fbpx

Sophos Intercept X in the crosshairs!

Sophos Intercept-X Endpoint Protection is an excellent hosted solution from a very veteran antivirus and security company. It ranges in price from $20.00 to $40.00 per user per year. It depends on the features you choose. Please note that it’s sold only through partner channels.

The Sophos Intercept X product is ideal for businesses with an Information Technology team and many endpoints to protect. If your business includes hundreds or even thousands of endpoints, Sophos Intercept X is a potent protection product.

Still, Sophos is a great solution for any sized business. It’s capable of protecting both of the main desktop operating systems as well as mobile device platforms. Basically, Sophos checks all the boxes for about any business and does so at a very competitive price. It’s competitors in this category are vendors like Bitdefender GravityZone Ultra and ESET Endpoint Protection.

Sophos’ endpoint protection capabilities evolved to incorporate artificial intelligence. The Intercept X platform merges technologies such as deep learning, AI and endpoint detection and response. This provides a holistic endpoint security. Today, the company’s products protect over 400,000 organizations.

It works for Mac and Windows personal computers (PCs) as well as servers, virtual machines, and cloud-based IT infrastructure. It also protects mobile devices using Android, iOS, and Chrome operating systems.

Create Your Account

First thing is to create your account. Then, getting started is a snap. Logging into Sophos Central greets you with the Dashboard. Up at the top are the most recent alerts. They are in quick and easy view should there be a problem. Below that is a usage summary, which shows which devices are protected and which ones have been inactive for a while. If you are using the Email Security, you can also get a summary of email threat activity. Web statistics are off to the right. So, if there’s any phishing attempts, you’ll be sure to know about them. In addition, there’s an interesting “news” feature at the bottom, which tries to keep you up to date on new threats and how to combat them.

Getting Started with Intercept X

To get started quickly, just go down to the Protect Devices section. Then, click the appropriate download link for the systems you want to protect. After the agent is installed, which takes only a minute or two, your device is then protected. The mobile enrollment wizard is on the same page, if applicable. Adding users is super easy under the People section. Add users one at a time or import them from a CSV file or from Microsoft Active Directory.

Next from the Dashboard is the Alerts page. This is where all threats will be cataloged and displayed as they’re discovered. As these threats are resolved, you can check them off the list.

The Devices section is also pretty simple to use. To view the details of a specific system, just click on it. From there, you can get a quick summary of what’s installed, recent events, system status, and policies. Security Health under the Status tab can give you a quick, detailed rundown if anything is wrong, such as out of date software or an active threat.

Root Cause Analysis

Intercept X’s Root Cause Analysis is extremely useful. There are quite a few components involved, but Sophos broadly groups it into three parts: Overview, Artifacts, and Visualize.

Overview describes the threat and gives you the rundown on where and when it occurred. Artifacts tells you about the changes that it tried to make, while Visualize shows you a diagram displaying the path of infection and how it tried to interact with the system. Sophos Intercept-X does a wonderful job of presenting the data clearly.

Anti-Ransomware and EDR

Another thing Sophos Intercept X does very well is anti-ransomware. Sophos can quickly and easily figure out whether a piece of software is up to ransomware mischief. And, it’s CryptoGuard automatically recovers any damaged files and protect against hostile ransomware encryption attempts. The cool thing is that when you roll all these capabilities together, Intercept X can track what happens as a bad program does it’s thing.

So, whatever it does can be rolled back later if necessary. Combined with a firewall that knows how to look for various kinds of hostile traffic, this is a superb ransomware protection.

Then, there’s the Endpoint Detection and Response, which shows up as the Threat Analysis Center. Threats can be cleaned straight from this portal, plus, affected devices can be isolated. Also, there’s a helpful summary including whether or not business data was compromised, and what the root cause was.

Detection Performance

Sophos Intercept X gets excellent results that put it on par with players like ESET and Kaspersky Endpoint Security Cloud. Third-party testing repeatedly reaffirms it.

Overall, Intercept X does a super job providing powerful and advanced threat protection that is scalable to any sized business. There’s a learning curve for its more advanced capabilities, but this will be true with most any security software. The fact is, it provides any administrator or generalist with excellent malware defense, and it is constantly adding more features.

Any question? Email us or call Corporate Armor at 877-449-0458. Thanks for reading!

Sophos Intercept X highlights

– Fully integrated Endpoint Detection Response
– Good policy control
– Excellent detection and anti-exploit functionality
– Absolutely top-notch ransomware protection