We performed a comparison between Cisco Secure Endpoint and Intercept X Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Endpoint stands out for its threat-hunting capabilities, sandboxing, and swift response to attacks. Users also praised the solution's seamless integration with Talos for continuous protection. Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Cisco Secure Endpoint could benefit from providing more scenario-based information and a simpler, more customizable main dashboard. Integration with artificial intelligence and IoT is another area for improvement. Intercept X Endpoint could integrate more seamlessly with third-party vendors and improve support for virtual infrastructures.
Service and Support: Users said Cisco support is efficient and responsive, and customers also found it easy to find answers in the documentation without help. Some users recommend enhancing training programs and streamlining management consoles to further enhance the level of support provided. Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness.
Ease of Deployment: Users generally found Cisco Secure Endpoint easy to set up, but some users reported challenges related to agent behavior and configuration. The initial installation involves downloading an agent and installing it on endpoints, and total deployment time ranged from a week to several months. Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation.
Pricing: Cisco Secure Endpoint's pricing is seen as fair and reasonable. Some users requested additional discounts, particularly for educational purposes. Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale.
ROI: Cisco Secure Endpoint offers cost savings and the potential to earn money by extending services. Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment.
Comparison Results: Our users favor Cisco Secure Endpoint over Intercept X Endpoint. Cisco Secure Endpoint offers more comprehensive protection, better customer service, and support, making it the preferred choice. Cisco Secure Endpoint has some advanced features for finding and resolving threats that Intercept X lacks. Users also appreciate Cisco Secure Endpoint's pricing, whereas some users say Intercept X Endpoint has room to improve on price.
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The product's initial setup phase is very easy."
"The stability is very good."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet is very user-friendly for customers."
"The most valuable feature of the solution is its technical support."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Its most valuable features are its scalability and advanced threat protection for customers."
"The dashboard is user-friendly."
"This solution offers very good performance and it has great features."
"Very stable solution."
"The forensics within the solution are quite good. The ransomware mitigation is also impressive."
"The most valuable feature of Sophos Intercept X is cloud management."
"The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
"Intercept X helps with internal alerts, application access, and triggering support teams."
"There are products that are technically stronger. However, this product has everything in one solution, which makes it a strong endpoint option."
"The support needs improvement."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution should address emerging threats like SQL injection."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The dashboard isn't easy to access and manage."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"It does not include encryption and decryption of local file shares."
"The reporting and analytics areas of the solution need to be improved."
"In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit."
"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."
"The initial setup was not very user-friendly."
"The technical support is the lone sore-point when dealing with this product."
"The product’s DDoS and AI features must be improved."
"The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 44 reviews while Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews. Cisco Secure Endpoint is rated 8.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Cisco Umbrella, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Trend Micro Apex One. See our Cisco Secure Endpoint vs. Intercept X Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.