Overview
What is Sophos Intercept X?
Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.
good and modern product - always updated.
Sophos Intercept X Delivers On All Fronts!
Sophos Intercept X Endpoint Protection review
Sophos Intercept X, Better than the rest
Sophos Intercept X Endpoint Review
It does the job!
A great centralized security platform.
Sophos Intercept X is to antivirus as Rod Woodson is to cornerbacks - it intercepts everything.
Intercept X intercepts everything
Sophos Intercept X Review
Sophos Intercept X will give you peace of mind
Sophos is Supreme Program
Can’t go wrong with Sophos!
Superb ransomware detection and analysis!
Sophos Intercept-X Works Great!
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Popular Features
- Centralized Management (19)10.0100%
- Infection Remediation (19)9.898%
- Endpoint Detection and Response (EDR) (19)9.696%
- Anti-Exploit Technology (19)8.686%
Reviewer Pros & Cons
Pricing
Intercept X Advanced
$28
Intercept X Advanced with XDR
$48
Sophos Managed Threat Response
$79
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Starting price (does not include set up fee)
- $28 per year per user
Product Demos
CVE-2017-11826 0day exploit vs months old Sophos Intercept X
How WannaCry ransomware works
Features
Endpoint Security
Endpoint security software protects enterprise connected devices from malware and cyber attacks.
- 8.6Anti-Exploit Technology(19) Ratings
In-memory and application layer attack blocking (e.g. ransomeware)
- 9.6Endpoint Detection and Response (EDR)(19) Ratings
Continuous monitoring and response to advanced internet threats by endpoint agents.
- 10Centralized Management(19) Ratings
Centralized management supporting multi-factor authentication, customized views, and role-based access control.
- 8Hybrid Deployment Support(3) Ratings
Administrators should be able to choose endpoint security on-premise, cloud, or hybrid.
- 9.8Infection Remediation(19) Ratings
Capability to quarantine infected endpoint and terminate malicious processes.
- 8.4Vulnerability Management(4) Ratings
Vulnerability prioritization for fixes.
- 9.8Malware Detection(19) Ratings
Detection and blocking of zero-day file and fileless malware.
Product Details
- About
- Competitors
- Tech Details
- FAQs
What is Sophos Intercept X?
Sophos Intercept X Features
Endpoint Security Features
- Supported: Anti-Exploit Technology
- Supported: Endpoint Detection and Response (EDR)
- Supported: Centralized Management
- Supported: Infection Remediation
- Supported: Malware Detection
Sophos Intercept X Screenshots
Sophos Intercept X Video
Sophos Intercept X Competitors
Sophos Intercept X Technical Details
Deployment Types | On-premise |
---|---|
Operating Systems | Windows, Mac |
Mobile Application | Apple iOS, Android, Windows Phone, Blackberry |
Frequently Asked Questions
Comparisons
Compare with
Reviews and Ratings
(202)Community Insights
- Business Problems Solved
Sophos Endpoint Protection has become a widely-used and highly regarded solution for safeguarding machines in various environments. Users rely on this product to ensure that their systems are protected and receive regular updates from the Sophos Database. With its ability to send alerts when a system hasn't been updated in a while, it helps users identify computers that are not frequently used. This feature proves to be invaluable in maintaining the security of an organization's network.
One long-time user praises Sophos Intercept X as the most secure endpoint product on the market. Its ease of deployment and management, combined with its ability to catch everything, make it the preferred choice for both home and business use. By dramatically reducing instances of malware and ransomware, Sophos Intercept X has proven itself as a reliable defense against cyber threats. It also offers powerful administrative capabilities through the Sophos Central web console, allowing users to identify and address security issues effectively.
Sophos Endpoint Protection is widely used across industries for robust protection against virus infections, web and mail downloads, and real-time threats. The product adapts to the rapidly changing digital era by offering advanced features like Anti Exploit Prevention, which safeguards users against ransomware attacks. Whether deployed in the healthcare industry or small businesses, Sophos Intercept X provides peace of mind by effectively preventing malicious software issues. Furthermore, its non-invasive nature and quick response to potential threats make it an ideal choice for organizations seeking a reliable and user-friendly endpoint security solution.
Intercept X's comprehensive protection extends beyond traditional malware detection, with features such as content filtering, application management, and cloud management with MFA authentication. It ensures security compliance, preventing ransomware attacks on devices ranging from workstations to servers. Real-time protection against various forms of malware, including web and mail protection, contributes to Sophos Endpoint Protection's reputation as an industry leader in providing information security services for enterprises.
In addition to protecting against potential attacks, Sophos Endpoint Protection requires minimal user interaction, making it a hassle-free solution for organizations. Its cloud-based architecture simplifies deployment, management, and remediation across distributed locations. Users have reported successfully defending against CryptoLocker and significantly reducing monthly infections, resulting in a more secure environment. With its advanced features like malware identification and automatic quarantine, Intercept X enhances security measures and provides excellent protection against cyber threats.
Overall, Sophos has gained praise from users as a reliable, easy-to-use, and effective endpoint solution. Whether deployed globally across entire companies or implemented organization-wide, the product delivers top-notch system behavior and manageability. It seamlessly integrates with desktops, laptops, and servers, running silently in the background without causing disruptions.
One standout feature of Sophos is its ability to send email reports that alert users of various events, allowing them to proactively address any issues before they become major problems. Users have successfully deployed Sophos across their entire infrastructure, including Windows, Linux, and Apple products. While deployment on Windows machines is easy through the enterprise console, Linux and Mac installation may require manual setup. Once installed, Sophos automatically updates all machines and runs smoothly without consuming excessive computer resources.
Intercept X, a module of Sophos Central, is widely used as an anti-malware and anti-virus agent on endpoint machines and servers. Its policy-setting capabilities for web and application access provide an additional layer of security. Small businesses rely on Sophos Intercept X not only for protection but also for timely notifications of potential threats. The product's effectiveness in preventing malicious software issues and providing a safety net against ransomware has made it the go-to solution for organizations seeking peace of mind.
Sophos Endpoint Protection has established itself as an industry leader in providing information security services for enterprises worldwide. Its real-time protection against various forms of malware, including web and mail protection, ensures a secure environment for users. Those who use Sophos Endpoint Protection have experienced successful protection against CryptoLocker, saving significant time and effort in recovery.
Overall, Sophos delivers excellent endpoint security with minimal user interaction required. Its cloud-based management simplifies deployment and remediation across distributed locations. With its reputation for robust protection and ease of use, Sophos Endpoint Protection continues to be highly regarded by organizations seeking top-notch security solutions.
Attribute Ratings
Reviews
(1-17 of 17)Sophos Intercept X Delivers On All Fronts!
- Zero-Day Malware Detection
- Web Filtering
- End-User Device/hardware controls
- Email notifications of infected machines
- Health Status Compliance At The Device Level
- Machine and/or User-based policy control
- Logs and reports easily read
- Integration with Active Directory
- I'd love if a list of devices not running Sophos could be generated with the AD integration - so that the software could be pushed to the device. (Unsure if this exists, as I haven't found it personally).
Sophos Intercept X Endpoint Protection review
- Protects against ransomware
- Keeps PCs clean
- Easy to manage
- The site can be slow
- Higher pricing
A great centralized security platform.
- Ransomware prevention.
- Antivirus protection.
- Automated removal of majority of viruses.
- Tamper protection.
- Improved partner access to Central Portal (times out every hour or two).
- Streamline new "features" into existing subscriptions, rather than more bolt ons (e.g. MTR and EDR).
- Improved support in Australia.
- Antivirus
- Ransomware protection
- Centralised management portal
- Notifications of endpoints
- MSP Billing (monthly billing option for resellers)
Sophos Intercept X is to antivirus as Rod Woodson is to cornerbacks - it intercepts everything.
- Sophos Intercept X is great at preventing malware infections and rolling back their effects. I have seen this happen hundreds of times since we installed it
- When combined with Sophos Central, you have an easy to use dashboard where you can manage all installations from a single pane of glass.
- It's easy to deploy on machines and stays updated.
- Good reporting features including alerts sent to the admin if there's ever something wrong with it.
- It can be a bit resource-intensive, especially on machines that are a little older. I've seen it take up too many CPU cycles and bog down the rest of the machine.
- Initial setup to get it working can be challenging if you do anything other than the default settings.
- Sometimes won't update on client machines, so they have to be brought in for a manual reinstall.
Can’t go wrong with Sophos!
- Application control.
- Web control.
- Threat remediation.
- Better integration with active directory both on premise and Azure.
Superb ransomware detection and analysis!
- Identifies ransomware
- Gives in-depth analysis on current and detected threats
- Very easy to configure on top of existing products
- GUI not very simple
- Information regarding threats often unclear and hard to decipher at basic level
- False positives on occassion
Large businesses with a large number of devices may struggle, as there's a lot of detail captured with individual threats and troubleshooting is often time consuming.
Sophos Intercept-X Works Great!
- Easy migration from Symantec to Sophos Intercept-X. A simple .msi file allowed for the automatic uninstall of Symantec.
- Sophos Central makes it very simple to mitigate potential issues immediately. I can log in and remediate from anywhere.
- Most vulnerabilities are blocked and removed without IT Helpdesk needing to touch a machine. The reporting capabilities after the fact are informative.
- There are a bunch of running Sophos processes on machines with the software installed. Some take up quite a bit of memory at times.
- Although the process to correct is easy and relatively quick, I've noticed quite a few false positives when it comes to web filtering.
- Setting up policies is a little clunky at first.
Sophos' cloud offering works well but Secure Boot messes it up
- Sophos is a little too good at DLP. But it is indeed very good at not allowing our data to leave our endpoints without strict adherence to policy.
- Sophos is very good at protecting endpoints against viruses and other malware.
- Sopho is really good at informing us of what is happening on our endpoints. OOTB reporting is way better than expected.
- Sophos OOTB policies are very strict and they don't offer anything less strict without you creating new custom policies. I'm sure this is deliberate because the product starts you out in the safest way possible but it means that you will have lots of calls to your tech support desk when you first deploy it unless you do somewhat extensive testing beforehand.
- Sophos Intercept X is currently broken (at least the DLP component) by having secure boot turned on in the UEFI/BIOS. If any user wants to be able to write data to a USB drive or floppy from their PC (yes we still have a couple users who need to use floppies) we have to turn off secure boot on their PC, even if the DLP policy for that user/PC combination specifies that the user and PC are allowed to write to USB/floppy. This would be a very serious problem if it weren't for the fact that we have very few users who need to write files to USB. For us it's OK but I bet it would be a deal-breaker for others.
- I don't see a whole lot of evidence that Intercept X is any different than any other anti-virus, so maybe their admin alerts just don't clearly identify when they have identified a zero-day threat or maybe we just haven't had any zero-day threats.
- Licensing is per user not, machine. So a user could have multiple machines and not have to purchase so many licenses
- Notifications for issues on devices where it has not contacted system in awhile
- Notification when there is a threat that was cleaned and if any additional action is needed.
- Blocking unwanted applications from running in the background when browsing the internet
- I honestly cannot thing of anything negative about the Endpoint protection.
Sophos is more than your legacy AV.
- Centralized management of endpoint security
- Easy to understand dashboards
- Protection against ransomware
- Nice graphical analysis for malware behavior and the vectors involved in the attack
- SAML login support for cloud console
- Manual malware cleanups can be frustrating
- Feature to enable reinstall from the portal if need be.
Due to its centralized management nature and immense visibility into endpoints well-being, it requires constant monitoring and timely reaction (like any other security tool) which can be a daunting task if not done regularly as it easily piles up into thousands of action items that could take days/weeks to complete. With more visibility comes more responsibility of-course.
Sophos Endpoint - An essential component in a modern antimalware/security platform.
- Simple Installation.
- Clean reporting.
- Single pane of glass management with other Sophos products.
- Client can occasionally be more resource intensive than we would like...
The best solution I ever use
- Web control on the client, also if it’s not connected to the company it works well
- We use also the Intercept X module to prevent attacks on non-signature based [issues] . And it’s really powerful.
- It’s multiplatform also for Mac
- Doesn’t use a lot of hardware resources
- The deploy in a large environment is not easy, with the on-premise central server sometimes the deployment doesn’t work.
- With the cloud console, the deployment feature doesn’t exist, you must use third-party tools, but with a problem. The executable that must be downloaded expires after one month from the download and if you forget this the deploy in any new machine fails.
- The web console need improvement is slow and with poor function.
Sophos Packs a Punch
- Sophos Endpoint Protection provides a web portal for the administrator to login. Here the administrator can examine and track which computer devices are being protected from virus attacks.
- The Sophos Endpoint Protection web portal provides a dashboard entry page that shows a summary of what viruses may have been detected and quarantined. In addition this dashboard landing page shows a summary of alert messages sent from the protected computers like when a reboot is needed from a server after software updates.
- From the Sophos Endpoint Protection web portal various agents like for workstations as well as for servers can be downloaded for deployment. Here you can quickly find and install the agent for the Windows OS, Mac OS and even how to proceed with mobile device protections.
- Though the Sophos Endpoint Protection agent for workstations is fairly competitive in cost, especially when with one agent we're protected from both viruses & malware intrusions, the agent to protect our servers are doubled in price. In order for Sophos Endpoint protection to compete with other comparable products, the price for server protection should be lowered.
- Though Sophos Endpoint Protection is supposed to be a superior antivirus protection program, we did encounter slowness specifically when attempting to open PDFs using the Adobe Acrobat program. Further research did show that Adobe Acrobat with "Protected Mode" enabled may cause this problem. The solution was to switch to other PDF applications and the problem was resolved.
- Unfortunately, Sophos is just not as well known as some of its competitors like AVG & Symantec. Perhaps more marketing from the company would help make this very powerful virus protection program become more of a household name.
Best in its class
- The company offers one stop service for all security related needs.
- Excellent Malware protection and recovery.
- Deployment and configuration is a breeze using the consolidated web management console.
- Software can get bloated at times and consume lots of resources on machines, especially while performing incremental updates.
- Some emails and attachments are incorrectly flagged as dangerous.
- We had some issues while integrating Digital Guardian with Sophos, since it kept on blocking OS updates on the machines.
We went with the cloud version of the software suite instead of hosting it on premises. It has an extremely simple all in one web management console. Sophos End Point Protection suite comes with a very well designed and comprehensive web management console. It is the single point of access for numerous services.
Sophos - Leader and Trusted
- Malicious file identification
- Signature-based detection
- Web-based protection
- Signature visibility
- Direct endpoint management - it seems this feature has gone away in recent versions
Sophos EndPoint most awarded Features
- Malware Detection
- Awesome Performance (does not impact OS and/or Hardware performance).
- Top of the line worldwide Support.
- Multi OS Compatability with just one installer (for Windows) and Multi OS's compatability for management (one single console, centrally manages WinOS, MacOS, LinuxOS, etc).
- The console is still based in local application, when many other vendors offers Web management
- Lots of room for default generated Reports
- Migration tools for end user to be able to migrate from one server to another (changing many parameters such as Server Name, IP Address, etc).
Sophos - #1 Endpoint Security
- Simple installation (MSSC compatible.)
- Removes all conflicting software automatically.
- Small system footprint.
- Powerful Scanner/Active Shields.
- Email reports can be false positives - software should check itself and attempt to update/apply policies and then send out a notification if that fails, not before.
- It should not require admin privileges to run a manual scan.
- Email reports could use a little more detail on what exact policy/item is out of compliance to make issue easier to verify/fix.