Sophos Central Intercept X Advanced für Server mit EDR und MTR Advanced
Net price: 364.85 CHF
- This product can be ordered worldwide! ↪ Shipping & Delivery
Managed Threat Response - Artificial intelligence mixed with human expertise
With Sophos Central Intercept X Advanced for Server with EDR and MTR, you can achieve the highest level of security that Sophos can currently offer to protect your servers (Windows Server 2008 R2+). In this bundle you get all the features of Intercept X Advanced for Server with EDR and the MTR service introduced in October 2019.
Would you like to see the Sophos Central user interface live? Simply go to central.sophos.com and use the demo account. Username: firstname.lastname@example.org / Password: Demo@sophos.com
Active threat hunting by a team of experts - 24/7
With the MTR service, Sophos has done a huge favor for people who would have loved to buy Intercept X Advanced for Server with EDR but simply didn't have the resources to make the potential from EDR. It takes highly skilled and specialized professionals to use EDR to scan the network for potential threats and take the correct steps in case of an attack.
With Sophos MTR, you no longer need to go out and look for trained staff yourself. Sophos provides you with a team of threat experts who are available 24/7 to hunt for threats.
Try Sophos Central free of charge!
Create a free Sophos Central Account now and test all products, including Central Intercept X Advanced for Server with EDR and MTR without obligation for 30 days. Once you're convinced of the solution after your trial period, you can easily order licenses from us.Jetzt Account erstellen
Sophos MTR Service Tiers
Sophos MTR is available in Standard and Advanced versions. This allows companies to choose the service offering that best suits their needs.
Sophos MTR: Standard
24/7 Lead-Driven Threat Hunting
If something was detected on your system that could not be fixed automatically and requires human expertise, the MTR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and decides what needs to be done based on his experience.
The MTR team pays special attention to attacks that are executed via legitimate processes such as PowerShell. Such attacks are very often successful because they are very difficult for monitoring tools to detect. The MTR team uses proprietary analysis techniques to monitor these processes to ensure that they are not misused for malicious purposes.
Security Health Check
The Security Health Check ensures that your Sophos Central products, such as Intercept X Advanced with EDR, are always running at maximum performance. To do this, the MTR team looks at your network requirements and makes recommendations for configuration changes.
You will find out the current state of your systems, what findings were collected during the reporting period and what threats were averted. A histogram of these reports is then generated over the period that you use the MTR service. This data is used by Sophos to create "scorecards" for you to compare against previous periods.
Sophos MTR: Advanced
24/7 Leadless Threat Hunting
The MTR team of analysts will take a close look at the most critical devices or user accounts in your organization. They look at how the network communicates, whether suspicious processes are running, or other unusual or atypical behavior. The data collected is used to try to predict the strategy of attackers and identify new attack indicators (IoA).
Dedicated Threat Response Lead
When an incident is detected, you will be assigned a dedicated response leader who will assist you over the phone to completely resolve the problem!
Direct Call-In Support
Another advantage of the Advanced version is a direct access to the MTR analyst team, which is available 24/7 for your team. So if you have a question or want to talk about a particular threat, for example, you can contact the Security Operations Center (SOC) directly by phone.
For enhanced telemetry, the Advanced version goes beyond just detecting events at the endpoint and includes data from other Central products in the threat analysis.
Proactive Posture Improvement
The Advanced package takes the Security Health Check to the next level. While the Standard package makes general recommendations for the configuration of Central products, the MTR team now also considers the business context behind the configuration settings of, for example, a policy. You'll receive guidance on how to fix configuration and architecture vulnerabilities that impact your security.
Sophos experts will not only discuss critical operations with you, but will also get an overview of the applications in use and identify potential points of attack that may arise in the system. The MTR team also takes into account an asset inventory to help them understand what applications are running on an endpoint and whether they are affected by open vulnerabilities. The result is valuable detailed information that is specific to your organization.
Onboarding process with maximum control and transparency
Regardless of whether you choose the Standard or Advanced version, you retain control over how autonomously the MTR team should work. This is regulated right at the beginning with the so-called onboarding process. When you purchase the Sophos MTR service, you can choose from three options that determine how you expect the MTR team to respond:
At this level, when the Sophos MTR team has detected a threat or attack, they will only inform you of it, not act on your behalf. However, you will receive a detailed report on the cause and detection, with actionable steps to take to resolve the threat on your own.
The Sophos MTR team will work with your team, or with an external consultant, to respond to these threats.
Here, the MTR team takes care of containment and neutralization actions completely independently and merely informs you about the measures taken.
|Intercept X Advanced for Server||Intercept X Advanced for Server with EDR||Sophos Server MTR Standard||Sophos Server MTR Advanced|
|Application Whitelisting [Server Lockdown]:||✔||✔||✔||✔|
|Windows Firewall Control:||✔||✔||✔||✔|
|Web Control (URL Blocking):||✔||✔||✔||✔|
|Peripheral Control (e.g. USB):||✔||✔||✔||✔|
|Deep Learning malware detection:||✔||✔||✔||✔|
|Anti-Malware File Scanning:||✔||✔||✔||✔|
|Pre-execution Behavior Analysis (HIPS):||✔||✔||✔||✔|
|Off-board scanning for VMs (ESXi and Hyper-V):||✔||✔||✔||✔|
|Potentially Unwanted Application (PUA) Blocking:||✔||✔||✔||✔|
|Data Loss Prevention:||✔||✔||✔||✔|
|Anti-Hacker/Active Adversary Mitigations:||✔||✔||✔||✔|
|Ransomware File Protection (CryptoGuard):||✔||✔||✔||✔|
|Disk and Boot Record Protection (WipeGuard):||✔||✔||✔||✔|
|Malicious Traffic Detection (MTD):||✔||✔||✔||✔|
|Sophos Clean Automated Malware Removal:||✔||✔||✔||✔|
|Root Cause Analysis:||✔||✔||✔||✔|
|Server-specific policy management:||✔||✔||✔||✔|
|Update Cache and Message Relay:||✔||✔||✔||✔|
|Automatic Scanning Exclusions:||✔||✔||✔||✔|
|Synchronized Application Control:||✔||✔||✔||✔|
|Azure Workload Discovery and Protection:||✔||✔||✔||✔|
|AWS Workload Discovery and Protection:||✔||✔||✔||✔|
|AWS Map, multi-region visualization:||✔||✔||✔||✔|
|Synchronized Security with Security Heartbeat™:||✔||✔||✔||✔|
|Windows Remote Desktop Services (user visibility):||✔||✔||✔||✔|
|Malware Analysis with SophosLabs:||-||✔||✔||✔|
|Enterprise-wide threat detection:||-||✔||✔||✔|
|Endpoint detection and response (EDR):||-||✔||✔||✔|
|24/7 Monitoring and Response:||-||-||✔||✔|
|Lead-driven threat hunting:||-||-||✔||✔|
|Advanced lead-less threat hunting:||-||-||-||✔|