This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Pulling the plug on Sophos Intercept X

We love Sophos here and when Intercept X came out, we promoted it heavily to our clients and made the Sophos concepts of a) adding a layer of cryptovirus protection with deep learning on top of standard antivirus and b) synchronization between endpoints and the firewall both core feature of our service and part of our stack.

Unfortunately, Intercept X is actually terrible. We spent a year trying to make it work without completely slowing the endpoint machine down to the point of destroying the hopes and dreams and crushing the soul of anyone using it.

This is leaving a couple big wholes both in our story and what we deliver clients.

I'm guessing we're screwed as far as synchronization goes because we will keep using Sophos XG firewalls but keen for any recommendations for an alternative to Intercept X that doesn't choke the life out of computers.



This thread was automatically locked due to age.
  • Hi ,

    To further check and isolate the issue that you are facing with your client machine, can you validate to us some details? What was the machine activity while observing issue? Was there a certain application you observed which triggers the choking of system while running? Was the system resource being being max out on the system? Kindly share to us a sample snapshot for the resource utilization on one of the affected machine?

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • There must be a cause?  What have you tried?

  • This is interesting; we have this on many of our managed clients and aside from the odd exception here and there haven't had much trouble.  Can you describe more regarding this speed issue you are seeing?  What platform(s) is/are this on?  Are these low-spec machines?  Just curious.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • Gabri, there must be something else going on here. How old are your machines? We have had no notable performance impacts at all other than some machines that were rather old. 5+ years and EOL. Other than that, IX has been fantastic.

  • Hello Kyle, I'm very interested in implementing this solution but all the issues I'd heard about RAM has me hesitant. Is the solution still working for you?

  • I’ve not had any issue as long as the drive is solid state.  Once a spinning disk ages some of the EDR work can be quite taxing. RAM shouldn’t be an issue. What is worth mentioning is that the SAV component responsible for 5 services and 200MB of RAM, will be removed from the endpoint semi-soon which will be great.