Intercept-X Only deployment

Agree, I think with the GDPR in the EU, there is a market for Intercept-X only on application servers, with heartbeat. AV does not seem necessary, and the cost could be lower.

Can any Sophos reps respond if this will be a future option?

I know we feel and im sure so many others that this is really a wasted opportunity for Sophos forcing people to install the server agent with no ability to install just intercept x.

Your competitors have many true lightweight agents out there, which is what people want these days. Intercept X would provide this but instead we are stuck with a heavy server protection agent.

If you gave us the ability to intercept x standalone on windows and linux servers and then the endpoint agent on for non servers we'd probably double our order - instead we'll probably move to one of your competitors light weight agents that is supprted on all platforms and versions. Shame!

Hello,

When you refer to competitor light weight agents, do you mean thin agents like our Sophos for Virtual Environments product?

You mention that you use AWS and that the other components don't offer much, please can you advise which features you would value?

Machine Learning PE detection?

Sophos AV for non PE detections?

Intercept X (Anti Ransomware, Anti Exploit, Anti Hacker, Root Cause Analysis) ?

Control features (Application Control, Peripheral Control, Web Control, Data Loss Prevention)?

Sophos Lockdown (Application Whitelisting)?

We don't have any current plans to create an Intercept X only offering, but I would be interested to understand your use case so that we can assess the potential options.

Regards,

Stephen

When I say 'lightweight' - I mean a product that focuses solely on threat protection (anti-exploit, anti-malware, anti-ransomware) and not on all the additional features and has a very small footprint, little to no reboots, minimal install time - See Palo Alto Traps, Cylance or Webroot offering to get an idea.

• Machine Learning PE detection - Yes! For sure. 
• Sophos AV for non PE detection - Maybe? AV file scanning seems to have a fairly heavy load still?  HIPS functionality would be good.  
• Intercept X (Anti Ransomware, Anti Exploit, Anti Hacker, Root Cause Analysis)  - Yes for sure. I-X has behavior monitoring for malware too right?).  
• Control features (Application Control, Peripheral Control, Web Control, Data Loss Prevention)? -  We dont use any of these in AWS. 
• Sophos Lockdown (Application Whitelisting)? - We use it on certain severs we manage (file share backup for example) - but we cant use it on 99% of servers in AWS. 

Would need to have some option for scheduled scanning (perhaps file scanning by the ML file scanner) to be PCI compliant too. 

The way we use our AWS  sees us spinning up and terminating machines constantly. The Server Protection agent and install method is quite time consuming at around 3-4min via caching server or 10 minutes via internet. We need something we can install with a minimal time (sub 1 min), has minimal maintenance overhead but still provide great threat protection (like Intercept X) but without all the other services.  

Hope this makes sense?

HI LRB,

Thank you for your detailed feedback, it is very helpful. One question; 'Sophos Lockdown - but we cant use it on 99% of servers in AWS', why is this? The use of auto scaling and the short life of the server?

Regards,

Stephen

Yeah, basically. Lockdown requires rebooting, extra steps etc. That and if it caused issues, the time it would take to unlock and get back going doesnt make it practical.

Thinking about it, there may be some servers I could use it on that are more stable, just a big concerned it could cause issues with things I'm not aware about.  

Everything in AWS is about scalability at speed. And I need a product to match.