Sophos MDR integrations are now GA, up to date documentation can be found at the following link: Integrations
Do I have to pay for the NDR connector? The NDR connector is free during the EAP
Do I need the NDR Connector if I already have the MTR Network Sensor?
The NDR Connector will replace the MTR Network sensor. Stay tuned for more information on how/when the NDR Connector will replace the MTR Network Sensor.
Can I query or search all recorded network flows?
The NDR connector does not provide a direct search/query capability of the raw flow information. The NDR connector retains about 24 hours of flow data for all traffic that is sent to the span/mirror port. This information is only accessed by the detection engines and when a detection is identified the associated flow information is sent to the data lake as part of the detection.