Workload Protection
Tech Specs
Secure your Windows and Linux servers whether in the cloud, on-premises, virtual, or mixed environments.
For further information, please see the Intercept X for Server datasheet, EDR/XDR datasheet, and Linux datasheet.
Get details on system requirements and supported operating systems for Windows and Linux.
Solution Comparison
|
Features |
Intercept X Advanced for Server |
Intercept X Advanced for Server with XDR |
Intercept X Advanced for Server with MDR |
Intercept X Advanced for Server with MDR Complete |
|---|---|---|---|---|
| ATTACK SURFACE REDUCTION | ||||
| Web Security | ||||
| Download Reputation | ||||
| Web Control / Category-based URL Blocking | ||||
| Peripheral Control | ||||
| Application Control | ||||
| Application Whitelisting (Server Lockdown) | ||||
| BEFORE IT RUNS ON DEVICE | ||||
| Deep Learning Malware Detection | ||||
| Anti-Malware File Scanning | ||||
| Live Protection | ||||
| Pre-execution Behavior Analysis (HIPS) | ||||
| Potentially Unwanted Application (PUA) Blocking | ||||
| Intrusion Prevention System | ||||
| STOP RUNNING THREAT | ||||
| Data Loss Prevention | ||||
| Runtime Behavior Analysis (HIPS) | ||||
| Antimalware Scan Interface (AMSI) | ||||
| Malicious Traffic Detection (MTD) | ||||
| Exploit Prevention | ||||
| Active Adversary Mitigations | ||||
| Ransomware File Protection (CryptoGuard) | ||||
| Disk and Boot Record Protection (WipeGuard) | ||||
| Man-in-the-Browser Protection (Safe Browsing) | ||||
| Enhanced Application Lockdown | ||||
| DETECT | ||||
| Linux Host and Container Behavioral and Exploit Runtime Decisions | ||||
| Live Discover (Cross Estate SQL Querying for Threat Hunting and IT Security Operations Hygiene) | ||||
| SQL Query Library (pre-written, fully customizable queries) | ||||
| Suspicious Events Detection and Prioritization | ||||
| Fast Access, On-disk Data Storage (up to 90 days) | ||||
| Cross-product Data Sources e.g. Firewall, Email | ||||
| Cross-product Querying | ||||
| Sophos Data Lake (Cloud Data Storage) |
30 days |
30 days |
30 days |
|
| Scheduled Queries | ||||
| INVESTIGATE | ||||
| Threat Cases (Root Cause Analysis) | ||||
| Deep Learning Malware Analysis | ||||
| Advanced On-demand SophosLabs Threat Intelligence | ||||
| Forensic Data Export | ||||
| REMEDIATE | ||||
| Automated Malware Removal | ||||
| Synchronized Security Heartbeat | ||||
| Sophos Clean | ||||
| Live Response (remotely investigate and take action) | ||||
| On-demand Endpoint Isolation | ||||
| Single-click “Clean and Block” | ||||
| VISIBILITY | ||||
| Cloud Workload Protection (Amazon Web Services, Microsoft Azure, Google Cloud Platform) | ||||
| Synchronized Application Control (visibility of applications) | ||||
| Cloud Security Posture Management (monitor AWS, Azure, GCP environments) | ||||
| CONTROL | ||||
| Server-specific Policy Management | ||||
| Update Cache and Message Relay | ||||
| Automatic Scanning Exclusions | ||||
| File Integrity Monitoring | ||||
| MANAGED SERVICE | ||||
| 24/7 Lead-driven Threat Hunting | ||||
| Security Health Checks | ||||
| Data Retention | ||||
| Activity Reporting | ||||
| Adversarial Detections | ||||
| Threat Neutralization and Remediation | ||||
|
Full-scale Incident Response: threats are fully eliminated Requires full Sophos XDR agent (protection, detection and response) |
||||
| Root Cause Analysis: performed to prevent future recurrence | ||||
| Dedicated Incident Response Lead | ||||
For supported Linux features see the license guide.