a license and it is still valid, but we need to upgrade for more users.  

The solution we are using right now with most clients is ESET (Essential Security against Evolving Threats) Endpoint Security. We are going to Sophos Intercept X to replace this. We had also been looking into how Intercept X works with the endpoint firewall including how well they communicate with each other and how that may impact our infrastructure. So I've been very interested in the concept of adopting Sophos. As soon as possible, we will get the licenses. About 250 client machines and 55 for our actual and virtual servers.  

I very much impressed with the Sophos product called Intercept X. It is  a wonderful concept because it is protecting the end-user in a different way. It is working with a proactive model, not just an active model. So now Sophos will be actively protecting us before some problem is acquired by our systems.  

Our current antivirus solution will expire on the 8th of February in 2020. Before that date, we will activate Sophos for our organization backup systems to do further testing. We are currently using a third-party product called Mimecast for email security. We still have one year on the licenses for that. So Mimecast will expire in 2021. Then we will be ready to adopt the Sophos solution that fills this need. We are starting with the Sophos Endpoint solution first, and in July next year, we will check how everything is going with the Endpoint solution and hopefully we will see everything is going well. Then we will move forward adopting additional Sophos products. We will improve like that, one by one, to unify our solutions into the Sophos Suite.

We are currently checking into the actual licensing costs. We are waiting for a quotation for 250 end-users and 55 service licenses. We are hoping for a reduced contract price by directly contacting the Sophos company for the licenses. Because we are in the UAE, they have a lot of connecting partners for Sophos already, so it is hard to say if they need more partners or that they will want to give a significant discount. We still think we hold significant interest for them.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos as a nine.  

I primarily use the solution for a variety of small and medium-sized companies for endpoint protection.

For the Endpoint Protection, there are a few different features that are great. The Sophos Interface has got a very good feature for the de-planning that protects the rear de-modeller. The firewall can be completely in there with the Sophos Endpoint agents that are being installed in clients in real-time. The Endpoint Protection also has new features with the EDI Engine. The Endpoint Detection and response won't quit, which is something that the clients appreciate.

In terms of the Firewall, the EAP assist, the simple interface and the reporting features are quite good for clients. It's very easy to understand and to navigate the Dashboard.

The support could be improved. The response times are slow.

Most of my clients are comfortable with the product and how it operates, but I'm sure there could be improvements that could be made.

The solution needs to move from small businesses to large enterprises so they can compete with the 40 gig Check Point. They need to build a product for that environment.

I've been using the solution for just over two years.

The stability of the solution is pretty good.

Scalability is a bit limited. There are times you are supposed to open up the APIs for other vendors or developers to plug in their product information. However, currently, Sophos integrates well only with its own products. It's not easy to integrate other solutions in order to expand. 

Largely, I consult with small and medium-sized companies of up to 120 users.

In terms of technical support, sometimes you write the ticket, and you're afraid to pass it on, because they are unresponsive. That could be a combination of technical support and the guys in the field or the complex communication between two or three levels of technical support. They need to streamline the support so that there's less confusion between who will respond.

The initial setup is quite simple. It's very straightforward.

The length of time it takes depends on the deployment. It varies because some client environments are very small, so it can take a few hours, or a few minutes if you're good at it. Some deployments can take many hours or even a day depending on what you're considering and the environment.

You only need one person for deployment and maintenance.

I typically handle the deployment myself if I'm not bombarded with too many projects.

I have clients that both use the on-premises and cloud deployment models. I'm a consultant and I advise the clients based on their environments and current needs.

Central management is one thing that stands out with this solution. Other products are now catching up in terms of offering central management. With Sophos, you can manage all the products from one central dashboard. You don't have to install different management consoles. The product is pretty straightforward for the average user.

You cannot choose a more complete Sophos EPP Suite, especially if you're looking for a secure environment. You can secure both the network, the infrastructure and the gateways and share security information. Synchronized security is something I would advise others to look into when they're considering a product. 

I'd rate the solution eight out of ten.

We primarily use the solution for all our machines in our labs at the university. We use it for endpoint protection.

With Sophos, the scanning of viruses and scanning of the disk is done silently in the background. 

The solution is a challenge in terms of setting up the rules and managing them.

Since the solution runs silently, you do not know whether the antivirus database has been updated or not. I'm not so sure whether I'm even using an updated antivirus database or if it even scanning every time that I insert a flash disk. I just need that scan and I need to know it's happening. I'm not getting that. 

Even if it does a scan, I don't know if hazards have been dealt with. For example, did it clean the disk after it scanned it? In other products, it's much more clear. There needs to be some sort of report that lets you know if it's running if it found something, and what it did with it, etc. 

We're concerned the Sophos partners may not necessarily have the right skill sets to deploy the solution in a way that meets our expectations.

The solution is not easy to use in comparison to other endpoint security solutions.

I've been using the solution for almost a year.

The vendor that marketed the solution to us told us that they were 100% sure that the solution would cover us in all areas. However, with the challenges we've had, I'm not sure if I can speak to the stability of the solution.

The solution is scalable.

We haven't been satisfied with technical support. We opened up a ticket which they closed without giving us a satisfactory answer.

The initial setup for us was complex. We had a vendor assist us and I don't think they had the proper expertise required to customize the solution in a way that would meet our expectations. Deployment took about two weeks.

We had a third party vendor assist us with the implementation.

We use the on-premises deployment model.

Our experience with Sophos has been mixed. They need to follow up with their local partners to ensure whatever issues their clients are having are resolved. At this point, I wouldn't recommend the solution to others.

I'd rate the solution five out of ten. Earlier, when we installed the solution, we didn't have too many challenges. Challenges didn't start until we started getting reports of people having viruses on their computers when Sophos was running, which makes me concerned that it isn't a secure solution.

We are a solution provider, and this is one of the products that we provide to our customers.

This solution is used for endpoint security at our customers' production sites. We do have a few individual users, but the majority of our deployments are business customers.

We have a cloud-based deployment.

The most valuable feature is the ability to centrally manage the total security environment, including the firewall.

This solution integrates well with the other Sophos components. Together, they provide synchronized security. 

I would like to have more logging features to help more deeply analyze traffic. This would provide us with more control over the products, incidents, issues, and so on.

It would be helpful to have more control of the devices attached to the desktop, giving us better visibility and manageability. This would help us to prevent Traversal attacks, where the user can plug in external USB devices, for example.

I have had issues with respect to stability, but I think that the problem I encountered was due to an operating system issue. For example, when the operating system gets an update from Microsoft, sometimes an issue will appear that must be checked and monitored.

Generally, this solution is quite stable.

We have two or three people who use this solution in our office.

We have contacted technical support for incidents, and we have received good support from Sophos.

The complexity of the initial setup depends on the environment.

For our residential users, the setup is easy.

For our corporate users, it is better to be introduced to the product through certification or online training. It is best to be trained before starting the installation.

Over the past few years, the installation process has changed and become easier.

I would rate this solution a nine out of ten.

This solution is used to protect the network of our head office.

The deployment model we are using is on-premise.

The protection that this solution offers us is strong.

They should consider giving the devices for free when they are charging for licensing.

In the next release, I would like to see the phishing attached included in the firewall.

Normally getting junk mail and phishing in emails is a problem for us. We are protected with other solutions but we would like to see it in the is one.

This solution is one hundred percent stable.

It is scalable and easy to manage compared to Cyberoam.

We have approximately one hundred and fifty users.

The technical support is very good. If we have any isses they are resolved quickly.

Previously, we were using Cyberoam with a valid license.

The initial setup was simple.

When we purchased this solution the implementation and support was included.

The pricing for this solution is ok.

I would recommend this solution.

I would rate this solution an eight out of ten.