Sophos Intercept X Review

Sophos is a security focused software and hardware company that has built its forte on Enterprise security solutions. The Intercept X is an endpoint protection system developed by them and has a key focus on protection from Ransomware along with general malicious behavior. Intercept X screens the computer for 24 activities that malware uses as points of attack, this is different from the traditional approach where in each exploit is patched with updates to the security software. Intercept X also tackles the problem of Ransomware by looking at one thing that all Ransomware attacks have in common, which is Encryption. Since all Ransomware attacks encrypt user files and make them unusable, Intercept X monitors all encryption activity. It then does a behavioral analysis of the encryption activity while making a copy of the original file. If the process is found to be malicious in nature it is then shut down and the file is returned to its original state.

Okay now coming to the review part of Intercept X. The first thing that you come across is that this piece  of software is not your regular home security suite. You control a lot of how the system works from the Sophos central cloud that you need to sign up for and get acquainted with before you start installation. Intercept X is part of a line of products from Sophos most of which are managed by Sophos central. Its from there that you can get the various different applications and load them onto your devices and manage the different protocols that you can set for each system. Since I was not a huge corporate entity with tons of systems, I stuck to keeping a copy on my laptop and PC. Setting up Sophos central can be quite frustrating and I was visibly confused before I got things running on my device. Once I got Intercept X running though it was almost like any other security software with options to scan and act on various threats. Since this is an Enterprise security system, you can keep the application from being tampered by using a tamper protection password that is generated on installation and only appears on the Central Cloud. You’ll need  to extract this password from the Sophos Central cloud where devices are automatically registered and assigned These Tamper protection passwords on installation and setup. So only the admins can access the security suite on their systems. Sophos’s endpoint programs also cannot be uninstalled easily and will require administrator permissions. The regular users though will have options to scan and act on threats.

So why do you need this piece of software you might ask? well the answer is that if you have a large number of systems running under one roof and your business runs entirely on these systems you’ll want to keep them out of harms way from hackers trying to break in, steal all your files and make them hostage. You’ll also want a central place to monitor all these systems and Intercept X provides you with this. The Sophos central cloud management logs all the security activity from all the systems under one head and provides a comprehensive log of any attacks faced by these systems. In short Intercept X has a lot of back end control that system administrators will need. Starting this up and getting it running was quite the hassle but once that was done it was a smooth experience.

Leave a Reply