Sophos Central Intercept X Advanced for Server with XDR - 3 Year Subscription

Contact us for more information, alternative Sophos product offerings or support: sophos@fsclouds.co.za

Important Notifications:
• This is a virtual product
• This license is valid for 1 user/seat for 36 months 
• This license pricing is valid for up to 9 seats only - should additional seats be required, please contact us
• A 48-72 hour provisioning window applies during normal working office hours Monday to Friday 8am-5pm
• Once the provisioning is complete you will receive a PDF document with instructions and activation links. 
THIS ITEM IS NON RETURNABLE
Unless otherwise provided by law or by a particular Service offer, all purchases are final and non-refundable. Please note that according to the Consumer Protection Act and its relevant regulations, all purchases pertaining to digital content provided via intangible form and/or on-line services are final and non-refundable when such content or service has been provided online.
Restrictions:
• Windows 7 and below not supported 
• Server 2008 R2 and below not supported 
Should extended support be required for Windows 7 and below as well as Server 2008 R2 and below please contact us

Sophos Central Intercept X Advanced for Server with XDR

Intercept X consolidates powerful extended detection and response (XDR) with unmatched endpoint protection. Hunt threats to detect active adversaries, or leverage for IT operations to maintain IT security hygiene.

Answer IT operations and threat hunting questions
Quickly get answers to business-critical questions. Both IT admins and cybersecurity professionals will see real value added when they are performing day-to-day IT operations and threat hunting tasks.

Start with the best protection
Intercept X stops breaches before they can start. Which means you get better protection and spend less time investigating incidents that should have been automatically stopped. You also have access to detailed threat intelligence giving you the necessary information to take rapid, informed actions.

Dive into the details and respond fast
When you have identified something that requires further investigation you can pivot from the Sophos Data Lake and deep dive to get rich details live, directly from the device in addition to up to 90 days of historic data. When an issue is confirmed remotely access the device and take any necessary actions such as uninstalling an application and rebooting.

Cross-product visibility
Sophos XDR goes beyond the endpoint and server, enabling Sophos Firewall, Sophos Email and other data sources* to send key data to the Sophos Data Lake, giving you an incredibly broad view of your organization’s environment.

Get information even when a device is offline
The Sophos Data Lake, a key component of both XDR and EDR functionality is a cloud data repository. It enables the ability to store and access critical information from your endpoints, servers, firewall and email, as well as utilizing device information even when that device is offline.

Get started in seconds
Choose from a library of pre-written SQL queries to ask a wide variety of IT and security questions. If you prefer you can customize them or write your own. You can also refer to the Sophos community where queries are shared on a regular basis.

Use cases
IT Operations

• Why is a machine running slowly?
• Which devices have known vulnerabilities, unknown services or unauthorized browser extensions?
• Are there programs running that should be removed?
• Identify unmanaged, guest and IoT devices
• Why is the office network connection slow? Which application is causing it?
• Look back 30 days for unusual activity on a missing or destroyed device

Threat hunting

• What processes are trying to make a network connection on non-standard ports?
• Show processes that have recently modified files or registry keys
• List detected IoCs mapped to the MITRE ATT&CK framework
• Extend investigations to 30 days without bringing a device back online
• Use ATP and IPS detections from the firewall to investigate suspect hosts
• Compare email header information, SHAs and other IoCs to identify traffic to a malicious domain

What's included?

• Cross-product data sources
• Cross-product querying
• Endpoint & server querying
• Sophos Data Lake
• Data lake retention period - 30 days
• On-disk data retention period
• SQL query library
• Intercept X protection capabilities