Sold by: Sophos
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Protection against ransomware, advanced threats, and more across endpoints, cloud workloads, servers, mobile devices, networks, and email. Extend on premise security and build secure and scalable cloud transformations with a complete cybersecurity platform for all Sophos next-gen technologies.
4.3
Overview
Sophos provides powerful and effective cybersecurity, designed to be accessible and manageable for any organization - from schools, hospitals, local government, healthcare, and businesses of every shape and size. Available through the Sophos Central platform, a single pane of glass, born in the cloud, natively synchronizing the management of an entire ecosystem of adaptive security defenses. Start with Sophos Firewall, and next-gen endpoint or workload protection and grow. Sophos Endpoint: Security for endpoints, servers, and EC2. Combining malware protection, XDR, MDR, and more. Firewall: Protect networks from advanced threats and maintain web-app availability. https://soph.so/xg-firewall-payg Cloud Optix: Visualize cloud resources, monitor compliance, and analyze configurations to optimize security. https://soph.so/cloud-optix Mobile: Secure UEM solution to protect and manage mobile devices. Email: Stop spam, phishing, and data loss. Phish Threat: Security awareness training with phishing simulations. Encryption: Full disk encryption for Windows and macOS. -- Managed Services -- Managed Detection & Response: 24/7 threat hunting, detection, and response. https://soph.so/MTR Rapid Response: Incident response service during an attack. https://soph.so/rapid-response Looking for custom pricing options? Contact us publiccloudsales@sophos.com
Highlights
- Easy to deploy, manage, and highly effective at stopping cyberattacks. Sophos products and services provide cloud security best practices and compliance, threat detection and response, network security, host and endpoint security in a single console.
- Block ransomware: Endpoint and Server anti-ransomware technology detects malicious encryption processes and shuts them down before they spread. Any files encrypted are rolled back to a safe state automatically.
- Sophos synchronized security allows organizations to link endpoints, cloud workloads, and firewall to relay health status, immediately isolate compromised devices or workloads, and respond to threats on your network automatically.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
SOC2
AWS Security Specialization
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Sophos EDR | Malware/Ransomware/Exploits/Viruses | $69.96 |
Sophos XDR | Sophos EDR features plus Extended Detection and Response tools | $136.60 |
Sophos MDR | Central MDR Complete including XDR | $239.64 |
Sophos EDR - Server | EDR features/Server Lockdown/Cloud Optix standard: for Server OS | $153.56 |
Sophos XDR - Server | EDR Server features plus Extended Detection and Response tools | $222.66 |
Sophos MDR - Server | Central MDR Complete Server includes EDR and XDR | $390.72 |
Mobile Advanced | Secure Unified Endpoint Management for Windows 10, macOS, iOS, Android | $93.48 |
Cloud Optix Advanced | Cloud Native App Protection for AWS, Azure, GCP, K8s | $140.04 |
Sophos Email Advanced | Sophos Email Security | $66.96 |
Sophos Phish Threat | Sophos Phish Threat, Phishing Simulation and Training: Per user | $37.80 |
Vendor refund policy
Please refer to the Sophos EULA for details on our refund policies.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Sophos support portal for licensed customers with an existing SophosID: https://support.sophos.com Toll Free: 1-888-SOPHOS-9 (1-888-767-4679)International: 1-781-494-5800 To contact Support, please log into your Sophos Central Dashboard, click on HELP in the upper right corner, then click on CREATE SUPPORT TICKET. Or, visit https://www.sophos.com/en-us/support.aspx to go to the Sophos Community to find information and resolutions on common questions and issues.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Media & Entertainment, Healthcare & Life Sciences
Top
10
In Network Infrastructure
Top
50
In Migration
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Endpoint Protection
Advanced malware protection combining XDR, MDR technologies for endpoints, servers, and cloud instances
Network Security
Next-generation firewall capabilities with advanced threat protection and web application availability maintenance
Cloud Security Monitoring
Cloud resource visualization, configuration analysis, and compliance monitoring across cloud environments
Threat Detection and Response
Synchronized security platform with automated threat isolation, health status relay, and immediate response mechanisms
Mobile Device Management
Unified endpoint management solution for securing and managing mobile device ecosystems
Network Traffic Inspection
Advanced layer-7 application visibility and control with comprehensive traffic inspection capabilities
Threat Prevention Technology
AI/ML-powered security engine with researcher-grade signatures for detecting known and zero-day threats
Cloud Security Integration
Native integration with AWS infrastructure components including Gateway Load Balancer, Auto Scaling, and Transit VPC
Dynamic Policy Management
Automated policy application using AWS tags, Application IDs, User IDs, geographies, and network zones
Deployment Flexibility
Seamless deployment through EC2 instance creation workflow with cloud-native form factor
Network Security Services
Advanced firewall solution with core firewall, VPN, NAT, and L4-L7 security services
Threat Protection
Intrusion detection and prevention (IPS) with application visibility and control through AppSecure
Cloud Integration
Native integrations with AWS services including Elastic Load Balancer, CloudWatch, Security Hub, and Amazon GuardDuty
Routing Capabilities
Advanced cloud-grade routing with IPsec and full mesh VPN termination services
Protocol-Level Protection
Anti-virus capabilities detecting and blocking malware across POP3, HTTP, SMTP, and FTP protocols
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
Fayas Ummer
Centralized threat blocking has reduced manual monitoring but still needs better exclusions and logs
Reviewed on Dec 30, 2025
Review from a verified AWS customer
What is our primary use case?
My main use case for Sophos Central involves utilizing it as an endpoint, EDR, and email gateway.
In my day-to-day work, I use Sophos Central by installing the agent on our clients. We have around 40 to 50 clients that are using Sophos as their EDR. We have created the alerting system in our ServiceNow , which is integrated with Sophos Central, so we get tickets in ServiceNow whenever something is triggered. I log into Sophos to investigate the alert, reviewing the alerts on that device from Sophos, and if required, I manually log into the device to check the alert and take actions accordingly.
Regarding my main use case or how I use Sophos Central day to day, the most useful feature is that Sophos blocks threats. As a senior engineer, my main work involving Sophos is handling situations when it blocks something that is legitimate, such as a ServiceNow MID Server. Every time this happens, Sophos blocks it as a malicious file, so we dive into Sophos and create exclusions, especially path exclusions, and if necessary, we also create hash exclusions to ensure that the legitimate file can be accessed and run by the user without any issues.
What is most valuable?
The best features Sophos Central offers, in my opinion, involve its excellent ability to block threats in endpoint protection. While it is not as effective in handling exclusion cases, it excels at successfully blocking almost all files that seem suspicious, which is really good and provides strong security.
What I appreciate most about the blocking features in Sophos Central is its real-time detection and the variety of threat types it can catch. Many other endpoints miss files that don't have a bad reputation, but Sophos finds a way to catch those malicious files, and if there's even a small suspicion, it blocks them. The real-time detection is really great in Sophos Central.
Sophos Central has positively impacted our organization by being a desired EDR solution for our many clients. As an MSSP , we have a significant number of clients utilizing Sophos Central, and it provides excellent service as an EDR. Even when we use it as an email gateway, it continues to perform well, making it beneficial for our organization with a wide client base.
What needs improvement?
One way Sophos Central can be improved is in its exclusion capabilities. When we try to exclude legitimate files, we find that it requires a lot of effort, as we cannot simply exclude one file from every detection. Due to the layered approach, it takes time to exclude even one file, indicating that the exclusion process could definitely be enhanced.
I would add that the logs in Sophos Central should be more detailed. Sometimes, when we're checking the logs, they simply state that a file is blocked, but we can't find out why that is the case. More detailed logs could significantly improve the log collecting aspect.
Areas for improvement in Sophos Central are log collection, exclusion processes, and customer support. Aside from these points, I believe the overall product is great.
For how long have I used the solution?
I have been using Sophos Central for the last six years.
What do I think about the stability of the solution?
Sophos Central is stable, which is a positive attribute.
What do I think about the scalability of the solution?
I believe Sophos Central's scalability is good compared to other EDR solutions that we have.
How are customer service and support?
Customer support for Sophos Central is a bit slow. When I create a support ticket, it takes a while for them to respond. In my recent experience with a support ticket, the engineer was not very effective and took longer than I expected. When we reach out to the support team, we anticipate quick answers, especially since the client is waiting for a resolution. The vendor seems to take time contacting other teams, so I feel the support team could improve their response times.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Before using Sophos Central, we had utilized CrowdStrike; however, due to an outbreak, some clients wanted to switch away from CrowdStrike. We provided clients with options, including Sophos Central and SentinelOne, with SentinelOne being fairly costly. Ultimately, most clients preferred Sophos Central, leading us to switch a few clients from CrowdStrike to Sophos Central.
What was our ROI?
I have seen a return on investment with Sophos Central in terms of needing fewer employees because Sophos Central is handling many tasks itself. Previously, we had to monitor other endpoints and faced issues integrating with ServiceNow, requiring separate monitoring. After adopting Sophos Central, we can easily integrate with ServiceNow, which means fewer employees, and that translates to money saved.
Which other solutions did I evaluate?
Before choosing Sophos Central, we evaluated other options such as SentinelOne and Microsoft Defender.
What other advice do I have?
My advice to others looking into using Sophos Central is that it is beneficial in terms of cost efficiency and time efficiency. I recommend using Sophos Central and digging into the logs more thoroughly, and if possible, incorporating syslogs or other kinds of logs. I would rate this product a 7 out of 10.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
F-H
Centralized security management has streamlined remote protection for diverse customer networks
Reviewed on Dec 18, 2025
Review provided by PeerSpot
What is our primary use case?
I am still using Sophos Central for everything. I am a reseller of Sophos Central products.
For end-customer workstations, I use Sophos Central for antivirus through the central administration console and installation. I also import all of my firewalls into Sophos Central for remote management and those functions.
I do work with Intercept X technology.
What is most valuable?
Intercept X technology helps with my malware detection and response. If it detects malware, it blocks it and then it sends it through to Sophos Central, which then sends me an email notification that one of the workstations picked up an infection or encountered an issue.
Synchronization security capability contributes to threat identification in my company.
I assess the benefit of a single pane of glass interface positively.
What needs improvement?
On a couple of older machines, Intercept X does tend to slow a computer down significantly, but on new, modern Windows 11 machines, I have not detected this issue yet.
Intercept X tends to pick up a very common program, Hard Disk Sentinel , as malware, specifically the executable file. For the purpose of installation, I have to disable Intercept X from Sophos Central to complete the install. Once the install is done, I can re-enable it and everything works fine. It creates extra work to make something function, but that is all.
For how long have I used the solution?
I have been dealing with the product for approximately six to eight years.
What do I think about the stability of the solution?
I give a stability score of ten.
What do I think about the scalability of the solution?
I would give a scalability score of ten for the product.
How are customer service and support?
If I interact with technical support, I would give them a score of ten as they are good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have worked with other products. For instance, Symantec from Broadcom was a nightmare because having to install a separate server module for the management of workstations is not centrally accessible. If something happens, I have to either use TeamViewer to connect to the server to see what is going on or use VPN or another method. The biggest advantage for me is that I can log in from anywhere and see what is going on on the central dashboard with my customer's networks.
How was the initial setup?
I find the installation of Sophos Central easy.
What about the implementation team?
My clients have it on-cloud.
What was our ROI?
The biggest return on investment is securing my customer's networks.
Which other solutions did I evaluate?
I have not come across something that is better when I compare Sophos Central with other products.
What other advice do I have?
I have so many workstations and, as a reseller, I am not only working on one Sophos Central. I probably have about 35 to 40 different customers that are on Sophos Central. Each one is set up differently according to customer needs.
I would say Sophos Central is a good solution for all customers, from small to enterprise.
I have not integrated Sophos Central with any third-party applications, so I do not have experience with that functionality.
The machine learning features are enabled. We have picked up a false positive now and again, but then I report it to Sophos and they rectify the issue in upcoming release builds.
The biggest benefit in Sophos Central is the central functionality where I can have my Intercept X integrate the workstations, the servers, and the firewalls I import into Sophos Central. I always enable the RED functionality so that if a machine picks up an issue, it notifies the firewall immediately, and then the two combined rectify the issue if there are any threats or something picked up.
I would say Sophos Central is an affordable product.
They are using Sophos cloud instead of cloud providers like AWS , Azure , or GCP.
I buy the product directly from Sophos.
I am a Senior IT Consultant here in the company. My overall review rating for this product is ten.
Computer & Network Security
Unified Dashboard Makes Managing Sophos Products Easy
Reviewed on Nov 28, 2025
Review provided by G2
What do you like best about the product?
Single glass of pane to view and maintain all the Sophos products
What do you dislike about the product?
Support is not good
Very resource intensive
Very resource intensive
What problems is the product solving and how is that benefiting you?
Providing single glass of pane to maintain all the sophos products
Ritika G.
All-in-One Security Dashboard That Simplifies Management
Reviewed on Nov 03, 2025
Review provided by G2
What do you like best about the product?
Sophos Central is that it lets me manage everything—like computers, firewalls, and mobile devices—from one easy-to-use dashboard. I don’t have to jump between different tools; everything is in one place.The integration with other Sophos products is seamless, and their support team is always responsive whenever help is needed. It’s simple, clean, and gives real-time protection updates, so I always know my systems are safe.
What do you dislike about the product?
The initial setup can feel slightly technical for beginners.But overall, it’s still very reliable and easy to manage once everything is set up.
What problems is the product solving and how is that benefiting you?
Sophos Central helps us manage all our security needs from one place, which saves a lot of time and effort. Earlier, it was difficult to track and update multiple devices individually, but now everything is centralized and automated. It quickly detects and stops threats before they spread, keeping our systems safe. The real-time monitoring and detailed reports make it easy to spot issues early. Overall, it has improved our network visibility, reduced manual work, and strengthened our organization’s security posture.
Bear R.
Love Sophos Central
Reviewed on Oct 01, 2025
Review provided by G2
What do you like best about the product?
It's very easy to centrally manage all of our Sophos customers from one location.
What do you dislike about the product?
The only thing I wish was different would be to either be able to access multiple clients at a time, or let it be easier to switch between clients.
What problems is the product solving and how is that benefiting you?
It gives us a central location where we can manage all our customers and their devices & firewalls.