Sophos Intercept X for Server is the industry leading Server Security solution that reduces the attack surface and prevents attacks from running. Combining anti-exploit, anti-ransomware, deep learning AI and control technology it stops attacks before they impact your systems. Intercept X for Server uses a comprehensive, defense in depth approach to server protection, rather than relying on one primary security technique.

Highlights

• Secures cloud, on-premises and virtual server deployments
• Stops never seen before threats with deep learning AI
• Blocks ransomware and rollback files to a safe state
• Prevents the exploit techniques used throughout the attack chain
• Performs threat hunting and IT ops security hygiene with XDR
• Understand and secure your wider cloud environment such as S3 buckets and databases
• Provides 24/7/365 security delivered as a fully managed service

Stop Unknown Threats

Deep learning AI in Intercept X for Server excels at detecting and blocking malware even when it hasn’t been seen before. It does this by scrutinizing file attributes from hundreds of millions of samples to identify threats without the need for a signature.

Block Ransomware

Intercept X for Server includes advanced anti-ransomware capabilities that detect and block the malicious encryption processes used in ransomware attacks. Files that have been encrypted will be rolled back to a safe state, minimizing any impact to business productivity.

Prevent Exploits

Anti-exploit technology stops the exploit techniques that attackers rely on to compromise devices, steal credentials and distribute malware. By stopping the techniques used throughout the attack chain Intercept X for Server keeps your organization secure against file-less attacks and zero-day exploits.

Control Your Servers

Ensure only what you want can run. Server Lockdown (whitelisting) makes sure that only applications you have approved can run on a server. File Integrity Monitoring will notify you if there are unauthorized attempts to change critical files.

See Your Wider Cloud Environment

Understand and secure your entire multi-cloud inventory. You can detect your cloud workloads as well as critical cloud services including S3 buckets, databases and serverless functions, identify suspicious activity, spot insecure deployments and close security gaps.

Each year, millions of laptop computers are misplaced, stolen, or lost; many of them containing important and sensitive data. Full disk encryption is the essential first line of defense to protect your data in any of these events. Sophos Central gives you the ability to manage full disk encryption from a single, integrated, web-based management center.

• Manage Windows BitLocker and macOS FileVault full disk encryption centrally from a single console
• Proof-of-compliance reporting
• Self-service key recovery
• User-centric management
• Per-user pricing
• Quick deployment

Securing data and staying compliant
The majority of mobile professionals carry laptops containing confidential company information. Passwords alone do not protect data. The best way to make sure your data is secure at rest is by encrypting the computer's hard drive. As a part of compliance requirements, you are likely to be able to verify which computers in your organization are encrypted. And in the case of lost or stolen laptops, organizations also need to provide proof that these missing devices are encrypted.

Quick deployment
Sophos Central Device Encryption lets you centrally manage Windows BitLocker and macOS FileVault native device encryption. With Sophos Central’s web-based management, there is no server to deploy and no need to configure back-end key servers. You can deploy and start securing data in minutes. For existing Sophos Central Endpoint Protection customers, there is no additional agent required. Over-the-air deployment means that it takes only a couple of clicks to push out the new encryption policy. And, it lets you easily secure data on remote laptops.

Unified management interface
Manage your encryption policy, encryption keys, as well as all your essential security policies using Sophos Central, a web-based integrated management console. Sophos Central provides an intuitive view for all your Sophos security products.

Simple user-centric management
Sophos Central is centered around the user. When a user has more than one computer, you can enable device encryption and protect all of the user's computers with one easy action.

Secure key recovery via our self-service portal
Sophos Central Self Service lets users retrieve their own full disk encryption recovery keys. This helps users get back to work faster without needing to contact the help desk, saving both time and IT resources.

Cloud Email security powered by artificial intelligence Sophos Email is cloud email security simply delivered through Sophos Central’s easy-to-use single management console. Protecting your people from unwanted and malicious email threats today, and tomorrow, with the latest artificial intelligence.

Highlights

• Predictive email security able to block known and unknow threats
• Stop ransomware, spam, and phishing attacks
• Support for all major platforms
• Automatic Active Directory Synchronization
• Self-Service Portal with end-user and admin controls

Smarter Email Security

Today’s email threats move fast, and malicious files look more and more like benign files. Growing businesses need predictive email security - defeating today’s threats with an eye on tomorrow.

See the Future

Using the same technology as our award-winning Intercept X, the artificial intelligence built into Sophos Email’s Sandstorm sandboxing technology is a deep learning neural network, able to detect suspicious payloads containing threats, malware and unwanted applications, as well as high-level threats embedded in documents, including ransomware.

Sophos Sandstorm detonates these files in series of virtual machines, simulating a real end user environment where behavior can be monitored. Delivering safe documents – not just PDFs.

Block Stealth Attacks

Protecting employees from malicious website links, our advanced URL protection is out-smarting attackers who slip phishing URLs past traditional gateways - delaying the upload of malware to websites until after the email is delivered. Sophos Time-ofClick checks website reputation before delivery and at the time you click – blocking stealthy, delayed attacks.

Trust Your Inbox

Attackers relentlessly target organizations with spam, phishing, and advanced socially engineered attacks. Automate phishing imposter defense with Sophos Email authentication. Protecting your employees from phishing attacks using fraudulent email addresses that impersonate trusted contacts and domains, before they reach the inbox.

Using a combination of SPF, DKIM and DMARC authentication techniques and email header analysis, Sophos Email allows you to identify and allow legitimate emails from trusted partners, and block the imposter – allowing you to trust your inbox again.

Flexible Deployment

Sophos Email was born to be flexible. Creating unique security policies for individuals, groups or the whole domain can be done in minutes – saving you valuable time.

While seamless integration with Microsoft Office 365, Google G Suite, on-premises Exchange 2003+, and many more email providers, allows you to protect any email service where you control the domain and DNS records. Best of all - activation is completely in your control, with administrator controls and end-user self-service for common day-to-day tasks.

Secure Office 365

The answer for business-grade email. Email, Office, Collaboration – Microsoft Office 365 is a great tool for businesses to stay productive. But as customers move to O365, the security features often don’t live up to expectations. Great collaboration needs great security, and Sophos Email provides a simple solution:

• One Advanced license secures Office 365 from the latest spam, phishing and advanced threats
• Ensure compliance with a choice of location for email scanning and sandbox analysis
• Single easy-to-use management console

Getting Started is Easy

Deployment requires a simple MX record change to route email through Sophos Central, and you can simply bring in users and their mailboxes with our handy Azure and on premise Active Directory synchronization tools.

Sophos Managed Detection and Response – Artificial intelligence mixed with human expertise

With "Sophos Central MDR for Server" you can achieve the highest level of security Sophos can currently offer for the protection of your Server (Linux, Windows Server 2008 R2+). In this bundle, you get all the features of Intercept X Advanced for Server with XDR and the new, enhanced MDR service.

Active threat response by a team of experts – 24/7

With the MDR service, Sophos provides a highly available “Service Operation Center” (SOC). It is the perfect complement for all IT administrators where there are no free resources to go threat hunting themselves with XDR's tools. It takes highly skilled and specialized personnel to use XDR to proactively scan the network for potential threats and take the correct steps when an attack occurs.
With Sophos Central MDR for Server, you no longer need to look for trained personnel yourself. Sophos provides a team of experts who work 24/7 to combat threats.

Features of MDR

24/7 circumstantial threat hunting

If something has been detected on your system that could not be fixed automatically and requires human expertise, the MDR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and uses his experience to decide what needs to be done.

Attack detection

The MDR team pays special attention to attacks executed through legitimate processes, such as PowerShell. Such attacks are often successful because they are difficult for monitoring tools to detect. The MDR team uses proprietary analytics to monitor these processes to ensure they are not being misused for malicious purposes.

Security Health Check

The Security Health Check ensures that your Sophos Central products can always operate at maximum performance. To do this, the MDR team looks at your network requirements and makes recommendations for configuration changes.

Sophos Managed Detection and Response (MDR) Complete is Sophos' most flexible and comprehensive 24/7 managed threat protection, detection, and response service. MDR Complete provides analyst-led threat hunting and investigation as well as full-scale incident response. Threats are fully eliminated. Sophos MDR Complete includes support for 3rd party endpoint protection solutions. Optional add-ons can be purchased for Sophos Network Detection and Response (NDR), Sophos 3rd party integration packs, and extended data storage. For licensing clarity, Central Managed Detection and Response includes Central Intercept X Advanced with XDR as well as 3rd party endpoint compatibility.

Ransomware and Breach Prevention Services

The need for always-on security operations has become an imperative. However, the complexity of modern operating environments and the velocity of cyberthreats make it increasingly difficult for most organizations to successfully manage detection and response on their own.

With Sophos MDR, our expert team stops advanced human-led attacks. We take action to neutralize threats before they can disrupt your business operations or compromise your sensitive data. Sophos MDR is customizable with different service tiers, and can be delivered via our proprietary technology or using your existing cybersecurity technology investments.

Cybersecurity Delivered as a Service

Enabled by extended detection and response (XDR) capabilities that provide complete security coverage wherever your data reside, Sophos MDR can:

• Detect more cyberthreats than security tools can identify on their own Our tools automatically block 99.98% of threats, which enables our analysts to focus on hunting the most sophisticated attackers that can only be detected and stopped by a highly trained human.
• Take action on your behalf to stop threats from disrupting your business Our analysts detect, investigate, and respond to threats in minutes — whether you need full-scale incident response or help making accurate decisions.
• Identify the root cause of threats to prevent future incidents We proactively take actions and provide recommendations that reduce risk to your organization. Fewer incidents mean less disruption for your IT and security teams, your employees, and your customers.

Compatible with the Cybersecurity Tools You Already Have

We can provide the technology you need from our award-wining portfolio, or our analysts can leverage your existing cybersecurity technologies to detect and respond to threats.

Sophos MDR is compatible with security telemetry from vendors such as Microsoft, CrowdStrike, Palo Alto Networks, Fortinet, Check Point, Rapid7, Amazon Web Services (AWS), Google, Okta, Darktrace, and many others. Telemetry is automatically consolidated, correlated, and prioritized with insights from the Sophos Adaptive Cybersecurity Ecosystem (ACE) and Sophos X-Ops threat intelligence unit.

Highlights

• Stop ransomware and other advanced human-led attacks with a 24/7 team of threat response experts
• Maximize the ROI of your existing cybersecurity technologies
• Let Sophos MDR execute full-scale incident response, work with you to manage security incidents, or deliver detailed threat notifications and guidance
• Improve cyber insurance coverage eligibility with 24/7 monitoring and endpoint detection and response (EDR) capabilities
• Free up your internal IT and security staff to focus on business enablement

Sophos Central Intercept X Essentials - Powerful protection with a lower price tag!

Intercept X Essentials is the new entry-level endpoint protection for small businesses at an affordable price. It offers the same protections as Intercept X Advanced with deep-learning AI, anti-ransomware, and anti-exploit capabilities, but without all the control and management features, which you probably won't miss if your organization is small or perceives low risk.

The following features are not included in Intercept X Essentials

• Multiple policies - customers must use the base policy.
• Peripheral Control - Customers cannot set users to connect only certain devices.
• Controlled updates - Customers cannot delay updates or decide when to deploy them.
• Web Control - Customers cannot block access to inappropriate websites.
• Application Control - Customers cannot control what types of applications are allowed to be installed and run.
• Threat Cases - Customers do not have access to threat cases that show what happened during an incident.

If you need multiple configurable policies or a higher level of manageability with Peripheral Control, Web Control, Application Control, etc., consider purchasing Intercept X Advanced instead.

Sophos Managed Detection and Response – Artificial intelligence mixed with human expertise

With “Sophos Central MDR” you can achieve the highest level of security Sophos can currently offer for the protection of your endpoints (macOS 10.15+, Windows 8.1+). In this bundle, you get all the features of Intercept X Advanced with XDR and the new, enhanced MDR service.

Active threat response by a team of experts – 24/7

With the MDR service, Sophos provides a highly available “Service Operation Center” (SOC). It is the perfect complement for all IT administrators where there are no free resources to go threat hunting themselves with XDR's tools. It takes highly skilled and specialized personnel to use XDR to proactively scan the network for potential threats and take the correct steps when an attack occurs.
With Sophos Central MDR for Server, you no longer need to look for trained personnel yourself. Sophos provides a team of experts who work 24/7 to combat threats.

Features of MDR

24/7 circumstantial threat hunting

If something has been detected on your system that could not be fixed automatically and requires human expertise, the MDR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and uses his experience to decide what needs to be done.

Attack detection

The MDR team pays special attention to attacks executed through legitimate processes, such as PowerShell. Such attacks are often successful because they are difficult for monitoring tools to detect. The MDR team uses proprietary analytics to monitor these processes to ensure they are not being misused for malicious purposes.

Security Health Check

The Security Health Check ensures that your Sophos Central products can always operate at maximum performance. To do this, the MDR team looks at your network requirements and makes recommendations for configuration changes.

Activity Reports

You will learn the current state of your systems, what intelligence was gathered during the reporting period, and what threats were averted. A histogram of these reports is then created over the period where you use the MDR service. With the help of this data, Sophos creates so-called "scorecards", with which one can compare oneself to previous periods.

Onboarding process with maximum control and transparency

Regardless of whether you choose the normal MDR or MDR Complete variant, you retain control over how autonomously the MDR team should operate. This is regulated right at the beginning in the so-called onboarding process. When you purchase the Sophos MDR service, you can choose from three options that determine what response you expect from the MDR team:

Central Managed Detection and Response Server is a 24/7 managed threat protection, detection, and response service. The MDR service tier provides analyst-led threat hunting, investigation, and threat containment so attacks are interrupted to prevent spreading. Sophos MDR includes support for 3rd party server protection solutions. Optional add-ons can be purchased for Sophos Network Detection and Response (NDR), Sophos 3rd party integration packs, and extended data storage. For licensing clarity, Central Managed Detection and Response includes Central Intercept X Advanced with XDR as well as 3rd party endpoint compatibility.

Ransomware and Breach Prevention Services

The need for always-on security operations has become an imperative. However, the complexity of modern operating environments and the velocity of cyberthreats make it increasingly difficult for most organizations to successfully manage detection and response on their own.

With Sophos MDR, our expert team stops advanced human-led attacks. We take action to neutralize threats before they can disrupt your business operations or compromise your sensitive data. Sophos MDR is customizable with different service tiers, and can be delivered via our proprietary technology or using your existing cybersecurity technology investments.

Cybersecurity Delivered as a Service

Enabled by extended detection and response (XDR) capabilities that provide complete security coverage wherever your data reside, Sophos MDR can:

• Detect more cyberthreats than security tools can identify on their own Our tools automatically block 99.98% of threats, which enables our analysts to focus on hunting the most sophisticated attackers that can only be detected and stopped by a highly trained human.
• Take action on your behalf to stop threats from disrupting your business Our analysts detect, investigate, and respond to threats in minutes — whether you need full-scale incident response or help making accurate decisions.
• Identify the root cause of threats to prevent future incidents We proactively take actions and provide recommendations that reduce risk to your organization. Fewer incidents mean less disruption for your IT and security teams, your employees, and your customers.

Sophos Managed Detection and Response – Artificial intelligence mixed with human expertise

With “Sophos Central MDR” you can achieve the highest level of security Sophos can currently offer for the protection of your endpoints (macOS 10.15+, Windows 8.1+). In this bundle, you get all the features of Intercept X Advanced with XDR and the new, enhanced MDR service.

Active threat response by a team of experts – 24/7

With the MDR service, Sophos provides a highly available “Service Operation Center” (SOC). It is the perfect complement for all IT administrators where there are no free resources to go threat hunting themselves with XDR's tools. It takes highly skilled and specialized personnel to use XDR to proactively scan the network for potential threats and take the correct steps when an attack occurs.
With Sophos Central MDR for Server, you no longer need to look for trained personnel yourself. Sophos provides a team of experts who work 24/7 to combat threats.

Features of MDR

24/7 circumstantial threat hunting

If something has been detected on your system that could not be fixed automatically and requires human expertise, the MDR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and uses his experience to decide what needs to be done.

Attack detection

The MDR team pays special attention to attacks executed through legitimate processes, such as PowerShell. Such attacks are often successful because they are difficult for monitoring tools to detect. The MDR team uses proprietary analytics to monitor these processes to ensure they are not being misused for malicious purposes.

Security Health Check

The Security Health Check ensures that your Sophos Central products can always operate at maximum performance. To do this, the MDR team looks at your network requirements and makes recommendations for configuration changes.

Activity Reports

You will learn the current state of your systems, what intelligence was gathered during the reporting period, and what threats were averted. A histogram of these reports is then created over the period where you use the MDR service. With the help of this data, Sophos creates so-called "scorecards", with which one can compare oneself to previous periods.

Onboarding process with maximum control and transparency

Regardless of whether you choose the normal MDR or MDR Complete variant, you retain control over how autonomously the MDR team should operate. This is regulated right at the beginning in the so-called onboarding process. When you purchase the Sophos MDR service, you can choose from three options that determine what response you expect from the MDR team:

Sophos Central Intercept X Essentials - Powerful protection with a lower price tag!

Intercept X Essentials is the new entry-level endpoint protection for small businesses at an affordable price. It offers the same protections as Intercept X Advanced with deep-learning AI, anti-ransomware, and anti-exploit capabilities, but without all the control and management features, which you probably won't miss if your organization is small or perceives low risk.

The following features are not included in Intercept X Essentials

• Multiple policies - customers must use the base policy.
• Peripheral Control - Customers cannot set users to connect only certain devices.
• Controlled updates - Customers cannot delay updates or decide when to deploy them.
• Web Control - Customers cannot block access to inappropriate websites.
• Application Control - Customers cannot control what types of applications are allowed to be installed and run.
• Threat Cases - Customers do not have access to threat cases that show what happened during an incident.

If you need multiple configurable policies or a higher level of manageability with Peripheral Control, Web Control, Application Control, etc., consider purchasing Intercept X Advanced instead.

Cloud Email security powered by artificial intelligence Sophos Email is cloud email security simply delivered through Sophos Central’s easy-to-use single management console. Protecting your people from unwanted and malicious email threats today, and tomorrow, with the latest artificial intelligence.

Highlights

• Predictive email security able to block known and unknow threats
• Stop ransomware, spam, and phishing attacks
• Support for all major platforms
• Automatic Active Directory Synchronization
• Self-Service Portal with end-user and admin controls

Smarter Email Security

Today’s email threats move fast, and malicious files look more and more like benign files. Growing businesses need predictive email security - defeating today’s threats with an eye on tomorrow.

See the Future

Using the same technology as our award-winning Intercept X, the artificial intelligence built into Sophos Email’s Sandstorm sandboxing technology is a deep learning neural network, able to detect suspicious payloads containing threats, malware and unwanted applications, as well as high-level threats embedded in documents, including ransomware.

Sophos Sandstorm detonates these files in series of virtual machines, simulating a real end user environment where behavior can be monitored. Delivering safe documents – not just PDFs.

Block Stealth Attacks

Protecting employees from malicious website links, our advanced URL protection is out-smarting attackers who slip phishing URLs past traditional gateways - delaying the upload of malware to websites until after the email is delivered. Sophos Time-ofClick checks website reputation before delivery and at the time you click – blocking stealthy, delayed attacks.

Trust Your Inbox

Attackers relentlessly target organizations with spam, phishing, and advanced socially engineered attacks. Automate phishing imposter defense with Sophos Email authentication. Protecting your employees from phishing attacks using fraudulent email addresses that impersonate trusted contacts and domains, before they reach the inbox.

Using a combination of SPF, DKIM and DMARC authentication techniques and email header analysis, Sophos Email allows you to identify and allow legitimate emails from trusted partners, and block the imposter – allowing you to trust your inbox again.

Flexible Deployment

Sophos Email was born to be flexible. Creating unique security policies for individuals, groups or the whole domain can be done in minutes – saving you valuable time.

While seamless integration with Microsoft Office 365, Google G Suite, on-premises Exchange 2003+, and many more email providers, allows you to protect any email service where you control the domain and DNS records. Best of all - activation is completely in your control, with administrator controls and end-user self-service for common day-to-day tasks.

Secure Office 365

The answer for business-grade email. Email, Office, Collaboration – Microsoft Office 365 is a great tool for businesses to stay productive. But as customers move to O365, the security features often don’t live up to expectations. Great collaboration needs great security, and Sophos Email provides a simple solution:

• One Advanced license secures Office 365 from the latest spam, phishing and advanced threats
• Ensure compliance with a choice of location for email scanning and sandbox analysis
• Single easy-to-use management console

Getting Started is Easy

Deployment requires a simple MX record change to route email through Sophos Central, and you can simply bring in users and their mailboxes with our handy Azure and on premise Active Directory synchronization tools.

Sophos Central Intercept X Essentials for Server - Powerful protection with a lower price tag!

Intercept X Essentials for Servers is the new entry-level server protection for small businesses at an affordable price. It offers the same protections as Intercept X Advanced for Servers with deep-learning AI, anti-ransomware, and anti-exploit capabilities, but without all the control and management features you probably won't miss if your business is small or perceives low risk.

The following features are not included in Intercept X Essentials for Servers

• Multiple policies - customers must use the base policy.
• Peripheral Control - Customers cannot set users to connect only certain devices.
• Controlled updates - Customers cannot delay updates or decide when to deploy them.
• Web Control - Customers cannot block access to inappropriate websites.
• Application Control - Customers cannot control what types of applications are allowed to be installed and run.
• Threat Cases - Customers do not have access to threat cases that show what happened during an incident.
• File Integrity Monitoring (FIM) - Customers cannot monitor critical files on their servers for tampering attempts.
• Cloud Security Posture Management (CSPM) - Customers cannot see their entire cloud environment, such as serverless functions and databases.
• Server Lockdown - Customers cannot lock down their servers to a base configuration.

If you need multiple configurable policies or a higher level of manageability with Peripheral Control, Web Control, Application Control, etc., consider purchasing Intercept X Advanced for Server instead.