Users can launch their own scan but apart from that it's not particularly configurable. There are three main sections : 'Status, 'Events' and 'Detections'. Having praised the installer's quick operation, we should also take some time to mention it's spartan interface. (Image credit: Sophos) Sophos Intercept X Advanced: Interface If you don't choose these features, you can install them later once the endpoint's active.Īs soon as the Sophos client finished installing, we clicked the system tray icon to see the reassuring message, "Your Device is protected". When downloading the installer, you can choose to customize it with ZTNA or device encryption. The installer said it would take 10 minutes but we found the whole process took less than five. A quick dive into the Control Panel was all that was needed. Still, the registration process was very fluid and we clicked the activation link to create a password for the 'Sophos Central Dashboard' in under 2 minutes.įrom here it was a simple matter to download the Windows installer to our test machine (macOS clients are also available) but we did hit a snag when the client program discovered that a previous endpoint client hadn't been fully installed from the machine. We were happy to provide an email address in order to receive a registration link but didn't understand why a telephone number or postcode was required. In order to download a free trial interested parties must first register an account with Sophos Central. (Image credit: Sophos) Sophos Intercept X Advanced: Setup Subscribers to this top tier also get their very own "incident response lead". Subscribers to 'Intercept X Advanced with MDR Complete' benefit from the full package, which includes human-led threat hunting and response such as security health checks and 'root cause analysis' to prevent further threats. Crucially this tier supports live response so managers can remote monitor endpoints and take action to secure or even isolate them. 'Advanced with XDR' subscribers can access Advanced On-demand Sophos X-Ops Threat Intelligence and export forensic reports. Subscribers also benefit from cross-product Data Sources such as Firewall and Email (Sophos XDR). This includes 30 days of Sophos Data Lake cloud storage, as well as an SQL Query Library (pre-written, fully customizable queries) to detect suspicious events. Subscribers to 'Intercept X Advanced with XDR' (which is offered via the free trial) benefit from all the above features, as well as better support for live detection of threats. The platform can also perform file recovery of compromised files if this is detected. Other perks include Web Control / Category-based URL Blocking, as well as application/peripheral control.ĭata Loss Prevention features include 'Cryptoguard', which continuously monitors file to check if they've been encrypted by ransomware. Subscribers get to enjoy deep learning malware detection, anti-malware file scanning and real-time protection. The company has produced a datasheet explaining some of the perks, as well as a list of technical specifications for the Intercept X tiers.ĭespite the name, 'Intercept X Advanced' is, in fact, the most basic tier. The aforementioned free trial of Sophos Intercept X Advanced with XDR also includes trial versions of other products such as Sophos Intercept X for mobile, ZTNA (Zero Trust Network Access) and others, so for the purposes of this review we'll try to distinguish those features specific to Intercept X Advanced. (Image credit: Sophos) Sophos Intercept X Advanced: Features
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |