3-Year Subscription License. Includes all Product updates, Full version upgrades, Virus definition updates and technical support.
Prevent attacks early in the attack chain before a full breach occurs. Only Symantec delivers attack and breach prevention, response and remediation across the attack chain.
Symantec Endpoint Security Complete provides your organization with ultimate security at the endpoint. It stops endpoint compromise with superior next gen protection technologies that span the attack chain. Innovative prevention and proactive attack surface reduction technologies provide the strongest defense against the hardest to detect threats that rely on stealthy malware, credential theft, fileless, and “living off the land” attack methods. Symantec also prevents full-blown breaches before exfiltration can occur. Sophisticated attack analytics, automated investigation playbooks, and industry first lateral movement and credential theft prevention provide precise attack detections and proactive threat hunting to contain the attacker and resolve persistent threats in real time.
Protections for All Phases of the Attack Lifecycle
Pre-Attack Surface Reduction
Proactive endpoint defense with pre-attack surface reduction capabilities based on advanced policy controls and technologies continuously scan for vulnerabilities and misconfigurations across applications, Active Directory, and devices. With attack surface reduction defenses in-place, many attacker tactics and techniques cannot be leveraged on your endpoint estate.
Vulnerability Remediation enhances your security posture by providing visibility and intelligence into vulnerabilities and their associated risk.
Breach Assessment continuously probes Active Directory for domain misconfigurations, vulnerabilities, and persistence using attack simulations to identify risks.
Device Control specifies block or allow policies on different types of devices that attach to client computers, such as USB, infrared, and FireWire devices.
App Isolation & App Control allows only known good applications to run, shields known-good applications to prevent attackers from exploiting application vulnerabilities, and isolates unknown apps.
Attack Prevention
Multilayer attack prevention immediately and effectively protects against file-based and fileless attack vectors and methods. Machine learning and artificial intelligence use advanced device and cloud-based detection schemes to identify evolving threats across device types, operating systems, and applications. Attacks are blocked in real-time to maintain endpoint integrity and avoid negative impacts.
Malware Prevention combines signature-based methods (file and website reputation analysis and antivirus scanning) and pre-execution detection and blocking of new and evolving threats (advanced machine learning, sandboxing to detect malware hidden in custom packers, and suspicious file behavioral monitoring and blocking).
Exploit Prevention blocks memory-based zero-day exploits of vulnerabilities in popular software.
Intensive Protection enables fine-grained tuning of the level of detection and blocking separately to optimize protection and gain enhanced visibility into suspicious files.
Network Connection Security identifies rogue Wi-Fi networks and utilizes hotspot reputation technology and delivers a policy-driven VPN to protect network connections and support compliance.
Breach Prevention
Proactive endpoint defense with pre-attack surface reduction capabilities based on advanced policy controls and technologies continuously scan for vulnerabilities and misconfigurations across applications, Active Directory, and devices. With attack surface reduction defenses in-place, many attacker tactics and techniques cannot be leveraged on your endpoint estate.
Vulnerability Remediation enhances your security posture by providing visibility and intelligence into vulnerabilities and their associated risk.
Breach Assessment continuously probes Active Directory for domain misconfigurations, vulnerabilities, and persistence using attack simulations to identify risks.
Device Control specifies block or allow policies on different types of devices that attach to client computers, such as USB, infrared, and FireWire devices.
App Isolation & App Control allows only known good applications to run, shields known-good applications to prevent attackers from exploiting application vulnerabilities, and isolates unknown apps.
Response and Remediation
Proactive endpoint defense with pre-attack surface reduction capabilities based on advanced policy controls and technologies continuously scan for vulnerabilities and misconfigurations across applications, Active Directory, and devices. With attack surface reduction defenses in-place, many attacker tactics and techniques cannot be leveraged on your endpoint estate.
Vulnerability Remediation enhances your security posture by providing visibility and intelligence into vulnerabilities and their associated risk.
Breach Assessment continuously probes Active Directory for domain misconfigurations, vulnerabilities, and persistence using attack simulations to identify risks.
Device Control specifies block or allow policies on different types of devices that attach to client computers, such as USB, infrared, and FireWire devices.
App Isolation & App Control allows only known good applications to run, shields known-good applications to prevent attackers from exploiting application vulnerabilities, and isolates unknown apps.
1-Year Subscription License. Includes all Product updates, Full version upgrades, Virus definition updates and technical support.
Symantec Protection Suite Enterprise Edition - Multilayered Protection from Endpoint to Gateway
Securing your business is challenging, but made easier with Symantec Protection Suite Enterprise Edition. Protect against more threats and secure your environment against data loss, malware, and spam by accurately identifying and addressing risks consistently across different platforms. Multiple layers of protection fuse next generation and essential technologies to ensure you are accurately identifying and addressing risks while delivering consistent protection in both physical and virtual environments. Symantec combines the broad spectrum of necessary security protections across your endpoint with industry-leading messaging infrastructure to keep you safe.
Fastest, most effective security - Powered by next generation and essential technologies, you can confidently protect your infrastructure with industry-leading endpoint and messaging security, with data protection solutions built to secure your physical and virtual environments.
Layered security and intelligence - efficiently manage your endpoint and mail system’s security with real time actionable intelligence across protection technologies.
More protection, for less - Increase the security posture across your IT infrastructure, while reducing upfront and ongoing IT costs and force out unnecessary complexity.
The products included within the Symantec Protection Suite Enterprise Edition are:
Symantec Endpoint Protection (Windows, Linux, and Macintosh)
3-Year Subscription License. Includes all Product updates, Full version upgrades, Virus definition updates and technical support.
Symantec Protection Suite Enterprise Edition - Multilayered Protection from Endpoint to Gateway
Securing your business is challenging, but made easier with Symantec Protection Suite Enterprise Edition. Protect against more threats and secure your environment against data loss, malware, and spam by accurately identifying and addressing risks consistently across different platforms. Multiple layers of protection fuse next generation and essential technologies to ensure you are accurately identifying and addressing risks while delivering consistent protection in both physical and virtual environments. Symantec combines the broad spectrum of necessary security protections across your endpoint with industry-leading messaging infrastructure to keep you safe.
Fastest, most effective security - Powered by next generation and essential technologies, you can confidently protect your infrastructure with industry-leading endpoint and messaging security, with data protection solutions built to secure your physical and virtual environments.
Layered security and intelligence - efficiently manage your endpoint and mail system’s security with real time actionable intelligence across protection technologies.
More protection, for less - Increase the security posture across your IT infrastructure, while reducing upfront and ongoing IT costs and force out unnecessary complexity.
The products included within the Symantec Protection Suite Enterprise Edition are:
Symantec Endpoint Protection (Windows, Linux, and Macintosh)
Symantec Academic & Non-Profit licenses are for sale to K-12 Schools, Community Colleges, Universities, IRS 501c3 Non-Profit Organizations and Churches in the US only.
1-Year Subscription License
Symantec Ghost Solution Suite is an industry leading and award-winning solution for deploying and managing desktops, laptops, tablets, and servers. From a single management console, you can quickly and easily migrate to the latest operating systems, inventory machines, deploy software, and perform custom configurations across multiple hardware platforms and OS types including Windows, Mac, and Linux.
Easy to use Management Console
With Symantec Ghost Solution Suite 3.3 you can do everything you need to manage your systems to manage your systems from within a single console without leaving your desk. Use the intuitive and fast interface to build jobs to perform all of your computer management tasks. A single job can include every step needed to provision and manage a machine, including disk configuration, OS deployment, network configuration, and software deployment.
Simply drag a Windows, Mac, or Linux job onto a computer or group of computers, and then run it immediately or schedule it for after hours. It is that easy.
The console includes multi-casting capabilities, support for adding, modifying, and deleting computers, jobs and tasks, and support for managing virtual computers and thin clients.
It is also easy to restrict access to console functions and managed systems with role-and-scope-based security, so only authorized staff can access and manage appropriate systems.
Our centralized management console increases IT productivity and helps lower the total cost of ownership (TCO) for desktops, laptops, tablets, and servers.
Simplified Inventory, Software, and Settings
OS deployment and configuration is only part of the battle. Once a computer is in day-to-day usage, ongoing tasks like inventory, software management, and basic asset management are also important areas that must be addressed.
Symantec Ghost Solution Suite 3.3 makes it fast and easy to deploy, configure, and upgrade software on managed devices including being able to group machines based on application versions for easy targeting.
Symantec Ghost Solution Suite also enables power users to perform advanced automation and customized scripting. Whether it is support for server-side scripting or conditional error handling, Ghost Solution Suite provides nparalleled job and task management.
Technician’s Web Console
Symantec Ghost Solution Suite 3.3 includes a web-based console designed specifically for technicians with minimal experience. It complements the full console and is simple to use with built-in wizards for common tasks such as Windows 10 migration and image deployment. The console also has a modern UI and works with any browser.
With the web console, frequently run jobs can be delegated to frontline technicians to optimize resources and reduce costs. The web console is also highly scalable, so a large number of technicians can use it simultaneously.
Quick Tasks
Quick tasks allow you to schedule existing jobs, move computers to groups or to add new computers for immediate provisioning of images. Quick tasks can simplify complex processes into step-by-step flows that will make even the newest admin feel like a pro.
Job Creation Wizards
Job Creation Wizards provide step-by-step guides to create the most common jobs executed in the console. These wizards allow users to quickly learn how to create jobs and ensure consistency throughout the process. Jobs can be deployed using the web console and can also be edited further in the standard Symantec Ghost Solution Suite console.
Faster Imaging
A significant part of the time required for imaging machines is booting into automation. The longer a machine takes to get into automation, the longer the overall imaging process takes. Symantec Ghost Solution Suite 3.3 supports iPXE which delivers a dramatic speed improvement to the pre-boot automation process. iPXE shortens the overall downtime during deployment activities and gets the end user back to productivity quicker
Symantec Academic & Non-Profit licenses are for sale to K-12 Schools, Community Colleges, Universities, IRS 501c3 Non-Profit Organizations and Churches in the US only.
3-Year Subscription License
Symantec Ghost Solution Suite is an industry leading and award-winning solution for deploying and managing desktops, laptops, tablets, and servers. From a single management console, you can quickly and easily migrate to the latest operating systems, inventory machines, deploy software, and perform custom configurations across multiple hardware platforms and OS types including Windows, Mac, and Linux.
Easy to use Management Console
With Symantec Ghost Solution Suite 3.3 you can do everything you need to manage your systems to manage your systems from within a single console without leaving your desk. Use the intuitive and fast interface to build jobs to perform all of your computer management tasks. A single job can include every step needed to provision and manage a machine, including disk configuration, OS deployment, network configuration, and software deployment.
Simply drag a Windows, Mac, or Linux job onto a computer or group of computers, and then run it immediately or schedule it for after hours. It is that easy.
The console includes multi-casting capabilities, support for adding, modifying, and deleting computers, jobs and tasks, and support for managing virtual computers and thin clients.
It is also easy to restrict access to console functions and managed systems with role-and-scope-based security, so only authorized staff can access and manage appropriate systems.
Our centralized management console increases IT productivity and helps lower the total cost of ownership (TCO) for desktops, laptops, tablets, and servers.
Simplified Inventory, Software, and Settings
OS deployment and configuration is only part of the battle. Once a computer is in day-to-day usage, ongoing tasks like inventory, software management, and basic asset management are also important areas that must be addressed.
Symantec Ghost Solution Suite 3.3 makes it fast and easy to deploy, configure, and upgrade software on managed devices including being able to group machines based on application versions for easy targeting.
Symantec Ghost Solution Suite also enables power users to perform advanced automation and customized scripting. Whether it is support for server-side scripting or conditional error handling, Ghost Solution Suite provides nparalleled job and task management.
Technician’s Web Console
Symantec Ghost Solution Suite 3.3 includes a web-based console designed specifically for technicians with minimal experience. It complements the full console and is simple to use with built-in wizards for common tasks such as Windows 10 migration and image deployment. The console also has a modern UI and works with any browser.
With the web console, frequently run jobs can be delegated to frontline technicians to optimize resources and reduce costs. The web console is also highly scalable, so a large number of technicians can use it simultaneously.
Quick Tasks
Quick tasks allow you to schedule existing jobs, move computers to groups or to add new computers for immediate provisioning of images. Quick tasks can simplify complex processes into step-by-step flows that will make even the newest admin feel like a pro.
Job Creation Wizards
Job Creation Wizards provide step-by-step guides to create the most common jobs executed in the console. These wizards allow users to quickly learn how to create jobs and ensure consistency throughout the process. Jobs can be deployed using the web console and can also be edited further in the standard Symantec Ghost Solution Suite console.
Faster Imaging
A significant part of the time required for imaging machines is booting into automation. The longer a machine takes to get into automation, the longer the overall imaging process takes. Symantec Ghost Solution Suite 3.3 supports iPXE which delivers a dramatic speed improvement to the pre-boot automation process. iPXE shortens the overall downtime during deployment activities and gets the end user back to productivity quicker
Symantec Web Security Service - cloud-delivered network security service enforces comprehensive internet security and data compliance policies, regardless of location or device.
Increasing web use, rapid cloud adoption, and greater numbers of mobile and remote users are exposing your network to additional risk. Symantec Web Security Service (WSS) is an indispensable line of defense against modern day cyber threats. It provides secure web services, enables enterprises to control access, protects users from threats, and secures their sensitive data.
Your Data and Apps are moving to the cloud – So can your security
Advanced cloud and web security services to protect applications like Office 365
Moving to the cloud introduces new security and compliance risks, but it also enables tremendous new defensive strategies. Cloud-delivered network security adds flexibility and boosts performance, while protecting users with consistent threat prevention and data compliance policies—wherever they go.
Symantec Web Security Service delivers a broad set of advanced capabilities—including a secure web gateway (SWG), software defined perimeter, anti-virus scanning, sandboxing, web isolation, data loss prevention (DLP), and email security. As your users directly access the web, you can extend consistent policies that follow your sensitive data wherever it goes.
Secure Access Cloud – Apply Zero Trust Access to your IaaS applications
Web Isolation—Prevent websites from delivering zero-day malware to employees.
Symantec Endpoint Integrations – Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Mobile (SEP Mobile) can be added for complete laptop and mobile device protection.
Consolidate your security stack
Simplify with our cloud-delivered network security service
Don't waste time and effort stitching together point products. Instead, select a complete web and cloud security service that gives you the protection, threat prevention and compliance capabilities your business needs to stay secure. Our full arsenal of WSS technologies offers broad and deep protection.
Broad network security service with SWG, web isolation, anti-virus scanning, sandboxing, DLP, CASB, and email security capabilities.
Innovative threat prevention to block more threats and minimize false positives.
Unparalleled DLP/DRM service to prevent exfiltration of sensitive or proprietary data.
Strong SSL inspection capability to find malware hidden in encrypted traffic.
Shadow IT control for more than 30,000 applications; set proxy policies to govern access to cloud applications, extending to a full CASB service.
Office 365 security enforces DLP and threat prevention security policies.
Strong, central Web and cloud access governance.
Consistently apply network security policies across web and cloud applications
Protect users with web and cloud security services that connect all devices to distributed, global data centers for reliable, high-performance, local service. Configure and enforce powerful web and cloud application access-control policies.
Set policies based on website content-based classifications and threat risk levels.
Classify URLs in 70 categories covering more than 55 languages.
Authenticate users and enforce user, group, and location-based security controls.
Control employee access to Shadow IT cloud apps (unsanctioned cloud applications).
Enable application-level point-to-point connectivity, cloaking all resources from the end-user devices and the internet
Protect users from threats hiding in encrypted Web and cloud traffic.
Advanced proxy architecture delivers SWG and Advanced Threat Protection capabilities
Symantec Web Security Service protects your organization from cyber attacks using an advanced proxy architecture that terminates, inspects, and controls high volumes of web and cloud traffic, even when it's SSL/TLS encrypted. Our proxy architecture combats advanced threats, secures your information, and protects your users wherever they go. It's built to meet the challenges of the Cloud Generation.
Advanced proxy architecture—Enforce granular threat inspection policies for encrypted web traffic and traffic from cloud apps such as Box and Office 365.
Browsing threat prevention/web isolation—Use isolation to combat the latest generation of threats targeting users' email and web browsing.
File threat prevention—Block high-risk and advanced threats with multilayer file inspection and customizable sandboxing.
Threat Risk Levels—Set web access policies based on a URL’s relative level of threat risk.
Industry leading NGFW security controls for all internet traffic.
Cloud Firewall Service extends protection to all internet traffic, covering all ports and protocols
A simple add-on for Web Security Service enables customers to manage non-web internet traffic in the cloud for all users, regardless of where they are located. This ensures consistent policies are applied and provides easy-to-access, centralized visibility and reporting on internet use.
Symantec Cloud Firewall Service allows you to:
Configure policy to block traffic based any TCP/UDP port
Set policy (allow/deny) based on authenticated User/Groups, as well as Source and/or Destination criteria
Use dashboards and reports to monitor data connections and traffic volume details (such as applications and protocols)
Symantec Web Protection Suite gives organizations an advanced cloud-delivered Secure Web Gateway and leading on-premises Secure Web Gateway (SWG) deployment – both of which can operate seamlessly together with a unified management, reporting and policy control interface. It also includes Threat Intelligence, SSL Inspection, Content Analysis, Isolation, Sandboxing, WAF and more.
The Symantec Web Protection Suite is suitable for customers who are considering cloud SWG adoption, yet would like flexibility to begin this journey now, or any time in the future. The Suite also serves as an entry level SASE foundation enabling secure and fast access for any user, from any device, located anywhere protecting users, devices and data from known and unknown threats across all locations (Remote, branch, and HQ).
The cloud-native SWG facet of this solution differs from others in the market that are run from single purpose Data Centers and fail to protect against advanced threats.
The cloud SWG is deployed across a cloud-native, hyper-scaling and high performant infrastructure built on top of a leading CSP (Google). It is directly on the same backbone delivering YouTube, Google’s Ad Network and other world class services.
Symantec Web Protection Suite – What’s Included:
Symantec Web Security Service. Included in base license. This cloud-based service includes Content filtering, SSL Interception, Anti-Malware scanning, reporting for 100 days, Explicit Proxy, IPsec VPN, and WSS Agent. Also supports integration to Symantec DLP and CASB and Symantec Endpoint Security.
Symantec Proxy Virtual or Physical Appliances. Included in base license. For every 100 users of WPS, one Proxy processing core is available for on-prem deployment, whether virtual, in a private cloud or on dedicated Symantec Hardware (SSP-410 appliances – sold separately).
Content Analysis System Virtual or Physical Appliances. Included in base license. For every 100 users of WPS, two Content Analysis processing cores are available for on-prem deployment, whether virtual, in a private cloud or on dedicated Symantec Hardware (SSP-410 appliances – sold separately).
Intelligence Service Advanced. Included in base license. This adds Symantec’s per-URL risk level ratings, access to the CASB applications, and geo-location data feeds.
High Risk Isolation. Included in base license. This cloud-based service provides Remote Web Browser Isolation applicable to high risk and uncategorized sites for both the cloud Web Security Service and Symantec Proxy virtual appliances.
Management Center Virtual Appliance. Included in base license
Cloud SWG Reporting. Included in base license. Includes 100 days of storage.
Reporter Virtual Appliance. Included in base license. Includes 100 days of storage.
Malware Analysis Standard. Included in base license. This cloud-based service extends the Anti-Malware scanning with emulation-based sandboxing.
Web Application Firewall. Included in base license. WAF license can be used with ProxySG virtual appliances.
Sophos Central Intercept X Essentials - Powerful protection with a lower price tag!
Intercept X Essentials is the new entry-level endpoint protection for small businesses at an affordable price. It offers the same protections as Intercept X Advanced with deep-learning AI, anti-ransomware, and anti-exploit capabilities, but without all the control and management features, which you probably won't miss if your organization is small or perceives low risk.
The following features are not included in Intercept X Essentials
Multiple policies - customers must use the base policy.
Peripheral Control - Customers cannot set users to connect only certain devices.
Controlled updates - Customers cannot delay updates or decide when to deploy them.
Web Control - Customers cannot block access to inappropriate websites.
Application Control - Customers cannot control what types of applications are allowed to be installed and run.
Threat Cases - Customers do not have access to threat cases that show what happened during an incident.
If you need multiple configurable policies or a higher level of manageability with Peripheral Control, Web Control, Application Control, etc., consider purchasing Intercept X Advanced instead.
Technical Specifications
Compare the feature set of Sophos’s various endpoint products to protect your clients. Not sure which protection best suits your business? We advise you free of charge and completely without obligation.
Sophos Central Intercept X Essentials - Powerful protection with a lower price tag!
Intercept X Essentials is the new entry-level endpoint protection for small businesses at an affordable price. It offers the same protections as Intercept X Advanced with deep-learning AI, anti-ransomware, and anti-exploit capabilities, but without all the control and management features, which you probably won't miss if your organization is small or perceives low risk.
The following features are not included in Intercept X Essentials
Multiple policies - customers must use the base policy.
Peripheral Control - Customers cannot set users to connect only certain devices.
Controlled updates - Customers cannot delay updates or decide when to deploy them.
Web Control - Customers cannot block access to inappropriate websites.
Application Control - Customers cannot control what types of applications are allowed to be installed and run.
Threat Cases - Customers do not have access to threat cases that show what happened during an incident.
If you need multiple configurable policies or a higher level of manageability with Peripheral Control, Web Control, Application Control, etc., consider purchasing Intercept X Advanced instead.
Technical Specifications
Compare the feature set of Sophos’s various endpoint products to protect your clients. Not sure which protection best suits your business? We advise you free of charge and completely without obligation.
With Sophos Central Intercept X Advanced, you get all the features of Sophos Central Endpoint Protection and Intercept X in one product.
On the one hand, you benefit from great functions such as "Peripheral Control" or "Malicious Traffic Detection", and at the same time you get a specialist on your computer with Intercept X, which uses a technology called "CryptoGuard" to detect as soon as malware tries to encrypt files on your computer and stops this process immediately. Files that have already been encrypted are then automatically restored, so there is no data loss.
Would you like to see the Sophos Central user interface live? Just go to central.sophos.com and use the demo account. Username: demo@sophos.com / Password: Demo@sophos.com
The only truly comprehensive exploit prevention
Preventing the exploitation of security vulnerabilities.
Sophos Exploit Protection is a unique technology in Intercept X that prevents previously unknown or unpatched vulnerabilities in applications or operating system components from being exploited. With Intercept X, every application is monitored in the background and every action is checked to see if an exploit technique is being attempted.
If such a technique is detected, Exploit Prevention prevents a vulnerability from being exploited and restores the system to a secure state.
Root Cause Analysis
Find out the cause of the attack.
Imagine that, despite all the protective measures, malware has made it into your network. How could this happen? Thanks to the root cause analysis in Intercept X, this mystery can be uncovered with an impressive 360-degree analysis. The Root Cause Analysis Tool can tell you in great detail how the malware got into your network, which devices were infected and what steps you should take now.
With root cause analysis, you'll never be in the dark again if your network has been infected by an unknown malware.
Sophos Clean
Restores the system to its original state after an attack.
With Intercept X, thanks to technologies like CryptoGuard, you are protected against signatureless malware, such as ransomware, but after an attempted attack, your system still needs to be cleaned of all remnants. Since there is no cleaning routine for unknown malware, the entire processes of the executed malware must be forensically examined. This task is performed by Sophos Clean.
Sophos Clean performs a complete cleaning of the system after an attack has been stopped. It not only removes the malware itself, but replaces infected Windows resources with more secure original versions and ultimately restores the system to its original state, as it was before the infection.
Technical Specifications
Compare the feature set of Sophos’s various endpoint products to protect your clients. Not sure which protection best suits your business? We advise you free of charge and completely without obligation.
With Sophos Central Intercept X Advanced, you get all the features of Sophos Central Endpoint Protection and Intercept X in one product.
On the one hand, you benefit from great functions such as "Peripheral Control" or "Malicious Traffic Detection", and at the same time you get a specialist on your computer with Intercept X, which uses a technology called "CryptoGuard" to detect as soon as malware tries to encrypt files on your computer and stops this process immediately. Files that have already been encrypted are then automatically restored, so there is no data loss.
Would you like to see the Sophos Central user interface live? Just go to central.sophos.com and use the demo account. Username: demo@sophos.com / Password: Demo@sophos.com
The only truly comprehensive exploit prevention
Preventing the exploitation of security vulnerabilities.
Sophos Exploit Protection is a unique technology in Intercept X that prevents previously unknown or unpatched vulnerabilities in applications or operating system components from being exploited. With Intercept X, every application is monitored in the background and every action is checked to see if an exploit technique is being attempted.
If such a technique is detected, Exploit Prevention prevents a vulnerability from being exploited and restores the system to a secure state.
Root Cause Analysis
Find out the cause of the attack.
Imagine that, despite all the protective measures, malware has made it into your network. How could this happen? Thanks to the root cause analysis in Intercept X, this mystery can be uncovered with an impressive 360-degree analysis. The Root Cause Analysis Tool can tell you in great detail how the malware got into your network, which devices were infected and what steps you should take now.
With root cause analysis, you'll never be in the dark again if your network has been infected by an unknown malware.
Sophos Clean
Restores the system to its original state after an attack.
With Intercept X, thanks to technologies like CryptoGuard, you are protected against signatureless malware, such as ransomware, but after an attempted attack, your system still needs to be cleaned of all remnants. Since there is no cleaning routine for unknown malware, the entire processes of the executed malware must be forensically examined. This task is performed by Sophos Clean.
Sophos Clean performs a complete cleaning of the system after an attack has been stopped. It not only removes the malware itself, but replaces infected Windows resources with more secure original versions and ultimately restores the system to its original state, as it was before the infection.
Technical Specifications
Compare the feature set of Sophos’s various endpoint products to protect your clients. Not sure which protection best suits your business? We advise you free of charge and completely without obligation.
Sophos Intercept X is the industry leading Endpoint Security solution that reduces the attack surface and prevents attacks from running. Combining anti-exploit, anti-ransomware, deep learning AI and control technology it stops attacks before they impact your systems. Intercept X uses a comprehensive, defense in depth approach to endpoint protection, rather than relying on one primary security technique.
Harness the Power of a Deep Learning Neural Network
Achieve unmatched endpoint threat prevention. Intercept X uses deep learning, an advanced form of machine learning to detect both known and unknown malware without relying on signatures.
Deep learning makes Intercept X smarter, more scalable, and more effective against never-seen-before threats. Intercept X leverages deep learning to outperform endpoint security solutions that use traditional machine learning or signature-based detection alone.
Stop Ransomware in Its Tracks
Block ransomware attacks before they wreak havoc on your organization. Intercept X with XDR includes anti-ransomware technology that detects malicious encryption processes and shuts them down before they can spread across your network. It prevents both file-based and master boot record ransomware.
Any files that were encrypted are rolled back to a safe state, meaning your employees can continue working uninterrupted, with minimal impact to business continuity. You get detailed post-cleanup information, so you can see where the threat got in, what it touched, and when it was blocked.
Intelligent Endpoint Detection and Response (EDR)
The first EDR designed for security analysts and IT administrators
Intercept X Advanced with EDR allows you to ask any question about what has happened in the past, and what is happening now on your endpoints. Hunt threats to detect active adversaries, or leverage for IT operations to maintain IT security hygiene. When an issue is found remotely respond with precision. By starting with the strongest protection, Intercept X stops breaches before they start. It cuts down the number of items to investigate and saves you time.
The strongest protection combined with powerful EDR
Add expertise, not headcount
Built for IT operations and threat hunting
Extended Detection and Response (XDR)
Intercept X Advanced with XDR is the industry’s only XDR solution that synchronizes native endpoint, server, firewall, email, cloud and O365 security. Get a holistic view of your organization’s environment with the richest data set and deep analysis for threat detection, investigation and response for both dedicated SOC teams and IT admins.
Cross reference indicators of comprise from multiple data sources to quickly identify, pinpoint and neutralize a threat
Use ATP and IPS events from the firewall to investigate suspect hosts and identify unprotected devices across your estate
Understand office network issues and which application is causing them
Identify unmanaged, guest and IoT devices across your organization’s environment
Managed Detection and Response
Threat Hunting - Proactive 24/7 hunting by our elite team of threat analysts. Determine the potential impact and context of threats to your business.
Response - Initiates actions to remotely disrupt, contain, and neutralize threats on your behalf to stop even the most sophisticated threats
Continuous Improvement - Get actionable advice for addressing the root cause of recurring incidents to stop them for occurring again
Sophos Intercept X is the industry leading Endpoint Security solution that reduces the attack surface and prevents attacks from running. Combining anti-exploit, anti-ransomware, deep learning AI and control technology it stops attacks before they impact your systems. Intercept X uses a comprehensive, defense in depth approach to endpoint protection, rather than relying on one primary security technique.
Harness the Power of a Deep Learning Neural Network
Achieve unmatched endpoint threat prevention. Intercept X uses deep learning, an advanced form of machine learning to detect both known and unknown malware without relying on signatures.
Deep learning makes Intercept X smarter, more scalable, and more effective against never-seen-before threats. Intercept X leverages deep learning to outperform endpoint security solutions that use traditional machine learning or signature-based detection alone.
Stop Ransomware in Its Tracks
Block ransomware attacks before they wreak havoc on your organization. Intercept X with XDR includes anti-ransomware technology that detects malicious encryption processes and shuts them down before they can spread across your network. It prevents both file-based and master boot record ransomware.
Any files that were encrypted are rolled back to a safe state, meaning your employees can continue working uninterrupted, with minimal impact to business continuity. You get detailed post-cleanup information, so you can see where the threat got in, what it touched, and when it was blocked.
Intelligent Endpoint Detection and Response (EDR)
The first EDR designed for security analysts and IT administrators
Intercept X Advanced with EDR allows you to ask any question about what has happened in the past, and what is happening now on your endpoints. Hunt threats to detect active adversaries, or leverage for IT operations to maintain IT security hygiene. When an issue is found remotely respond with precision. By starting with the strongest protection, Intercept X stops breaches before they start. It cuts down the number of items to investigate and saves you time.
The strongest protection combined with powerful EDR
Add expertise, not headcount
Built for IT operations and threat hunting
Extended Detection and Response (XDR)
Intercept X Advanced with XDR is the industry’s only XDR solution that synchronizes native endpoint, server, firewall, email, cloud and O365 security. Get a holistic view of your organization’s environment with the richest data set and deep analysis for threat detection, investigation and response for both dedicated SOC teams and IT admins.
Cross reference indicators of comprise from multiple data sources to quickly identify, pinpoint and neutralize a threat
Use ATP and IPS events from the firewall to investigate suspect hosts and identify unprotected devices across your estate
Understand office network issues and which application is causing them
Identify unmanaged, guest and IoT devices across your organization’s environment
Managed Detection and Response
Threat Hunting - Proactive 24/7 hunting by our elite team of threat analysts. Determine the potential impact and context of threats to your business.
Response - Initiates actions to remotely disrupt, contain, and neutralize threats on your behalf to stop even the most sophisticated threats
Continuous Improvement - Get actionable advice for addressing the root cause of recurring incidents to stop them for occurring again
Sophos Managed Detection and Response – Artificial intelligence mixed with human expertise
With “Sophos Central MDR” you can achieve the highest level of security Sophos can currently offer for the protection of your endpoints (macOS 10.15+, Windows 8.1+). In this bundle, you get all the features of Intercept X Advanced with XDR and the new, enhanced MDR service.
Active threat response by a team of experts – 24/7
With the MDR service, Sophos provides a highly available “Service Operation Center” (SOC). It is the perfect complement for all IT administrators where there are no free resources to go threat hunting themselves with XDR's tools. It takes highly skilled and specialized personnel to use XDR to proactively scan the network for potential threats and take the correct steps when an attack occurs. With Sophos Central MDR for Server, you no longer need to look for trained personnel yourself. Sophos provides a team of experts who work 24/7 to combat threats.
Features of MDR
24/7 circumstantial threat hunting
If something has been detected on your system that could not be fixed automatically and requires human expertise, the MDR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and uses his experience to decide what needs to be done.
Attack detection
The MDR team pays special attention to attacks executed through legitimate processes, such as PowerShell. Such attacks are often successful because they are difficult for monitoring tools to detect. The MDR team uses proprietary analytics to monitor these processes to ensure they are not being misused for malicious purposes.
Security Health Check
The Security Health Check ensures that your Sophos Central products can always operate at maximum performance. To do this, the MDR team looks at your network requirements and makes recommendations for configuration changes.
Activity Reports
You will learn the current state of your systems, what intelligence was gathered during the reporting period, and what threats were averted. A histogram of these reports is then created over the period where you use the MDR service. With the help of this data, Sophos creates so-called "scorecards", with which one can compare oneself to previous periods.
Onboarding process with maximum control and transparency
Regardless of whether you choose the normal MDR or MDR Complete variant, you retain control over how autonomously the MDR team should operate. This is regulated right at the beginning in the so-called onboarding process. When you purchase the Sophos MDR service, you can choose from three options that determine what response you expect from the MDR team:
Sophos Managed Detection and Response – Artificial intelligence mixed with human expertise
With “Sophos Central MDR” you can achieve the highest level of security Sophos can currently offer for the protection of your endpoints (macOS 10.15+, Windows 8.1+). In this bundle, you get all the features of Intercept X Advanced with XDR and the new, enhanced MDR service.
Active threat response by a team of experts – 24/7
With the MDR service, Sophos provides a highly available “Service Operation Center” (SOC). It is the perfect complement for all IT administrators where there are no free resources to go threat hunting themselves with XDR's tools. It takes highly skilled and specialized personnel to use XDR to proactively scan the network for potential threats and take the correct steps when an attack occurs. With Sophos Central MDR for Server, you no longer need to look for trained personnel yourself. Sophos provides a team of experts who work 24/7 to combat threats.
Features of MDR
24/7 circumstantial threat hunting
If something has been detected on your system that could not be fixed automatically and requires human expertise, the MDR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and uses his experience to decide what needs to be done.
Attack detection
The MDR team pays special attention to attacks executed through legitimate processes, such as PowerShell. Such attacks are often successful because they are difficult for monitoring tools to detect. The MDR team uses proprietary analytics to monitor these processes to ensure they are not being misused for malicious purposes.
Security Health Check
The Security Health Check ensures that your Sophos Central products can always operate at maximum performance. To do this, the MDR team looks at your network requirements and makes recommendations for configuration changes.
Activity Reports
You will learn the current state of your systems, what intelligence was gathered during the reporting period, and what threats were averted. A histogram of these reports is then created over the period where you use the MDR service. With the help of this data, Sophos creates so-called "scorecards", with which one can compare oneself to previous periods.
Onboarding process with maximum control and transparency
Regardless of whether you choose the normal MDR or MDR Complete variant, you retain control over how autonomously the MDR team should operate. This is regulated right at the beginning in the so-called onboarding process. When you purchase the Sophos MDR service, you can choose from three options that determine what response you expect from the MDR team:
Complete this Enquiry Form to obtain additional information about our services or send personal complaints. We will analyze your enquiry and return to you shortly by email or phone.
Create Account
Complete this Enquiry Form to obtain additional information about our services or send personal complaints. We will analyze your enquiry and return to you shortly by email or phone.
Password Recovery
We use cookies to improve user experience, and analyze website traffic. For these reasons, we may share your site usage data with our analytics partners. By continuing to the site, you consent to store on your device all the technologies described in our cookie policy.
Here is the the cookie policy
