Sold by: Sophos
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Protection against ransomware, advanced threats, and more across endpoints, cloud workloads, servers, mobile devices, networks, and email. Extend on premise security and build secure and scalable cloud transformations with a complete cybersecurity platform for all Sophos next-gen technologies.
4.3
Overview
Sophos provides powerful and effective cybersecurity, designed to be accessible and manageable for any organization - from schools, hospitals, local government, healthcare, and businesses of every shape and size. Available through the Sophos Central platform, a single pane of glass, born in the cloud, natively synchronizing the management of an entire ecosystem of adaptive security defenses. Start with Sophos Firewall, and next-gen endpoint or workload protection and grow. Sophos Endpoint: Security for endpoints, servers, and EC2. Combining malware protection, XDR, MDR, and more. Firewall: Protect networks from advanced threats and maintain web-app availability. https://soph.so/xg-firewall-payg Cloud Optix: Visualize cloud resources, monitor compliance, and analyze configurations to optimize security. https://soph.so/cloud-optix Mobile: Secure UEM solution to protect and manage mobile devices. Email: Stop spam, phishing, and data loss. Phish Threat: Security awareness training with phishing simulations. Encryption: Full disk encryption for Windows and macOS. -- Managed Services -- Managed Detection & Response: 24/7 threat hunting, detection, and response. https://soph.so/MTR Rapid Response: Incident response service during an attack. https://soph.so/rapid-response Looking for custom pricing options? Contact us publiccloudsales@sophos.com
Highlights
- Easy to deploy, manage, and highly effective at stopping cyberattacks. Sophos products and services provide cloud security best practices and compliance, threat detection and response, network security, host and endpoint security in a single console.
- Block ransomware: Endpoint and Server anti-ransomware technology detects malicious encryption processes and shuts them down before they spread. Any files encrypted are rolled back to a safe state automatically.
- Sophos synchronized security allows organizations to link endpoints, cloud workloads, and firewall to relay health status, immediately isolate compromised devices or workloads, and respond to threats on your network automatically.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
SOC2
AWS Security Specialization
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Sophos EDR | Malware/Ransomware/Exploits/Viruses | $69.96 |
Sophos XDR | Sophos EDR features plus Extended Detection and Response tools | $136.60 |
Sophos MDR | Central MDR Complete including XDR | $239.64 |
Sophos EDR - Server | EDR features/Server Lockdown/Cloud Optix standard: for Server OS | $153.56 |
Sophos XDR - Server | EDR Server features plus Extended Detection and Response tools | $222.66 |
Sophos MDR - Server | Central MDR Complete Server includes EDR and XDR | $390.72 |
Mobile Advanced | Secure Unified Endpoint Management for Windows 10, macOS, iOS, Android | $93.48 |
Cloud Optix Advanced | Cloud Native App Protection for AWS, Azure, GCP, K8s | $140.04 |
Sophos Email Advanced | Sophos Email Security | $66.96 |
Sophos Phish Threat | Sophos Phish Threat, Phishing Simulation and Training: Per user | $37.80 |
Vendor refund policy
Please refer to the Sophos EULA for details on our refund policies.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Sophos support portal for licensed customers with an existing SophosID: https://support.sophos.com Toll Free: 1-888-SOPHOS-9 (1-888-767-4679)International: 1-781-494-5800 To contact Support, please log into your Sophos Central Dashboard, click on HELP in the upper right corner, then click on CREATE SUPPORT TICKET. Or, visit https://www.sophos.com/en-us/support.aspx to go to the Sophos Community to find information and resolutions on common questions and issues.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Media & Entertainment, Healthcare & Life Sciences
Top
10
In Network Infrastructure
Top
50
In Migration
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Unified Management Console
Single pane of glass management platform for coordinating security across endpoints, servers, cloud workloads, firewalls, mobile devices, email, and network infrastructure.
Ransomware Protection
Anti-ransomware technology that detects malicious encryption processes, terminates them before propagation, and automatically rolls back encrypted files to a safe state.
Synchronized Threat Response
Cross-platform security synchronization that links endpoints, cloud workloads, and firewalls to relay health status, automatically isolate compromised devices or workloads, and execute coordinated threat response.
Extended Detection and Response
XDR and MDR capabilities combined with malware protection for comprehensive threat detection, hunting, and response across the security ecosystem.
Multi-Layer Security Coverage
Integrated protection spanning endpoint security, server protection, EC2 workloads, network firewall, mobile device management, email security, and full disk encryption for Windows and macOS.
Application Layer Visibility and Control
Complete application layer-7 visibility and control of traffic with next-generation firewall capabilities in AWS environments
AI/ML-Powered Threat Detection
AI/ML-powered inspection engine with researcher-grade signatures for detection of zero-day threats, exploits, malware, spyware, and command and control attacks
Dynamic Policy Management
Policy definitions that dynamically apply to cloud assets based on AWS tags, Application IDs, User IDs, geographies, or zones without manual intervention
Cloud Infrastructure Integration
Seamless integration with Gateway Load Balancer, AWS Auto Scaling, and Transit VPC with AWS Transit Gateway for protection across dynamic and large-scale deployments
Advanced Threat Prevention Service
Cloud-delivered Advanced Threat Prevention security service with market-leading threat coverage against known and zero-day threats while maintaining performance
Next Generation Firewall Architecture
High-performance firewall solution with core firewall, VPN, NAT, and advanced L4-L7 security services including application security, IPS, and anti-virus capabilities.
Anti-Virus and Malware Protection
Cloud-based anti-virus protection that detects and blocks spyware, adware, viruses, keyloggers, and other malware over POP3, HTTP, SMTP, and FTP protocols.
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) system integrated with application visibility and control through AppSecure for threat detection and workload protection.
VPN and Secure Connectivity
IPsec and full mesh VPN termination services enabling secure connectivity from on-premises data centers, campuses, and branches to AWS cloud across geographically dispersed VPCs.
AWS Cloud Service Integration
Native integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, Elastic Network Adapter support, and Gateway Load Balancer with L3 gateway and L4 load balancer capabilities.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
Anup A.
Powerful security management with fantastic RCA, but watch out for system resource usage
Reviewed on Jun 13, 2026
Review provided by G2
What do you like best about the product?
Th biggest selling point for our team is heaving the firewall (XGS series)and our endpoint protection living in the exact same dashboard. The "Synchronized Security" Feature specifically the security heartbeat is incredibly useful If an endpoint gets infected or starts showing suspicious behavior, it automatically drops its heartbeat, and the Sophos firewall Isolates it from the rest of the VLAN instantly without me having to LOG in manually after hours to kill the switch port.
From an Admin perspective managing global policies is straightforward. If i need to create a peripheral control policy to block rogue USB drives or add a global threat exclusion for a quirky legacy line-of-business app I can push it out to the entire tenant in a few clicks. tamper protection is also robust: they know IT can't easily kill the service or tamper with the registry to disable it.
From an Admin perspective managing global policies is straightforward. If i need to create a peripheral control policy to block rogue USB drives or add a global threat exclusion for a quirky legacy line-of-business app I can push it out to the entire tenant in a few clicks. tamper protection is also robust: they know IT can't easily kill the service or tamper with the registry to disable it.
What do you dislike about the product?
My main complaint is the resource footprint of the endpoint agent on our older endpoint if you have users running older laptops or developer machines doing heavy compiles, they will absolutely notice a slowdown during a full scheduled scan when or when Sophos is processing deep learning malware analysis on localized files. CPU spikes are a common helpdesk ticket item for us on those specific machines.
What problems is the product solving and how is that benefiting you?
We use it to centralize security operation across our corporate office and our fully remote workspace before migration to Sophos central we were managing a disjointed stack one vendor for antivirus another for the firewall and a separate tool for full disk encryption keys.
Sophos central allowed us to consolidate Everything now when a remote user loses their BitLocker PIN, they don't lock themselves out forever the helpdesk can grab the recovery key straight from the Central console in seconds it has significantly streamlined our incident response times and stopped us from wasting hours trying to correlate separate logs across three different security platforms during a suspected event.
Sophos central allowed us to consolidate Everything now when a remote user loses their BitLocker PIN, they don't lock themselves out forever the helpdesk can grab the recovery key straight from the Central console in seconds it has significantly streamlined our incident response times and stopped us from wasting hours trying to correlate separate logs across three different security platforms during a suspected event.
José Andres D.
Sophos Central: centralized security, robust integrations, and intuitive UI
Reviewed on Jun 12, 2026
Review provided by G2
What do you like best about the product?
In my experience, using Sophos has been a very good decision. It has allowed me to have everything centralized in Sophos Central, which makes it much easier for me to control and manage security.
Additionally, I greatly value its product integrations, because everything works together and improves incident response. The performance is quite stable and does not significantly affect the devices. As for the price, I consider it competitive for everything it offers. I have also had good experiences with technical support, which usually responds efficiently. And something that adds a lot is the use of artificial intelligence to detect threats more quickly and accurately.
in addition to its interactive and efficient UI.
Additionally, I greatly value its product integrations, because everything works together and improves incident response. The performance is quite stable and does not significantly affect the devices. As for the price, I consider it competitive for everything it offers. I have also had good experiences with technical support, which usually responds efficiently. And something that adds a lot is the use of artificial intelligence to detect threats more quickly and accurately.
in addition to its interactive and efficient UI.
What do you dislike about the product?
they could improve the sections on reporting and the generation of more up-to-date reports.
What problems is the product solving and how is that benefiting you?
Synchronized security, a feature of Sophos, allows devices and the firewall to work together to automatically detect and contain threats.
Additionally, many highlight:
Good performance (it usually doesn't slow down devices).
Automatic threat response.
Integrations between products.
And technical support, which is usually reliable.
It solves many security situations because it combines solid protection with simplicity, something not always found in cybersecurity tools.
Additionally, many highlight:
Good performance (it usually doesn't slow down devices).
Automatic threat response.
Integrations between products.
And technical support, which is usually reliable.
It solves many security situations because it combines solid protection with simplicity, something not always found in cybersecurity tools.
Ansh B.
Solid, Centralised Secuirty That Makes IT Management Noticeably Easier
Reviewed on Jun 10, 2026
Review provided by G2
What do you like best about the product?
What I like best about Sophos Central is the single cloud-based console that lets me manage all the endpoints from one place without any on-premise setup. The most helpful feature has been the automated threat response, it isolates infected devices instantly without any manual intervention, strong threat detection with low false positives, and synchronised security between endpoints and the firewall, making it a well rounded and efficient solution for day-to-day IT management.
What do you dislike about the product?
The reporting features feel a bit limited out of the box getting detailed or customised reports often requires extra steps or third party integrations. First line support can also be inconsistent at times, where resloving issues sometimes takes longer than expected. Licensing costs can add up as the number of devices grows, which may be a concern for budget conscious environment
What problems is the product solving and how is that benefiting you?
Sophos Central is primarily solving the challenge of managing endpoints secuirty across multiple devices from a sengle, centralised platform without the need for complex on-premise infrastructure. Before using it, Keeping track of threats, policy updates, and device health across the environment under one roof threat detection, response, policy management and reporting which has significantly reduced the administrative overheads on our IT team. The automated threat isolation feature directly addresses the problem of slow incident response, which in a secuirty context can make a huge diffrences in containing damage . From a business perpective, it gives us confidence that our endpoints are continuously monitored and protected without requiring constant manual attention, freeing up time to focus on other IT prioirties. The synchronised security between endpoints and the firewall also helps us maintain a stronger, more coordinated defense posture, which is something that would otherwise require multiple separate tools to achive. Overall it has streamlined our security operations, reduced response times, and given us better visibility into potential risks across the organisation.
kaushal p.
"Robust, Unified Cloud Security Management that Drastically Cuts Down Admin Overhead"
Reviewed on Jun 06, 2026
Review provided by G2
What do you like best about the product?
The interface is straightforward and well-organized, which makes it easy to train new administrators. The UI/UX is clean, and I can quickly find policies, alerts, and reports without digging through menus. I also like how integrations with other Sophos tools (like Intercept X and the firewall) are seamless-everything ties together in one console. Performance has been reliable updates roll out smoothly, and the threat detection engine is fast at flagging suspicious activity.
For example, When I onboarded a new junior admin, they were able to navigate the dashboard and apply endpoint policies within their first week without much training. The console layouts makes it easy to jump between alerts, reports, and device groups.
I also like the rule across device in minutes, and the reporting gives me a clear picture of threats without juggling multiple tools. Performance has been solid updates roll out quietly in the background, and i've noticed malware detection happens quickly often before users even realize something was flagged.
For example, When I onboarded a new junior admin, they were able to navigate the dashboard and apply endpoint policies within their first week without much training. The console layouts makes it easy to jump between alerts, reports, and device groups.
I also like the rule across device in minutes, and the reporting gives me a clear picture of threats without juggling multiple tools. Performance has been solid updates roll out quietly in the background, and i've noticed malware detection happens quickly often before users even realize something was flagged.
What do you dislike about the product?
While the core features works well, some third party integrations feel limited or require extra configuration. The reporting console can lag when pulling large datasets, which slows down troubleshooting. Pricing is on the higher side compared to other vendors, and while the ROI is there, it can be a challenge to justify during budget reviews. Support is generally responsive, but the onboarding process could use more step-by-step documentation for complex environments.
What problems is the product solving and how is that benefiting you?
It consolidates endpoint, server, and firewall management into single platform, which saves significant time. Instead of juggling multiple tools, I can enforce policies across devices from one dashboard. This has improved compliance, reduced manual errors, and given us better visibility into threats. The centralized performance monitoring means issues are caught earlier, and the automated responses help contain risks quickly. Overall, it has straightened our security posture and reduced the workload for the IT team.
Centralized management: I can enforce policies across hundreds of endpoints and servers from a single dashboard. For example, when we rolled out stricter web filtering rules, I applied the across all devices in minutes instead of manually configuring each group.
Threat response: During a phishing incident last quarter, Sophos Central immediately flagged the compromised endpoint, isolated it, and prevented lateral movement. That saved us hours of manual investigation and reduced downtime for the user.
Overall, Sophos Central has given us better visibility, faster response times, and more confidence in our security posture and it helped me a lot.
Centralized management: I can enforce policies across hundreds of endpoints and servers from a single dashboard. For example, when we rolled out stricter web filtering rules, I applied the across all devices in minutes instead of manually configuring each group.
Threat response: During a phishing incident last quarter, Sophos Central immediately flagged the compromised endpoint, isolated it, and prevented lateral movement. That saved us hours of manual investigation and reduced downtime for the user.
Overall, Sophos Central has given us better visibility, faster response times, and more confidence in our security posture and it helped me a lot.
surajku32
Centralized firewall oversight has streamlined multi-branch security management and saved time
Reviewed on May 06, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Sophos Central is to manage multiple firewall devices. We have multiple branches and each branch has a Sophos firewall, which I can manage centrally through Sophos Central . It helps us to create a rule and send it to all the firewalls at once.
Currently, I am using Sophos Central for monitoring purposes. I can monitor all firewalls in a single dashboard, which is the greatest thing in Sophos Central.
What is most valuable?
The best feature Sophos Central offers is the ability to manage multiple firewalls from a single dashboard.
Besides the single dashboard, I find it invaluable that I can create and apply policies through Sophos Central easily to all firewalls, which would not be possible if I had to connect each firewall one by one.
I can manage more than 50 devices from a single dashboard, which is the best feature currently.
Sophos Central has improved my organization because previously we had to manually monitor all firewalls and check logs one by one. Now I see everything in a single dashboard, which is very beneficial.
Using Sophos Central saves me so much time because checking logs for all firewalls one by one is very difficult. Here I check all logs on a single dashboard, which is very useful.
What needs improvement?
Currently, based on my knowledge and experience, Sophos Central is perfect. It might need updates if technology increases in the future.
Currently I do not want to suggest anything small or minor that could make my experience even smoother. If possible, a mobile app would be perfect; if it is available, I currently do not know about it.
I did not use or know about a mobile app currently, and if it is available, then it would be a ten out of ten for me. If anything happens, I can easily access it on mobile, which would be available at all times.
For how long have I used the solution?
In my current organization, I have been working for eight months.
What do I think about the stability of the solution?
We have not experienced any downtime or issues with Sophos Central; it has been stable for us.
What do I think about the scalability of the solution?
Currently, Sophos Central is a very perfect application as per my needs, and it solves a lot of our time issues.
How are customer service and support?
I reached out to customer support for Sophos Central and I had a very good support experience. I received instant support and remote assistance, and the Sophos team is very cooperative and helped me a lot.
Which solution did I use previously and why did I switch?
I did not use a different solution before Sophos Central; we were manually checking all firewalls without any other solution. Now we are using Sophos Central after receiving updates about it and implementing it.
How was the initial setup?
We did not evaluate other solutions.
What about the implementation team?
We are a partner or reseller with the vendor, suggesting to customers that if they have requirements about network security, they should consider using Sophos Central and Sophos firewalls for their multiple branches.
What was our ROI?
We see a return on investment with Sophos Central because it saves manpower and time. Previously we needed one employee for log management, but currently we manage everything on a single platform, making it very easy for us.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing for Sophos Central are not handled by me; that is handled by another team. Currently I do not know about that.
Which other solutions did I evaluate?
We did not evaluate other options before choosing Sophos Central because all the firewalls we have are Sophos. We only evaluated Sophos Central.
What other advice do I have?
I advise those with multiple firewalls to use Sophos Central, as it is the best solution to manage all firewalls from a single dashboard, allowing you to check all logs easily.
Currently I am managing Sophos Central after receiving updates about it and implementing it. I would rate this solution an 8 out of 10.