External reviews are not included in the AWS star rating for the product.
My main use case for Sophos Central is to manage multiple firewall devices. We have multiple branches and each branch has a Sophos firewall, which I can manage centrally through Sophos Central. It helps us to create a rule and send it to all the firewalls at once.
Currently, I am using Sophos Central for monitoring purposes. I can monitor all firewalls in a single dashboard, which is the greatest thing in Sophos Central.
The best feature Sophos Central offers is the ability to manage multiple firewalls from a single dashboard.
Besides the single dashboard, I find it invaluable that I can create and apply policies through Sophos Central easily to all firewalls, which would not be possible if I had to connect each firewall one by one.
I can manage more than 50 devices from a single dashboard, which is the best feature currently.
Sophos Central has improved my organization because previously we had to manually monitor all firewalls and check logs one by one. Now I see everything in a single dashboard, which is very beneficial.
Using Sophos Central saves me so much time because checking logs for all firewalls one by one is very difficult. Here I check all logs on a single dashboard, which is very useful.
Currently, based on my knowledge and experience, Sophos Central is perfect. It might need updates if technology increases in the future.
Currently I do not want to suggest anything small or minor that could make my experience even smoother. If possible, a mobile app would be perfect; if it is available, I currently do not know about it.
I did not use or know about a mobile app currently, and if it is available, then it would be a ten out of ten for me. If anything happens, I can easily access it on mobile, which would be available at all times.
In my current organization, I have been working for eight months.
We have not experienced any downtime or issues with Sophos Central; it has been stable for us.
Currently, Sophos Central is a very perfect application as per my needs, and it solves a lot of our time issues.
I reached out to customer support for Sophos Central and I had a very good support experience. I received instant support and remote assistance, and the Sophos team is very cooperative and helped me a lot.
I did not use a different solution before Sophos Central; we were manually checking all firewalls without any other solution. Now we are using Sophos Central after receiving updates about it and implementing it.
We did not evaluate other solutions.
We are a partner or reseller with the vendor, suggesting to customers that if they have requirements about network security, they should consider using Sophos Central and Sophos firewalls for their multiple branches.
We see a return on investment with Sophos Central because it saves manpower and time. Previously we needed one employee for log management, but currently we manage everything on a single platform, making it very easy for us.
The pricing, setup cost, and licensing for Sophos Central are not handled by me; that is handled by another team. Currently I do not know about that.
We did not evaluate other options before choosing Sophos Central because all the firewalls we have are Sophos. We only evaluated Sophos Central.
I advise those with multiple firewalls to use Sophos Central, as it is the best solution to manage all firewalls from a single dashboard, allowing you to check all logs easily.
Currently I am managing Sophos Central after receiving updates about it and implementing it. I would rate this solution an 8 out of 10.
As I am from a service-based company, my main use case for Sophos Central is that I am taking care of all of our security needs.
I use Sophos Central to block any website or application. For example, if I want to block WhatsApp, I simply call that specific application through Sophos Central.
I can manage Sophos firewall from Sophos Central, along with managing ZTNA, encryption, mobile MDM, and Sophos MDM.
The best feature of Sophos Central is that I can use all of the solutions from Sophos in a single pane of glass, which means I can manage all the services of Sophos from one console.
Having everything in one console makes my work easier because if I want to make a change on the firewall, I can simply go to the firewall management and make the changes. If I want to change anything related to Sophos wireless, I can directly change it from Sophos firewall without needing to access multiple consoles.
Sophos Central has positively impacted my organization because it allows us to utilize Sophos products in a single pane of glass, and with its synchronized security, it helps to protect our environment more effectively by isolating infected devices from the internet.
I think Sophos Central could be improved by offering an on-premises option because some users prefer to keep their data locally rather than in the cloud.
I think if there were a new licensing model for Linux endpoints, it would be very helpful for us.
I have been working in my current field for the last two years.
Sophos Central is stable.
Sophos Central's scalability is excellent because I can add any licenses at any time without needing to create a new console. For example, if I have 100 endpoints and need 20 more licenses, I can simply purchase them and continue to use them within the same console.
The customer support for Sophos Central is very good. If I call support at any time, they will assign a new engineer according to SLA immediately or within one to three hours.
I previously used Trend Micro before switching to Sophos Central because Trend Micro did not integrate with the console like Sophos Central does.
The experience with pricing, setup cost, and licensing for Sophos Central has been very good. Additionally, there is no license required for Linux EDR machines, and if Sophos were to add Linux EDR licensing, it would be very helpful for my organization and others.
The data is already stored in Sophos cloud, specifically in Sophos database.
I have not seen a return on investment yet.
I evaluated CrowdStrike as well, but I found that CrowdStrike does not provide the same level of protection with site management and application control as Sophos Central does.
I would advise others to use Sophos Central because of its performance and customer support. It works in real-time, making it beneficial for many organizations. I can add that we can manage Sophos firewall from Sophos Central, along with managing ZTNA, encryption, mobile MDM, and Sophos MDM. My review rating for Sophos Central is 10.
My main use case for Sophos Central involves utilizing it as an endpoint, EDR, and email gateway.
In my day-to-day work, I use Sophos Central by installing the agent on our clients. We have around 40 to 50 clients that are using Sophos as their EDR. We have created the alerting system in our ServiceNow, which is integrated with Sophos Central, so we get tickets in ServiceNow whenever something is triggered. I log into Sophos to investigate the alert, reviewing the alerts on that device from Sophos, and if required, I manually log into the device to check the alert and take actions accordingly.
Regarding my main use case or how I use Sophos Central day to day, the most useful feature is that Sophos blocks threats. As a senior engineer, my main work involving Sophos is handling situations when it blocks something that is legitimate, such as a ServiceNow MID Server. Every time this happens, Sophos blocks it as a malicious file, so we dive into Sophos and create exclusions, especially path exclusions, and if necessary, we also create hash exclusions to ensure that the legitimate file can be accessed and run by the user without any issues.
The best features Sophos Central offers, in my opinion, involve its excellent ability to block threats in endpoint protection. While it is not as effective in handling exclusion cases, it excels at successfully blocking almost all files that seem suspicious, which is really good and provides strong security.
What I appreciate most about the blocking features in Sophos Central is its real-time detection and the variety of threat types it can catch. Many other endpoints miss files that don't have a bad reputation, but Sophos finds a way to catch those malicious files, and if there's even a small suspicion, it blocks them. The real-time detection is really great in Sophos Central.
Sophos Central has positively impacted our organization by being a desired EDR solution for our many clients. As an MSSP, we have a significant number of clients utilizing Sophos Central, and it provides excellent service as an EDR. Even when we use it as an email gateway, it continues to perform well, making it beneficial for our organization with a wide client base.
One way Sophos Central can be improved is in its exclusion capabilities. When we try to exclude legitimate files, we find that it requires a lot of effort, as we cannot simply exclude one file from every detection. Due to the layered approach, it takes time to exclude even one file, indicating that the exclusion process could definitely be enhanced.
I would add that the logs in Sophos Central should be more detailed. Sometimes, when we're checking the logs, they simply state that a file is blocked, but we can't find out why that is the case. More detailed logs could significantly improve the log collecting aspect.
Areas for improvement in Sophos Central are log collection, exclusion processes, and customer support. Aside from these points, I believe the overall product is great.
I have been using Sophos Central for the last six years.
Sophos Central is stable, which is a positive attribute.
I believe Sophos Central's scalability is good compared to other EDR solutions that we have.
Customer support for Sophos Central is a bit slow. When I create a support ticket, it takes a while for them to respond. In my recent experience with a support ticket, the engineer was not very effective and took longer than I expected. When we reach out to the support team, we anticipate quick answers, especially since the client is waiting for a resolution. The vendor seems to take time contacting other teams, so I feel the support team could improve their response times.
Before using Sophos Central, we had utilized CrowdStrike; however, due to an outbreak, some clients wanted to switch away from CrowdStrike. We provided clients with options, including Sophos Central and SentinelOne, with SentinelOne being fairly costly. Ultimately, most clients preferred Sophos Central, leading us to switch a few clients from CrowdStrike to Sophos Central.
I have seen a return on investment with Sophos Central in terms of needing fewer employees because Sophos Central is handling many tasks itself. Previously, we had to monitor other endpoints and faced issues integrating with ServiceNow, requiring separate monitoring. After adopting Sophos Central, we can easily integrate with ServiceNow, which means fewer employees, and that translates to money saved.
Before choosing Sophos Central, we evaluated other options such as SentinelOne and Microsoft Defender.
My advice to others looking into using Sophos Central is that it is beneficial in terms of cost efficiency and time efficiency. I recommend using Sophos Central and digging into the logs more thoroughly, and if possible, incorporating syslogs or other kinds of logs. I would rate this product a 7 out of 10.
