Microsoft Intune (formerly Microsoft Endpoint Manager), combining the capabilities of the former Microsoft System Center Configuration Manager, SCCM or ConfigMgr, is presented as a unified endpoint management option. Microsoft Intune is an endpoint management solution for mobile devices, an MDM solution that allows the user to securely manage iOS, Android, Windows, and macOS devices with a single endpoint management solution. The component Endpoint Configuration Manager (the…
$5
per user/per month
Sophos Intercept X
Score 8.7 out of 10
N/A
Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.
$28
per year per user
Pricing
Microsoft Intune
Sophos Intercept X
Editions & Modules
Microsoft 365 Business Basic
$5
per user/per month
Microsoft 365 For Individuals
$6.99
per month
Microsoft 365 Apps
$8.25
per user/per month
Microsoft 365 For Families
$9.99
per month
Microsoft 365 Business Standard
$12.50
per user/per month
Microsoft 365 Business Premium
$15
per user/per month
Intercept X Advanced
$28
per year per user
Intercept X Advanced with XDR
$48
per year per user
Sophos Managed Threat Response
$79
per year per user
Offerings
Pricing Offerings
Microsoft Intune
Sophos Intercept X
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
Pricing is for a 3-year commitment. Government and Education pricing available.
More Pricing Information
Community Pulse
Microsoft Intune
Sophos Intercept X
Features
Microsoft Intune
Sophos Intercept X
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
Microsoft Intune is well suited for the larger end of the small business segment to the enterprise. The ability to configure and remotely deploy computer configurations, control mobile devices, and fine tune security controls of each device or device group is a major win for this product. Smaller and mid-sized businesses may balk at having to increase their license level to unlock the better updating features.
To be frank, this product is fairly expensive. So I would recommend this to companies that are mid-sized or larger to condone the cost of the purchase. It does save me a significant amount of time in my day - being able to glance at the dashboard and see if there are any outstanding issues that require my attention, as not much digging must be done to accomplish this. So for our company, with a short-staffed IT department, it's incredibly helpful to us. We also qualify for Educational pricing which brings the cost down - which helps tremendously
[Microsoft Endpoint Manager (Microsoft Intune + SCCM)] helps to speed up the deployment of patches/software throughout our environment. I can easily build a package and then deploy across all endpoints.
The ability to supercede software is also quite handy. This automates the removal of old versions and replacing them with newer versions.
The Intune Autopilot option is very useful if you want to deploy software to devices straight out of the box. You can configure them to download software when a user opens a new PC and turns it on for the first time.
Sophos Intercept X is great at preventing malware infections and rolling back their effects. I have seen this happen hundreds of times since we installed it
When combined with Sophos Central, you have an easy to use dashboard where you can manage all installations from a single pane of glass.
It's easy to deploy on machines and stays updated.
Good reporting features including alerts sent to the admin if there's ever something wrong with it.
Deploying more apps besides Microsoft Edge and Microsoft Office 365 app
Microsoft needs to make it easier to deploy exe, pkg, and msi apps without having to go through the manual process of re-packaging these apps using tools from github like intuneapputil
Add a feature to push out software updates for 3rd party apps
Sophos OOTB policies are very strict and they don't offer anything less strict without you creating new custom policies. I'm sure this is deliberate because the product starts you out in the safest way possible but it means that you will have lots of calls to your tech support desk when you first deploy it unless you do somewhat extensive testing beforehand.
Sophos Intercept X is currently broken (at least the DLP component) by having secure boot turned on in the UEFI/BIOS. If any user wants to be able to write data to a USB drive or floppy from their PC (yes we still have a couple users who need to use floppies) we have to turn off secure boot on their PC, even if the DLP policy for that user/PC combination specifies that the user and PC are allowed to write to USB/floppy. This would be a very serious problem if it weren't for the fact that we have very few users who need to write files to USB. For us it's OK but I bet it would be a deal-breaker for others.
I don't see a whole lot of evidence that Intercept X is any different than any other anti-virus, so maybe their admin alerts just don't clearly identify when they have identified a zero-day threat or maybe we just haven't had any zero-day threats.
Mascom Wireless is a Microsoft shop and SCCM has proved to be helpful in keeping our Microsoft products up to date every month without fail. We also have a Microsoft Enterprise Agreement which we renewed for three years ending 2022. The remote access utility works wonders for the organisation and have saved travel bills including subsistance allowance. We have been able to fulfill security audits both internal and external. We have been able to keep a robust inventory of our computer assets and nothing falls of the cracks
The console is not intuitive and does not work well often. Due to the complexity of the product, documentation can be confusing. When properly configured, routine tasks like OS deployment, remote control, and software deployment are easy to do. Troubleshooting of System Center Configuration Manager issues is hard, as there are various logs, and their content can be hard to understand.
The usability has never been a problem. Sophos Intercept X is a program you can install and let protect your company without much intervention. Apart from a few policies, Sophos will keep you protected better than most any product on the market. Sophos Intercept X works quite well when you are looking to "tighten your grip" on user's access to websites, programs, and add-ons.
It's a 'heavy' system, which demands a lot of resources form the datacenter perspective. So, make sure you followed the requirements to avoid frustration in the future. From the 'client' perspective, it's fine. I've never had any issue with that.
We have not needed to seek support for this product in the time that we have used it thus far. It's been working really well, and have not had any major issues. Being that it's a Microsoft product, it goes without saying that there will be many support options available if needed. This includes phone, web, forums, KB articles, etc. There is even comprehensive documentation that is available on the web through Microsoft's website for use of the product.
Most of the support reps are fantastic. There have been a few though that have had to be escalated via Account Manager when they haven't followed up but this is a rare instance, and often followed up by the Support Manager for APAC.
Work with a "test group" of users who you have a good relationship with so that when things don't work properly they understand! Work with your partner nicely without forcing things especially timelines as you are bound to make mistakes and create oversights in the project Management can also interfere with the implementation (which can cause delays) if you make too many mistakes which takes me back to having a "test group" where you have good relations
We did not evaluate or use other products like Microsoft Endpoint Manager (Microsoft Intune + SCCM). The main reason we did not evaluate or use other products is because Microsoft Endpoint Manager (Microsoft Intune + SCCM) integrates seamlessly with Microsoft 365 and Windows PCs. Expenses would have increased as well if we had purchased another similar product.
Webroot Endpoint Protection is not even in the same league as Sophos Intercept-X. I have tested and compared both sides by side, run simulations and it's not even close. Plus the Sophos central management is so much better. Easier to view user activities and apply policies and remediate threats. Sophos is the clear winner between these two products.
In our current environment, this System Center Configuration Manager had replaced several standalone solutions for patching, imaging, remote assistance, reporting, etc. That saved a lot of time and resulted in money to manage the IT infrastructure.
Once SCCM is deployed and fully configured, all agents are deployed and it is easy to automate a lot of processes and just control them from time to time to make sure that everything is working as supposed to be.
SCCM + Windows 10: great built-in endpoint protection solution. As a result, there is no need to buy additional software for that purpose.
The imaging process is better compared to WDS because you can modify deployment packages and apply patches to a newly imaged machine. This saves tons of time for new employees deployment.
Once our technical and commercial areas got certified, the ROI over the time spent, is great. Actual customers, and/or new ones with other tools, feel safe and advised, once they get in touch with us.
When Sophos EndPoint is being compared against Web Management Tools (competitors), we have failed to deliver, nevertheless, there is a version of Sophos Central (Cloud) which achieves this requirement at 100% and more, since is Cloud Based (on AWS).
We are grateful to be on Sophos "Radar" as a Platinum Partner, and "The Americas" valued partner, we have seen our business grow, thanks to this kind of technology, throughout the years.
