IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Sophos Intercept X Advanced review: AI-powered protection

An exceptional range of endpoint protection measures, easily managed from a smart cloud portal

Sophos Intercept X Advanced screenshot
Price
$28 per user, 1yr subscription, 500-999 users
  • Huge range of policy customisation options
  • Smart AI features
  • Straightforward management

These days AI seems to be everywhere, and Sophos Intercept X proudly exploits it to help identify unknown malware. It also blocks ransomware attacks using behavioral analysis, and provides tools to investigate potential threats to see how and why they occurred.

This may sound complicated, but everything is rolled neatly into a single web portal for easy access. You can also pick and choose which features you want: along with standard workstation and laptop support, separate modules are available for protecting servers and mobile devices. If you only need core protection services then you can go for the Intercept X Essentials subscription, but we trialled the Intercept X Advanced service, which adds support for multiple security policies, application and web protection and device controls. 

An Advanced subscription also enables the threat analysis centre, where you can review attacks and explore event chain diagrams, which track how a malware incident unfolded, including details of which processes and files were accessed. If you’ve gone for the optional XDR (extended detection and response) licence, you can also make use of the Live Discover feature, which uses SQL queries to create detailed reports for selected endpoints – as well as providing access to the Sophos Data Lake, where you can store up to 30 days of report data in the cloud.

Sophos Intercept X Advanced screenshot

All of this is administered from the Sophos Central portal (which also takes care of any Sophos firewalls in your business). The main dashboard shows recent alerts, a summary of devices and users and details on how web access controls are performing.

Deploying the client software is fairly straightforward. You can create users in the portal and email them a link to install the agent, or you can install the Mac and Windows software from a central distribution point like any regular application. Either way, the agent takes around ten minutes to fully install; protection then starts immediately, with the agent picking up a base set of security policies from your portal account. These can be device-specific or, if you use the Sophos Active Directory sync tool or Azure sync service to import users and groups, you can create policies that follow users regardless of which device they’re logged into.

When it comes to customising your policies, there’s a wide range of options to choose from. The base policies for web, application and device controls can be tweaked to your preferences, or you can create new ones. Data-loss prevention policies set rules that prevent certain types of information from being copied or transferred; we tested this with a policy that looked for files containing payment information and found it worked perfectly, blocking all attempts to share a text file containing credit card numbers.

Related Resource

The new frontier of endpoint management

How analytics and security stacks are driving employee experience initiatives

Green and grey coverFree download

The CryptoGuard feature, meanwhile, neuters ransomware by monitoring all file writes; when a program tries to overwrite an existing file, a temporary clean copy is cached on the local drive. The software then analyses the updated file, and if it determines that it’s been maliciously encrypted, it automatically restores the original cached copy of the file.

All of these features can be configured and customised, but if you want to keep things simple you can just enable the AI-powered Deep Learning service, tick the “recommended settings” box and leave the rest up to the software.

SMBs that want a wide-ranging security solution need look no further than Sophos Intercept X. It’s loaded with powerful features, yet remains easy to use and simple to manage from the Sophos Central cloud portal.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Recommended

SOC modernisation and and the role of XDR
Whitepaper

SOC modernisation and and the role of XDR

16 Mar 2023
Analysing the economic benefits of Trend Micro Vision One
Whitepaper

Analysing the economic benefits of Trend Micro Vision One

16 Mar 2023
More than a number: Your risk score explained
Whitepaper

More than a number: Your risk score explained

16 Mar 2023
The IT manager's guide to getting home in time for dinner
Whitepaper

The IT manager's guide to getting home in time for dinner

15 Mar 2023

Most Popular

The big PSTN switch off: What’s happening between now and 2025?
Sponsored

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
HMRC lost nearly 50% more devices in 2022
Hardware

HMRC lost nearly 50% more devices in 2022

17 Mar 2023
Why – and how – IP can be the hero in your digital transformation success story
Sponsored

Why – and how – IP can be the hero in your digital transformation success story

6 Mar 2023