| Content | Central Intercept X Advanced with Extended Detection and Response (XDR) is built for both cybersecurity analysts and IT administrators. Includes all features in Central Intercept X Advanced, as well as additional, powerful features for detection and remediation. Ask and answer business critical IT operations and threat hunting questions with Live Discover and respond remotely with Live Response. Includes 30 days of storage in the Sophos Data Lake and enables queries across the data collected from any Sophos XDR-ready product.
| Features |
Intercept X Advanced
|
Intercept X Advanced with XDR
|
Intercept X Advanced with MDR
|
Intercept X Advanced with MDR Complete
|
| ATTACK SURFACE |
| Web Security |
|
|
|
|
| Download Reputation |
|
|
|
|
| Web Control / Category-based URL Blocking |
|
|
|
|
| Peripheral Control |
|
|
|
|
| Application Control |
|
|
|
|
| BEFORE IT RUNS ON DEVICE |
| Deep Learning Malware Detection |
|
|
|
|
| Anti-Malware File Scanning |
|
|
|
|
| Live Protection |
|
|
|
|
| Pre-execution Behavior Analysis (HIPS) |
|
|
|
|
| Potentially Unwanted Application (PUA) Blocking |
|
|
|
|
| Intrusion Prevention System |
|
|
|
|
| STOP RUNNING THREAT |
| Data Loss Prevention |
|
|
|
|
| Runtime Behavior Analysis (HIPS) |
|
|
|
|
| Antimalware Scan Interface (AMSI) |
|
|
|
|
| Malicious Traffic Detection (MTD) |
|
|
|
|
| Exploit Prevention |
|
|
|
|
| Active Adversary Mitigations |
|
|
|
|
| Ransomware File Protection (CryptoGuard) |
|
|
|
|
| Disk and Boot Record Protection (WipeGuard) |
|
|
|
|
| Man-in-the-Browser Protection (Safe Browsing) |
|
|
|
|
| Enhanced Application Lockdown |
|
|
|
|
| DETECT |
|
|
|
| SQL Query Library (pre-written, fully customizable queries) Suspicious Events Detection and Prioritization |
|
|
|
|
| Suspicious Events Detection and Prioritization |
|
|
|
|
| Fast Access, On-disk Data Storage (up to 90 days) |
|
|
|
|
| Cross-product Data Sources e.g. Firewall, Email (Sophos XDR) |
|
|
|
|
| Cross-product Querying (Sophos XDR) |
|
|
|
|
| Sophos Data Lake Cloud Storage |
|
30 days
|
30 days
|
30 days
|
| Scheduled Queries |
|
|
|
|
| INVESTIGATE |
| Threat Cases (Root Cause Analysis) |
|
|
|
|
| Deep Learning Malware Analysis |
|
|
|
|
| Advanced On-demand Sophos X-Ops Threat Intelligence |
|
|
|
|
| Forensic Data Export |
|
|
|
|
| REMEDIATE |
| Automated Malware Removal |
|
|
|
|
| Synchronized Security Heartbeat |
|
|
|
|
| Sophos Clean |
|
|
|
|
| Live Response (remotely investigate and take action) |
|
|
|
|
| On-demand Endpoint Isolation |
|
|
|
|
| Single-click “Clean and Block” |
|
|
|
|
| HUMAN-LED THREAT HUNTING AND RESPONSE |
| 24/7 Lead-driven Threat Hunting |
|
|
|
|
| Security Health Checks |
|
|
|
|
| Data Retention |
|
|
|
|
| Activity Reporting |
|
|
|
|
| Adversarial Detections |
|
|
|
|
| Threat Neutralization & Remediation |
|
|
|
|
| Full-scale Incident Response: threats are fully eliminated
Requires full Sophos XDR agent (protection, detection and response)
|
|
|
|
|
| Root Cause Analysis: performed to prevent future recurrence |
|
|
|
|
| Dedicated Incident Response Lead |
|
|
|
|
| ZERO TRUST NETWORK ACCESS |
| Integrated ZTNA agent |
|
|
|
|
| ZTNA Access Policy and Control |
Optional |
Optional |
Optional |
Optional |
| Central Intercept X Advanced for Server with Extended Detection and Response (XDR) is built for both cybersecurity analysts and IT administrators. Includes all features in Central Intercept X Advanced for Server, as well as additional, powerful features for detection and remediation. Ask and answer business critical IT operations and threat hunting questions with Live Discover and respond remotely with Live Response. Includes 30 days of storage in the Sophos Data Lake and enables queries across the data collected from any Sophos XDR-ready product.
| Features |
Intercept X Advanced for Server
|
Intercept X Advanced for Server with XDR
|
Intercept X Advanced for Server with MDR
|
Intercept X Advanced for Server with MDR Complete
|
| ATTACK SURFACE REDUCTION |
| Web Security |
|
|
|
|
| Download Reputation |
|
|
|
|
| Web Control / Category-based URL Blocking |
|
|
|
|
| Peripheral Control |
|
|
|
|
| Application Control |
|
|
|
|
| Application Whitelisting (Server Lockdown) |
|
|
|
|
| BEFORE IT RUNS ON DEVICE |
| Deep Learning Malware Detection |
|
|
|
|
| Anti-Malware File Scanning |
|
|
|
|
| Live Protection |
|
|
|
|
| Pre-execution Behavior Analysis (HIPS) |
|
|
|
|
| Potentially Unwanted Application (PUA) Blocking |
|
|
|
|
| Intrusion Prevention System |
|
|
|
|
| STOP RUNNING THREAT |
| Data Loss Prevention |
|
|
|
|
| Runtime Behavior Analysis (HIPS) |
|
|
|
|
| Antimalware Scan Interface (AMSI) |
|
|
|
|
| Malicious Traffic Detection (MTD) |
|
|
|
|
| Exploit Prevention |
|
|
|
|
| Active Adversary Mitigations |
|
|
|
|
| Ransomware File Protection (CryptoGuard) |
|
|
|
|
| Disk and Boot Record Protection (WipeGuard) |
|
|
|
|
| Man-in-the-Browser Protection (Safe Browsing) |
|
|
|
|
| Enhanced Application Lockdown |
|
|
|
|
| DETECT |
| Linux Host and Container Behavioral and Exploit Runtime Decisions |
|
|
|
|
| Live Discover (Cross Estate SQL Querying for Threat Hunting and IT Security Operations Hygiene) |
|
|
|
|
| SQL Query Library (pre-written, fully customizable queries) |
|
|
|
|
| Suspicious Events Detection and Prioritization |
|
|
|
|
| Fast Access, On-disk Data Storage (up to 90 days) |
|
|
|
|
| Cross-product Data Sources e.g. Firewall, Email |
|
|
|
|
| Cross-product Querying |
|
|
|
|
| Sophos Data Lake (Cloud Data Storage) |
|
30 days
|
30 days
|
30 days
|
| Scheduled Queries |
|
|
|
|
| INVESTIGATE |
| Threat Cases (Root Cause Analysis) |
|
|
|
|
| Deep Learning Malware Analysis |
|
|
|
|
| Advanced On-demand SophosLabs Threat Intelligence |
|
|
|
|
| Forensic Data Export |
|
|
|
|
| REMEDIATE |
| Automated Malware Removal |
|
|
|
|
| Synchronized Security Heartbeat |
|
|
|
|
| Sophos Clean |
|
|
|
|
| Live Response (remotely investigate and take action) |
|
|
|
|
| On-demand Endpoint Isolation |
|
|
|
|
| Single-click “Clean and Block” |
|
|
|
|
| VISIBILITY |
| Cloud Workload Protection (Amazon Web Services, Microsoft Azure, Google Cloud Platform) |
|
|
|
|
| Synchronized Application Control (visibility of applications) |
|
|
|
|
| Cloud Security Posture Management (monitor AWS, Azure, GCP environments) |
|
|
|
|
| CONTROL |
| Server-specific Policy Management |
|
|
|
|
| Update Cache and Message Relay |
|
|
|
|
| Automatic Scanning Exclusions |
|
|
|
|
| File Integrity Monitoring |
|
|
|
|
| MANAGED SERVICE |
| 24/7 Lead-driven Threat Hunting |
|
|
|
|
| Security Health Checks |
|
|
|
|
| Data Retention |
|
|
|
|
| Activity Reporting |
|
|
|
|
| Adversarial Detections |
|
|
|
|
| Threat Neutralization and Remediation |
|
|
|
|
| Full-scale Incident Response: threats are fully eliminated
Requires full Sophos XDR agent (protection, detection and response)
|
|
|
|
|
| Root Cause Analysis: performed to prevent future recurrence |
|
|
|
|
| Dedicated Incident Response Lead |
|
|
|
|
| Includes: XGS 107 Appliance and Xstream Protection subscription.
Cannot be un-bundled.
Xstream Protection Bundle:
Base License:
Networking, wireless, Xstream Architecture, unlimited remote access VPN, site-to-site VPN, reporting
Network Protection:
Xstream TLS and DPI engine, IPS, ATP, Security Heartbeat, manage SD-RED, reporting
Web Protection:
Xstream TLS and DPI engine, Web Security and Control, Application Control, reporting
Zero-Day:
Protection Machine Learning and Sandboxing File Analysis, reporting
Central Orchestration:
SD-WAN VPN Orchestration, Central Firewall Advanced Reporting (30-days), MDR/XDR Connector
Enhanced Support:
24/7 support, feature updates, advanced replacement hardware warranty for term
Includes: XGS 107 Appliance and Standard Protection subscription.
Cannot be un-bundled.
Standard Protection Bundle:
Base License:
Networking, wireless, Xstream Architecture, Xstream SD-WAN, unlimited remote access VPN, site-to-site VPN
Network Protection:
Xstream TLS and DPI engine, IPS, ATP, Security Heartbeat, manage SD-RED, reporting
Web Protection:
Xstream TLS and DPI engine, Web Security and Control, Application Control, reporting
Enhanced Support:
24/7 support, feature updates, advanced replacement hardware warranty for term | Central Intercept X Essentials for Server is an entry level offering with a single policy that features the world’s best protection against ransomware, malware, and exploits. Organizations that require multiple or bespoke policies should consider Central Intercept X Advanced for Server instead. Deployment is available for Windows and Linux devices (note – Linux uses a separate agent, see the license guide for details on Linux capabilities). For virtual environments, a light agent for Windows Servers running on VMware ESXi and Microsoft Hyper-V provides off-board scanning and protection. | Includes: Mobile Device Management (MDM), Mobile Application Management (MAM), Mobile Content Management (MCM), Mobile Email Management (MEM), Mobile Threat Defense (MTD). Intercept X for Mobile, Secure Workspace and Secure Email container apps, and Sophos Mobile SDK. For BYOD or business-owned Android, iOS, iPadOS, Windows 10, macOS and Chromebook devices. Some features are Not available on all platforms. [Managed on premises] | |
| Additional information |
| Product Type |
Security |
| Form Factor |
Subscription |
| Model Number |
CIXAXDR |
| Brand |
Sophos |
| Subscription |
1 Year, 2 Years, 3 Years |
| Number of Users |
1 User, 5 Users, 10 Users, 15 Users, 20 Users, 30 Users, 40 Users, 50 Users, 60 Users, 70 Users, 80 Users, 90 Users, 100 Users |
|
| Product Type |
Security |
| Form Factor |
Subscription |
| Model Number |
SVRCIXAXDR |
| Brand |
Sophos |
| Subscription |
1 Year, 2 Years, 3 Years |
| Number of Users |
1 User, 5 Users, 10 Users, 15 Users, 20 Users, 30 Users, 40 Users, 50 Users, 60 Users, 70 Users, 80 Users, 90 Users, 100 Users |
|
| Subscription |
1 Year, 3 Years, 5 Years |
| Bundle Type |
Base Appliance, Standard Bundle, Xstream Bundle |
|
| Product Type |
Security |
| Form Factor |
Subscription |
| Subscription |
1 Year, 2 Years, 3 Years |
| Number of Users |
1 User, 5 Users, 10 Users, 15 Users, 20 Users, 30 Users, 40 Users, 50 Users, 60 Users, 70 Users, 80 Users, 90 Users, 100 Users |
| Model Number |
SVRCIXE |
| Brand |
Sophos |
|
| Product Type |
Security |
| Form Factor |
Subscription |
| Model Number |
CMA |
| Brand |
Sophos |
| Subscription |
1 Year, 2 Years, 3 Years |
| Number of Users |
1 User, 5 Users, 10 Users, 15 Users, 20 Users, 30 Users, 40 Users, 50 Users, 60 Users, 70 Users, 80 Users, 90 Users, 100 Users |
|
|
Reviews
There are no reviews yet.