I've recently evaluated and bought Sophos Central with Intercept-X with EDR along with device encryption. Very impressed so far.
However, what I feel the package lacks is the complete ability to control the firewall. I'd have preferred, like some other AV/security vendors, that Sophos deploys its own local software firewall on the device rather than relying on Windows Firewall and Group Policies. And that firewall could have been partly controlled through the app control to ensure that apps that need network resources can be configured to do so on the local Sophos firewall rather, again, then having to configure the rules separately as a GPO.
One the reasons we went with Sophos Central was to be able to control as much as possible remotely without having endpoint server software installed locally (up until this point we were using ESET Remote Administrator).
Additionally, having the ability for Sophos to figure out what network it's on (domain, public, private) and change policies accordingly would also be a big bonus - especially for those machines that are BYOD and want to allow for better "freedom" (for lack of a better word) when an employee's own device is not connected to our network.
This thread was automatically locked due to age.
