Workload Protection
Tech Specs
Secure your Windows and Linux servers whether in the cloud, on-premises, virtual, or mixed environments.
For further information, please see the Intercept X for Server datasheet, EDR/XDR datasheet, and Linux datasheet.
Get details on system requirements and supported operating systems for Windows and Linux.
Solution Comparison
Features |
Intercept X Advanced for Server |
Intercept X Advanced for Server with XDR |
Intercept X Advanced for Server with MDR |
Intercept X Advanced for Server with MDR Complete |
---|---|---|---|---|
ATTACK SURFACE REDUCTION | ||||
Web Security | ||||
Download Reputation | ||||
Web Control / Category-based URL Blocking | ||||
Peripheral Control | ||||
Application Control | ||||
Application Whitelisting (Server Lockdown) | ||||
BEFORE IT RUNS ON DEVICE | ||||
Deep Learning Malware Detection | ||||
Anti-Malware File Scanning | ||||
Live Protection | ||||
Pre-execution Behavior Analysis (HIPS) | ||||
Potentially Unwanted Application (PUA) Blocking | ||||
Intrusion Prevention System | ||||
STOP RUNNING THREAT | ||||
Data Loss Prevention | ||||
Runtime Behavior Analysis (HIPS) | ||||
Antimalware Scan Interface (AMSI) | ||||
Malicious Traffic Detection (MTD) | ||||
Exploit Prevention | ||||
Active Adversary Mitigations | ||||
Ransomware File Protection (CryptoGuard) | ||||
Disk and Boot Record Protection (WipeGuard) | ||||
Man-in-the-Browser Protection (Safe Browsing) | ||||
Enhanced Application Lockdown | ||||
DETECT | ||||
Linux Host and Container Behavioral and Exploit Runtime Decisions | ||||
Live Discover (Cross Estate SQL Querying for Threat Hunting and IT Security Operations Hygiene) | ||||
SQL Query Library (pre-written, fully customizable queries) | ||||
Suspicious Events Detection and Prioritization | ||||
Fast Access, On-disk Data Storage (up to 90 days) | ||||
Cross-product Data Sources e.g. Firewall, Email | ||||
Cross-product Querying | ||||
Sophos Data Lake (Cloud Data Storage) |
30 days |
30 days |
30 days |
|
Scheduled Queries | ||||
INVESTIGATE | ||||
Threat Cases (Root Cause Analysis) | ||||
Deep Learning Malware Analysis | ||||
Advanced On-demand SophosLabs Threat Intelligence | ||||
Forensic Data Export | ||||
REMEDIATE | ||||
Automated Malware Removal | ||||
Synchronized Security Heartbeat | ||||
Sophos Clean | ||||
Live Response (remotely investigate and take action) | ||||
On-demand Endpoint Isolation | ||||
Single-click “Clean and Block” | ||||
VISIBILITY | ||||
Cloud Workload Protection (Amazon Web Services, Microsoft Azure, Google Cloud Platform) | ||||
Synchronized Application Control (visibility of applications) | ||||
Cloud Security Posture Management (monitor AWS, Azure, GCP environments) | ||||
CONTROL | ||||
Server-specific Policy Management | ||||
Update Cache and Message Relay | ||||
Automatic Scanning Exclusions | ||||
File Integrity Monitoring | ||||
MANAGED SERVICE | ||||
24/7 Lead-driven Threat Hunting | ||||
Security Health Checks | ||||
Data Retention | ||||
Activity Reporting | ||||
Adversarial Detections | ||||
Threat Neutralization and Remediation | ||||
Full-scale Incident Response: threats are fully eliminated Requires full Sophos XDR agent (protection, detection and response) |
||||
Root Cause Analysis: performed to prevent future recurrence | ||||
Dedicated Incident Response Lead |
For supported Linux features see the license guide.