Sophos Intercept X

Sophos Intercept X

Sophos Intercept X



It does the job!

Sophos Intercept X is being used by our entire organization as endpoint management. It is very helpful and non-invasive to the end users. …

A great centralized security platform.

Being used as anti-virus for both customers and internally, to ensure security compliance and prevent ransomware on devices (including …
Read full review

Sophos Packs a Punch

In October of last year, our then IT consultants advised our Los Angeles office to switch from AVG to Sophos Endpoint protection. We were …

The best solution I ever use

We use Sophos endpoint for the protection of all the pc servers and Macs in the company in a worldwide environment. Not only in [our] …

Popular Features

View all 7 features

Endpoint Detection and Response (EDR) (16)


Centralized Management (16)


Anti-Exploit Technology (16)


Infection Remediation (16)


Reviewer Pros & Cons

View all pros & cons


View all pricing

Intercept X Advanced


On Premise
per year per user

Intercept X Advanced with XDR


On Premise
per year per user

Sophos Managed Threat Response


On Premise
per year per user

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visit…


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Starting price (does not include set up fee)

  • $28 per year per user

Features Scorecard

Endpoint Security


Product Details

What is Sophos Intercept X?

Built to stop the widest range of attacks, Sophos Intercept X has been proven to prevent even the most advanced ransomware and malware by leveraging a unique combination of next-generation techniques. This includes the ability to detect never-before-seen malware with deep learning, stop ransomware with Sophos anti-ransomware technology, and deny attacker tools with signatureless exploit prevention. Intercept X also includes root cause analysis to provide insight into threats, and instant malware removal to ensure no attack remnants remain.

Sophos Intercept X Features

Endpoint Security Features

  • Supported: Anti-Exploit Technology
  • Supported: Endpoint Detection and Response (EDR)
  • Supported: Centralized Management
  • Supported: Infection Remediation
  • Supported: Malware Detection

Sophos Intercept X Screenshots

Sophos Intercept X Video

Sophos Intercept X Demo

Sophos Intercept X Competitors

Sophos Intercept X Technical Details

Deployment TypesOn-premise
Operating SystemsWindows, Mac
Mobile ApplicationApple iOS, Android, Windows Phone, Blackberry


View all alternatives

Frequently Asked Questions

What is Sophos Intercept X?

Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.

How much does Sophos Intercept X cost?

Sophos Intercept X starts at $28.

What is Sophos Intercept X's best feature?

Reviewers rate Endpoint Detection and Response (EDR) and Malware Detection highest, with a score of 9.3.

Who uses Sophos Intercept X?

The most common users of Sophos Intercept X are from Mid-size Companies and the Information Technology & Services industry.


(1-25 of 133)
Companies can't remove reviews or game the system. Here's why
William Scott Coates | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
It is in my opinion, Sophos Intercept X is the most secure endpoint product on the market. I have used it for years and tell everyone I know that they need to be using it as well. Whether for home or business, Sophos Intercept X is my preferred endpoint and the only product I use. It's simple to deploy, easy to manage, and catches everything. I have run simulations against Sophos Intercept X and other products, and Sophos Intercept X always comes out.
  • Detects Malware
  • Protects against Ransomware
  • Centrally managed
  • Easy to deploy
  • Support is knowledgeable but can take some time to reach a person
  • False Positives can be improved
  • Add Templates
Sophos Intercept-X is well suited for any environment big or small. There is even a home version that is free that I highly recommend for anyone at home. If you are looking for endpoint protection that is centrally managed, catches everything, and has many features this is the product for you.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are in the healthcare industry and need to provide security for our users from malicious cyber attacks. These attacks include malware, viruses and ransomware. We have deployed the agent for all our users to ensure they are protected from the bad guys. Sophos Intercept X also has a data loss prevention component that allows us to monitor and detect when users are sharing information insecurely.
  • virus scanning
  • malware detection
  • Data loss prevention
  • add phishing scanning
Sophos Intercept X is well suited for ensuring endpoints are secure from viruses, ransomeware, exploites and data loss prevention. Our Post COVID world requires many of our users to still work remotely. Some work in public spaces and unsecure networks. Having Sophos Intercept X helps ensure our company resources are safe and our users are not exposed to malicious software.
December 31, 2020

It does the job!

Nicholas Cawein | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Sophos Intercept X is being used by our entire organization as endpoint management. It is very helpful and non-invasive to the end users. Sophos Intercept X is very responsive to any indication of a possible threat reaching the end user's machine. We have had no issues with the software and are very happy with it. The price for the product is perfect! Customer service is world class as well!
  • Stays up to date
  • Does not spam with notifications
  • Auto-remediation
  • Not heavy on consuming resources
  • Could be optimized for better performance
  • Slows the machine it's running on when performing a scan
Sophos Intercept X is great for any organization to have a standard level of security applied to the end users' machines. We have remote employees, and they often attempt to download software to better accomplish their daily task; there has been a time when Sophos Intercept X has notified me or the IT director and offered to auto-remediate the issue by removing the software.
Beau Sorensen | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Sophos Intercept X is an all-in-one endpoint solution that has dramatically decreased malware and ransomware instances across our organization. Since we put it into place it has found thousands of potential infections that would have infected us via RATs, worms, emails, and malicious webpages. When you combine the power of Intercept X with the Sophos Central web console, it gives incredible administrative power to discover who the biggest problems are and then allows you to better target training and mitigation efforts where the problems originate.
  • Sophos Intercept X is great at preventing malware infections and rolling back their effects. I have seen this happen hundreds of times since we installed it
  • When combined with Sophos Central, you have an easy to use dashboard where you can manage all installations from a single pane of glass.
  • It's easy to deploy on machines and stays updated.
  • Good reporting features including alerts sent to the admin if there's ever something wrong with it.
  • It can be a bit resource-intensive, especially on machines that are a little older. I've seen it take up too many CPU cycles and bog down the rest of the machine.
  • Initial setup to get it working can be challenging if you do anything other than the default settings.
  • Sometimes won't update on client machines, so they have to be brought in for a manual reinstall.
Sophos Intercept X is what I would consider the premier antivirus, anti-malware, anti-ransomware software on the market today. It is easy to stand up and deploy thanks to the management side being in the cloud - there's just a small download that can be deployed via script to any computer on your domain. It scales easily from small businesses all the way up to large enterprises and comes in at a cost-effective price point for anyone along that spectrum.
Support has been somewhat helpful, though it is usually easier to just Google what you need. Like most tech companies, it is hard to find a phone number and most things drive you towards a FAQ. Additionally, the help center in the admin console isn't that fantastic. The upside is that because the product is as steady and solid as it is, I haven't needed to use support much.
Reginald Johnson | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source
Intercept X is being used by clients as an endpoint security agent. For new infections in the wild and partial threat matches, nothing is more aggressive.
  • Partial threat detection.
  • Low CPU cycles during scan.
  • The UI is still cumbersome.
  • The management plane could be better.
This is the best product for deployment in areas with limited connectivity. This is not the best for deployment in environments where active software development allows risky behavior.
Sophos is one of the few vendors to provide access to their developers in order to troubleshoot.
Ramon Vazquez | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Sophos Intercept X across the whole organization, from POS devices at the restaurant level, to user PCs and servers. It addresses the worrying problem of detecting and intercepting malicious software that may not have a known signature and stopping it before it damages any files or computers. We have been using it for 2 years now, and so far we have had no malicious software issues, and we have been able to stop a few that have tried. Now that ransomware is a huge issue in the industry, we are happy to have this safety net.
  • It can detect malicious software even if it does not have a known signature in the endpoint database. This is a big strength.
  • It works while being imperceptible by users. Another big strength.
  • It used to be a separate add on to the endpoint, but they have already addressed this, and t is included in the enterprise-level endpoint.
  • It will do its job without alerting you, so you may think it is not working. It makes you a little anxious.
I believe it is the best-integrated solution for ransomware protection for the price point. This makes it suitable for small, medium, or large businesses. The endpoint bundle, including the intercept x, has a very competitive price, and may be cheaper than solutions that offer less. Security is a very important aspect of running a business today, and having something you can count on brings peace of mind.
  1. We had an issue in the beginning with installing the software in our POS devices, and the support service was fast to respond and help us figure out the correct way of doing the deployment.
  2. They have also helped us when the time came to renew, but the new licenses had not arrived, so that we would remain protected in the time being.
  3. One time we patched the firmware and it had a bug, and the support team came out with a new patch the next day that fixed everything.
So far, we have been very pleased.
Shawn Umansky | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Sophos Intercept X to help protect both our endpoints and servers from malicious activities. It helps to keep our environment protected and safe.
  • It is easy to deploy.
  • It is easy to manage.
  • Sometimes the client takes up quite a bit of space on the systems it runs on.
It is well suited for organizations that need a fast, easy solution to protect their end points and servers. Our organization has around 1,000 end points and it works for us.
I have not had to call in for several years, but when I did it was not the greatest experience. I remember having to jump through lots of hoops before I got a knowledgeable engineer on the phone to help. I don't know if that has improved since then.
Score 9 out of 10
Vetted Review
Review Source
Being used as anti-virus for both customers and internally, to ensure security compliance and prevent ransomware on devices (including workstations and servers).
  • Ransomware prevention.
  • Antivirus protection.
  • Automated removal of majority of viruses.
  • Tamper protection.
  • Improved partner access to Central Portal (times out every hour or two).
  • Streamline new "features" into existing subscriptions, rather than more bolt ons (e.g. MTR and EDR).
  • Improved support in Australia.
  • Antivirus
  • Ransomware protection
  • Centralised management portal
  • Notifications of endpoints
  • MSP Billing (monthly billing option for resellers)
Most of the support reps are fantastic. There have been a few though that have had to be escalated via Account Manager when they haven't followed up but this is a rare instance, and often followed up by the Support Manager for APAC.
Jane Updegraff | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source
Sophos Intercept X is our chosen endpoint security solution for all of our Windows endpoints (Windows and Windows Server) across the entire enterprise. We were already using Sophos before, and we replaced an older Sophos appliance with the cloud-based "Sophos Control" version instead, and we abandoned our on-prem Sophos web appliance.
  • Sophos is a little too good at DLP. But it is indeed very good at not allowing our data to leave our endpoints without strict adherence to policy.
  • Sophos is very good at protecting endpoints against viruses and other malware.
  • Sopho is really good at informing us of what is happening on our endpoints. OOTB reporting is way better than expected.
  • Sophos OOTB policies are very strict and they don't offer anything less strict without you creating new custom policies. I'm sure this is deliberate because the product starts you out in the safest way possible but it means that you will have lots of calls to your tech support desk when you first deploy it unless you do somewhat extensive testing beforehand.
  • Sophos Intercept X is currently broken (at least the DLP component) by having secure boot turned on in the UEFI/BIOS. If any user wants to be able to write data to a USB drive or floppy from their PC (yes we still have a couple users who need to use floppies) we have to turn off secure boot on their PC, even if the DLP policy for that user/PC combination specifies that the user and PC are allowed to write to USB/floppy. This would be a very serious problem if it weren't for the fact that we have very few users who need to write files to USB. For us it's OK but I bet it would be a deal-breaker for others.
  • I don't see a whole lot of evidence that Intercept X is any different than any other anti-virus, so maybe their admin alerts just don't clearly identify when they have identified a zero-day threat or maybe we just haven't had any zero-day threats.
It works just as well as any other modern antivirus and it has a really nice web console that I find easy to use. I like the fact that the built-in OOTB stuff that you start with is really secure and pretty much complete right OOTB, so it's easy to get going fast. But I do not like that the sales and implementation staff did not make it clear that end users would no longer be able to write to USB or floppy (even when the operation that they want to do does not violate the DLP policy or the peripheral device policy in Sophos Intercept X) unless we turn off secure boot in the UEFI of each PC. That's something that has to be done manually on each PC and it's a pain. It makes sense that users can't drag data from a network share to a USB to write, that is not a secure operation, and I like that, but users should be able to copy and paste documents (that they own) from a folder on their own local PC to a USB stick without having to have someone from IT change their boot settings in their UEFI/BIOS. It's only doable for us because we have very few people that need to be able to transport files on physical media.
Sophos Intercept X support has been good but they didn't always give me the answer that I wanted. The product's secure boot limitation surprised us. But the support staff themselves are very good and they thoroughly answered all of my questions on the few occasions that I asked for support.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Intercept-X is used across the whole organization and on-top of Sophos' excellent EndPoint protection, it primarily addresses the increased threat that ransomware is presenting to our Charity. After running a number of ransomware tests against Sophos Intercept-X, it outperforms a number of market leaders and helps me get to sleep at night knowing our AV product is protecting us.
  • Identifies ransomware
  • Gives in-depth analysis on current and detected threats
  • Very easy to configure on top of existing products
  • GUI not very simple
  • Information regarding threats often unclear and hard to decipher at basic level
  • False positives on occassion
Small/Medium businesses that are email heavy can rest easy knowing they're getting great value product with extremely good protection. It catches a wide range of ransomware variants.

Large businesses with a large number of devices may struggle, as there's a lot of detail captured with individual threats and troubleshooting is often time consuming.
Their blog is excellent and any issues are clearly and quickly posted on to their website. Support is available from directly within the cloud portal and response times are excellent. Can't complain at all! I often receive calls to check in (even though we are a small charity) and update us on upcoming product enhancements. Free trials available from within the cloudportal are also a godsend!
Sarah Urbani | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We deploy Sophos Intercept X too small businesses to ensure they are protected, and we are notified if something comes up on their machines so we can clean/address it.
  • A powerful virus cleaner
  • It stops Modern Threats
Sophos Intercept X is well suited for small businesses with a lot of data like doctors, dentists, lawyers, etc.
Support is efficient, easy, and fast to respond and assist.
Ryhlen Schoeberl | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Sophos to protect all the machines in our environment. We also have the cloud set up so when our mobile users connect in the world we can make sure they get updates from the Sophos Database. We also get alerts if a system has not updated in a while which helps us find computers that are not used that often.

  • Licensing is per user not, machine. So a user could have multiple machines and not have to purchase so many licenses
  • Notifications for issues on devices where it has not contacted system in awhile
  • Notification when there is a threat that was cleaned and if any additional action is needed.
  • Blocking unwanted applications from running in the background when browsing the internet
  • I honestly cannot thing of anything negative about the Endpoint protection.
I like it in our environment. 2e paired it with Sophos Intercept X for added protection where it detects unusual changes and rollback from changes that threats have made. All the information is on the same interface as well easy to use and deploy. Not sure what scenario it would not be able to be used in.
Had to contact 2 times but was able to get my issues resolved within a manner of minutes with the support team.
Steven Hiersche, Jr. | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use many modules of Sophos Central but Intercept X is used on all endpoint machines and servers in our environment. It is our anti-malware and anti-virus agent. It also allows us to set policies for web access and application access.
  • Application control.
  • Web control.
  • Threat remediation.
  • Better integration with active directory both on premise and Azure.
I cannot see a scenario where it is not well-suited. It stacks up against the competitors for all industries, small/medium/large. The price is also not outrageous when compared to competitors.
Nothing is perfect so it won’t get a 10, but it has continued to save us when we need it, so it gets a 9.
Thayer Ramahi | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Sophos Intercept X has been added to the whole organization and all backend server as well (285 seats).
  • Block ransomware.
  • Notify administrators.
  • Revert back the data to the previous stat.
  • Blocks all executables from running.
  • It has to be used with Sophos AV & Sophos central to have an effective solution.
We have been using Sophos AV for the past 5 years, we love it and it is light on the work stations. Once Intercept X launched we purchased only for our workstation a week later we got hit twice with 2 different users and it was fantastic, no data was lost, the laptops got disconnected from the network, the team managed to clean the infection and no data was lost. a year later we deploy it on the server after testing the effect on the server performance and functionality (which has a light effect on the performance). 6 months later one of our physician's accounts was hacked and the hackers tried to deploy Phobos ransomware and were unsuccessful and it also blocked the network access.

We are very pleased with Intercept X it was an investment worth every penny.
Alex Farling | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source
We use Sophos Endpoint Protection on our internal equipment, as well as client computers/servers. The product enables us to manage AntiVirus, Encryption, and Next Gen AntiMalware in a single portal with a single agent. The protection we get from this combo is second to none, and that's where the real value of this product comes through - tight integration to the entire platform...
  • Simple Installation.
  • Clean reporting.
  • Single pane of glass management with other Sophos products.
  • Client can occasionally be more resource intensive than we would like...
We use it everywhere, including mixed environments / Mac and Linux deployments. Where it may not be well suited is for extremely budget-conscious customers who are not willing to adopt the whole solution stack - that said, you get what you pay for and Sophos is cost competitive against other solutions.
Neil Taylor | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Sophos is used globally across the entire company. We really on Sophos to provide endpoint protection to all desktops and servers plus the entire AWS estate. This provides us with our primary AV defense from internal users and malicious internet content. This is managed by multiple teams who can interact with the cloud-based solution and closely monitor all devices for compliance.
  • Simple to setup and configure leaving engineers free to worry about other tasks.
  • Sophos automatically discovered all our AWS servers with very little input enabling a clear picture of what servers we have over which sites and which are protected.
  • Very easy to configure specific policies either by server type, location or office specific for end users.
  • Automatic reporting of non-compliance devices could be improved as such that the engineer managing the estate can quickly see what is out of compliance and what needs to be done to fix it.
  • A single pane of glass interface to see all devices would be useful as switching between servers and desktops could be simplified.
  • With multiple policies being created the interface gets very busy and determining which policy is active for a particular device is not always clear.
Sophos is particularly well suited to small engineering teams where a minimum amount of training is required and ongoing monitoring is simple and easy to conduct. The interface is intuitive (sometimes a little cluttered), easy to use and easy to quickly identify any potential issues and vulnerabilities that may be detected. When you have detected an issue, isolation and/or cleanup of the device is very simple with just a few mouse clicks and false positives are kept to a minimum
Eric V. Zarghami | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
It's being used across the whole organization.
  • Centralized management of endpoint security
  • Easy to understand dashboards
  • Protection against ransomware
  • Nice graphical analysis for malware behavior and the vectors involved in the attack
  • SAML login support for cloud console
  • Manual malware cleanups can be frustrating
  • Feature to enable reinstall from the portal if need be.
It`s ideal for small to big IT shops where a trained individual can pretty much oversee the endpoint health and get real-time data on their security posture.
Due to its centralized management nature and immense visibility into endpoints well-being, it requires constant monitoring and timely reaction (like any other security tool) which can be a daunting task if not done regularly as it easily piles up into thousands of action items that could take days/weeks to complete. With more visibility comes more responsibility of-course.
Frank William | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Sophos Endpoint Protection for threat detection and prevention. It's deployed across our endpoints and other resources to provide antimalware protection, monitor our web resources and emails in real time and to protect us against ransomware attacks. After being a victim of ransomware attack, we switched to Sophos endpoint protection and it has been able to provide complete protection against ransomware and malware attacks over the years, thus providing peace of mind for us.
  • This product provides excellent protection against malware and its database is usually updated regularly to provide protection against even the newest malware
  • This product gives far less false positive alerts than most products I've used
  • Sophos Intercept X is a wonderful artificial intelligence solution that works better than most competing product's solutions. It provides excellent protection against ransomware attacks and hasn't failed since we steered using it
  • The web console looks dated and surely needs some improvements
  • Support is very slow to respond
  • It lacks customization when compared to some other popular solutions
It's well suited for mainly small and midsized organizations concerned about protecting their computers and other resources from everyday threats such as malware, viruses and ransomware attacks.
Matt Rogers | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Sophos Endpoint Protection to provide an extra layer of security for our users. We deployed this software to our entire organization. The great thing is, I do not believe the majority of users are even aware that it exists. It runs completely silent in the background. It also makes management and monitoring very easy since all instances can be modified and changed in the cloud.
  • Easy, simple, centralized management makes this software a breeze to administer.
  • The latest definitions update quietly and frequently. This provides great peace of mind knowing that your users will be protected from the latest threats.
  • Deployment is very easy! It's a quick install and it simply does not malfunction once it's installed.
  • I literally have nothing negative to say about this software.
I think this software has a place at both large and small organizations. It is easily able to be scaled to any number of clients. It is great if you want to employ centralized management of your security software. It is great in scenarios where the IT staff simply does not have the time to troubleshoot software that should just work. I cannot think of a scenario where this software would not be beneficial!
Jon Shurtliff | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We implemented Sophos Endpoint Protection across our organization a couple of years ago and it has been the best solution we have seen to date.
We installed this across our entire company and even implemented it into a new company that was recently acquired. Security is obviously at the fore-front of all of our minds, and Sophos has given us peace of mind.
  • Sophos Endpoint Protection installs very easily
  • Sophos Endpoint Protection is very unobtrusive on the clients and doesn't get in the way of doing any other tasks.
  • We have had no breaches since we installed Sophos and feel very confident in its protection
  • It may be nice to have a weekly/monthly digest to see what is going on and how the protection is holding up.
Sophos has been great for our Medium-sized company and has allowed us to focus on other tasks instead of worrying about security.
Paul Li | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source
In October of last year, our then IT consultants advised our Los Angeles office to switch from AVG to Sophos Endpoint protection. We were told that Sophos Endpoint Protection is a superior virus protection program. AVG had given us a number of problems by frequently detecting false positives and quarantining programs we use quite often in our organization. So AVG along with Malwarebytes were both uninstalled from all our workstations & our servers replaced by the single protection program Sophos Endpoint Protection.
  • Sophos Endpoint Protection provides a web portal for the administrator to login. Here the administrator can examine and track which computer devices are being protected from virus attacks.
  • The Sophos Endpoint Protection web portal provides a dashboard entry page that shows a summary of what viruses may have been detected and quarantined. In addition this dashboard landing page shows a summary of alert messages sent from the protected computers like when a reboot is needed from a server after software updates.
  • From the Sophos Endpoint Protection web portal various agents like for workstations as well as for servers can be downloaded for deployment. Here you can quickly find and install the agent for the Windows OS, Mac OS and even how to proceed with mobile device protections.
  • Though the Sophos Endpoint Protection agent for workstations is fairly competitive in cost, especially when with one agent we're protected from both viruses & malware intrusions, the agent to protect our servers are doubled in price. In order for Sophos Endpoint protection to compete with other comparable products, the price for server protection should be lowered.
  • Though Sophos Endpoint Protection is supposed to be a superior antivirus protection program, we did encounter slowness specifically when attempting to open PDFs using the Adobe Acrobat program. Further research did show that Adobe Acrobat with "Protected Mode" enabled may cause this problem. The solution was to switch to other PDF applications and the problem was resolved.
  • Unfortunately, Sophos is just not as well known as some of its competitors like AVG & Symantec. Perhaps more marketing from the company would help make this very powerful virus protection program become more of a household name.
Sophos Endpoint Protection is more well suited for larger organizations where they require protection from serious attacks, especially on the server side. With their robust high powered agent specifically designed for the server, large corporations would have no problems in paying a more heftier price to protect their servers compared to their workstations.

Alex Waitkus, CISSP-ISSAP, OSCP | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Sophos is a leader in the endpoint protection market. Manageability, system behavior, signature base are all top notch and can compete against any end-point protection software on the market. Sophos was a replacement for Kaspersky for enterprise-wide endpoint protection on workstations and servers. It is easy to deploy and is a reliable signature-based endpoint protection suite.
  • Malicious file identification
  • Signature-based detection
  • Web-based protection
  • Signature visibility
  • Direct endpoint management - it seems this feature has gone away in recent versions
I cant think of any endpoint protection scenarios where Sophos Endpoint Protection is not appropriate for deployment, perhaps restricted deployments that only allow one-way traffic (data diodes). Sophos is great for Mac, Windows, Linux, and server environments. It is easy to deploy and manage through its admin utility. Some direct endpoint management functionality has disappeared in recent versions.
Mauro Ruscelli | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Sophos endpoint for the protection of all the pc servers and Macs in the company in a worldwide environment. Not only in [our] corporate [office], but also in branches and all our stores spread around the world. We have worked with Sophos for many years without any problem, and this is what I search for in a software like this.
  • Web control on the client, also if it’s not connected to the company it works well
  • We use also the Intercept X module to prevent attacks on non-signature based [issues] . And it’s really powerful.
  • It’s multiplatform also for Mac
  • Doesn’t use a lot of hardware resources
  • The deploy in a large environment is not easy, with the on-premise central server sometimes the deployment doesn’t work.
  • With the cloud console, the deployment feature doesn’t exist, you must use third-party tools, but with a problem. The executable that must be downloaded expires after one month from the download and if you forget this the deploy in any new machine fails.
  • The web console need improvement is slow and with poor function.
I suggest Sophos in any environment because I think that it’s doing good work and [provides] good protection. This is most important for an endpoint protection [tool].
Juan Carlos Sanchez Pignalosa | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source
Sophos EndPoint Protection is widely used by organizations that want robust protection, along with other functionality. It resolves the problems of virus infection, web & mail downloads and mostly real-time protection. When customers ask me, "why Sophos EndPoint"? I answer; "Support is awesome, definitions are awesome, why not?". We are in a digital era where everything moves very quickly, Sophos has adopted to this situation, and convert it into a strengths by always keeping ahead of needs. For example, the latest module "Add On" that Sophos provides is Anti Exploit Prevention, to protect users against ransomware.
  • Malware Detection
  • Awesome Performance (does not impact OS and/or Hardware performance).
  • Top of the line worldwide Support.
  • Multi OS Compatability with just one installer (for Windows) and Multi OS's compatability for management (one single console, centrally manages WinOS, MacOS, LinuxOS, etc).
  • The console is still based in local application, when many other vendors offers Web management
  • Lots of room for default generated Reports
  • Migration tools for end user to be able to migrate from one server to another (changing many parameters such as Server Name, IP Address, etc).
Sophos EndPoint exceeds today's IT Needs and protection, since it outperforms competitors on many levels, such as detection and performance. It is difficult to find tools that perform so well, and also to detection. ISophos EndPoint is suitable for every organization since enterprise grade protection and communication exist (via SUMs "Sophos Update Managers") for remote offices and branch offices. Sophos EndPoint is less suitable for small companies, which only needs anti-malware. Sophos EndPoint Protection, at its most basic level, offers Web and multiple modules of protection.
Evan Miller | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source
Sophos EndPoint is currently being utilized across the whole organization on all leased/purchased Windows based computers. It is deployed via scripting in Group Policy for OUs. It is providing adequate protection on our endpoints and provides peace of mind to end users knowing that their work PCs are being actively scanned for threats.
  • Deployment and implementation was relatively easy to do
  • Reporting of issues to users via the desktop app and steps taken to remedy
  • The application just seems bloated and resource hungry. Four different app listings in programs and features for this protection.
  • Malware remediation could be better. Doesn't remove infections of this type well.
For larger enterprises, the deployment capabilities of this protection suite are well suited. If you are in a smaller business or IT shop there are probably other more cost-effective and better-suited protection suites available.