Description
Central Intercept X Advanced with XDR is a virtual product that offers powerful extended detection and response (XDR) and endpoint protection. It is valid for 1 user/seat for 12 months and is priced for up to 9 seats. It has a 48-72 hour provisioning window and is non-returnable. It is not supported on Windows 7 and below or Server 2008 R2 and below, but extended support can be requested. It provides cross-product visibility and access to detailed threat intelligence. It also allows for quick and easy access to information for IT operations and threat hunting.
Contact us for more information, alternative Sophos product offerings or support: sophos@fsclouds.co.za
Important Notifications:
This is a virtual product
This license is valid for 1 user/seatfor 12 months
This license pricing is valid for up to 9 seats only - should additional seats be required, please contact us
A 48-72hour provisioning window applies during normal working office hours Monday to Friday 8am-5pm
Once the provisioning is complete you will receive a PDF document with instructions and activationlinks.
THIS ITEM IS NON RETURNABLE
Unless otherwise provided by law or by a particular Service offer, all purchases are final and non-refundable. Please note that according to the Consumer Protection Act and its relevant regulations, all purchases pertaining to digital content provided via intangible form and/or on-line services are final and non-refundable when such content or service has been provided online.
Restrictions:
Windows 7 and below not supported
Server 2008 R2 and below not supported
Should extended support be required for Windows 7 and below as well as Server 2008 R2 and below please contact us
Central Intercept X Advanced with XDR
Intercept X consolidates powerful extended detection and response (XDR) with unmatched endpoint protection. Hunt threats to detect active adversaries, or leverage for IT operations to maintain IT security hygiene.
Answer IT operations and threat hunting questions
Quickly get answers to business-critical questions. Both IT admins and cybersecurity professionals will see real value added when they are performing day-to-day IT operations and threat hunting tasks.
Start with the best protection
Intercept X stops breaches before they can start. Which means you get better protection and spend less time investigating incidents that should have been automatically stopped. You also have access to detailed threat intelligence giving you the necessary information to take rapid, informed actions.
Dive into the details and respond fast
When you have identified something that requires further investigation you can pivot from the Sophos Data Lake and deep dive to get rich details live, directly from the device in addition to up to 90 days of historic data. When an issue is confirmed remotely access the device and take any necessary actions such as uninstalling an application and rebooting.
Cross-product visibility
Sophos XDR goes beyond the endpoint and server, enabling Sophos Firewall, Sophos Email and other data sources* to send key data to the Sophos Data Lake, giving you an incredibly broad view of your organizations environment.
Get information even when a device is offline
The Sophos Data Lake, a key component of both XDR and EDR functionality is a cloud data repository. It enables the ability to store and access critical information from your endpoints, servers, firewall and email, as well as utilizing device information even when that device is offline.
Get started in seconds
Choose from a library of pre-written SQL queries to ask a wide variety of IT and security questions. If you prefer you can customize them or write your own. You can also refer to the Sophos community where queries are shared on a regular basis.
Use cases
IT Operations
Why is a machine running slowly?
Which devices have known vulnerabilities, unknown services or unauthorized browser extensions?
Are there programs running that should be removed?
Identify unmanaged, guest and IoT devices
Why is the office network connection slow? Which application is causing it?
Look back 30 days for unusual activity on a missing or destroyed device
Threat hunting
What processes are trying to make a network connection on non-standard ports?
Show processes that have recently modified files or registry keys
List detected IoCs mapped to the MITRE ATT&CK framework
Extend investigations to 30 days without bringing a device back online
Use ATP and IPS detections from the firewall to investigate suspect hosts
Compare email header information, SHAs and other IoCs to identify traffic to a malicious domain
What's included?