I was notified of an issues yesterday regarding following the release of MS April patches which are causing some issues ( ) although it was good to see Sophos being pro-active about this. Now the issues are out of the way the product has been working fine and we have not really had any issues, detection has been pretty much on the money, a few false possessive along the way but that's generally a standard problem with any vendor.
Although this was resolved quite easily there where no notifications of any description on the Endpoint of any issues with communication. when the SSL traffic from the endpoints to the cloud was being inspected this resulted in break in the SSL\cert chain thus communications where not being made to and from the cloud. It appears to me that Sophos has thought through the threat and is offering a reasonable set of tools to help enterprises. Network traffic should be encrypted so that even if a network conversation is being monitored, only limited information could be captured. One issues which is not product related was down to me using SSL\HTTPS inspection and the fact the cloud dashboard (Amazon AWS) adopt cert pinning. Sophos suggests that ongoing monitoring of application and network activity is needed. I have had a few issues with the product reporting OK on the console and not OK on the endpoint and also issues with the device control either not applying and applying when it shouldn't be applied which I believe was a bug towards the end of last year.
In terms of the product, Intercept X is one of the main reasons we migrated. Pretty much what you have said, I have had bad support experiences in the past although when I have been lucky enough to deal with the UK support the experience has been allot better. Sophos Anti-Virus by Jay Munro Good (3.0) Unlike the other companies in this roundup, Sophos focuses solely on corporations, offering no consumer products whatsoever.