Sophos Central Intercept X Advanced für Server mit EDR und MTR Advanced

Product code: MVAD1CSAA

In stock: delivery time approx. 1 - 3 working days

In stock: delivery time approx. 1 - 3 working days

436.20 CHF incl. VAT

Net price: 405.00 CHF

Type:
Version:
Term:
Right of use:
Levels:
Quantity:

Product Description

Managed Threat Response - Artificial intelligence mixed with human expertise

With Sophos Central Intercept X Advanced for Server with EDR and MTR, you can achieve the highest level of security that Sophos can currently offer to protect your servers (Windows Server 2008 R2+). In this bundle you get all the features of Intercept X Advanced for Server with EDR and the MTR service introduced in October 2019.

Would you like to see the Sophos Central user interface live? Simply go to central.sophos.com and use the demo account. Username: demo@sophos.com / Password: Demo@sophos.com

Active threat hunting by a team of experts - 24/7


With the MTR service, Sophos has done a huge favor for people who would have loved to buy Intercept X Advanced for Server with EDR but simply didn't have the resources to make the potential from EDR. It takes highly skilled and specialized professionals to use EDR to scan the network for potential threats and take the correct steps in case of an attack.
With Sophos MTR, you no longer need to go out and look for trained staff yourself. Sophos provides you with a team of threat experts who are available 24/7 to hunt for threats.

Try Sophos Central free of charge!

Create a free Sophos Central Account now and test all products, including Central Intercept X Advanced for Server with EDR and MTR without obligation for 30 days. Once you're convinced of the solution after your trial period, you can easily order licenses from us.

Jetzt Account erstellen

Sophos MTR Service Tiers

Sophos MTR is available in Standard and Advanced versions. This allows companies to choose the service offering that best suits their needs.

Sophos MTR: Standard


24/7 Lead-Driven Threat Hunting

If something was detected on your system that could not be fixed automatically and requires human expertise, the MTR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and decides what needs to be done based on his experience.

Adversarial Detections

The MTR team pays special attention to attacks that are executed via legitimate processes such as PowerShell. Such attacks are very often successful because they are very difficult for monitoring tools to detect. The MTR team uses proprietary analysis techniques to monitor these processes to ensure that they are not misused for malicious purposes.

Security Health Check

The Security Health Check ensures that your Sophos Central products, such as Intercept X Advanced with EDR, are always running at maximum performance. To do this, the MTR team looks at your network requirements and makes recommendations for configuration changes.

Activity Reporting

You will find out the current state of your systems, what findings were collected during the reporting period and what threats were averted. A histogram of these reports is then generated over the period that you use the MTR service. This data is used by Sophos to create "scorecards" for you to compare against previous periods.


Sophos MTR: Advanced


24/7 Leadless Threat Hunting

The MTR team of analysts will take a close look at the most critical devices or user accounts in your organization. They look at how the network communicates, whether suspicious processes are running, or other unusual or atypical behavior. The data collected is used to try to predict the strategy of attackers and identify new attack indicators (IoA).

Dedicated Threat Response Lead

When an incident is detected, you will be assigned a dedicated response leader who will assist you over the phone to completely resolve the problem!

Direct Call-In Support

Another advantage of the Advanced version is a direct access to the MTR analyst team, which is available 24/7 for your team. So if you have a question or want to talk about a particular threat, for example, you can contact the Security Operations Center (SOC) directly by phone.

Enhanced Telemetry

For enhanced telemetry, the Advanced version goes beyond just detecting events at the endpoint and includes data from other Central products in the threat analysis.

Proactive Posture Improvement

The Advanced package takes the Security Health Check to the next level. While the Standard package makes general recommendations for the configuration of Central products, the MTR team now also considers the business context behind the configuration settings of, for example, a policy. You'll receive guidance on how to fix configuration and architecture vulnerabilities that impact your security.

Asset Discovery

Sophos experts will not only discuss critical operations with you, but will also get an overview of the applications in use and identify potential points of attack that may arise in the system. The MTR team also takes into account an asset inventory to help them understand what applications are running on an endpoint and whether they are affected by open vulnerabilities. The result is valuable detailed information that is specific to your organization.

Onboarding process with maximum control and transparency

Regardless of whether you choose the Standard or Advanced version, you retain control over how autonomously the MTR team should work. This is regulated right at the beginning with the so-called onboarding process. When you purchase the Sophos MTR service, you can choose from three options that determine how you expect the MTR team to respond:

Notify

At this level, when the Sophos MTR team has detected a threat or attack, they will only inform you of it, not act on your behalf. However, you will receive a detailed report on the cause and detection, with actionable steps to take to resolve the threat on your own.

Collaborate

The Sophos MTR team will work with your team, or with an external consultant, to respond to these threats.

Authorize

Here, the MTR team takes care of containment and neutralization actions completely independently and merely informs you about the measures taken.

Technical Specifications

Intercept X Advanced for ServerIntercept X Advanced for Server with EDRSophos Server MTR StandardSophos Server MTR Advanced
Application Whitelisting [Server Lockdown]:
Web Security:
Windows Firewall Control:
Download Reputation:
Web Control (URL Blocking):
Peripheral Control (e.g. USB):
Application Control:
Deep Learning malware detection:
Exploit Prevention:
Anti-Malware File Scanning:
Live Protection:
Pre-execution Behavior Analysis (HIPS):
Off-board scanning for VMs (ESXi and Hyper-V):
Potentially Unwanted Application (PUA) Blocking:
Data Loss Prevention:
Anti-Hacker/Active Adversary Mitigations:
Ransomware File Protection (CryptoGuard):
Disk and Boot Record Protection (WipeGuard):
Malicious Traffic Detection (MTD):
Sophos Clean Automated Malware Removal:
Root Cause Analysis:
Server-specific policy management:
Update Cache and Message Relay:
Automatic Scanning Exclusions:
Synchronized Application Control:
Azure Workload Discovery and Protection:
AWS Workload Discovery and Protection:
AWS Map, multi-region visualization:
Synchronized Security with Security Heartbeat™:
Windows Remote Desktop Services (user visibility):
Multi-factor authentication:
Role-based administration:
Malware Analysis with SophosLabs:-
Enterprise-wide threat detection:-
Endpoint detection and response (EDR):-
24/7 Monitoring and Response:--
Lead-driven threat hunting:--
Advanced lead-less threat hunting:---

Product was added to shopping cart