Sophos Central XDR

Product code: XD3D1CSAA

In stock: delivery time approx. 1 - 3 working days

In stock: delivery time approx. 1 - 3 working days

29.50 CHF incl. VAT

Net price: 27.40 CHF


Product Description

Sophos XDR – Extended Detection and Response

Sophos XDR is a powerful troubleshooting tool that lets you go beyond the endpoint and server by integrating important network data to build up an in-depth picture of potential threats across your estate. In this first release, detailed intelligence from Sophos Firewall and Mail Security will be available along with information on endpoints or servers. With 30 days free cloud data storage included and more products being added over time, this innovative tool is ideal for investigations or tracking back an issue to its root cause – all in one platform!

This single XDR product is only needed if there is no XDR-capable product active yet in your Central Console, or a licence upgrade is required for the XDR part only. Products that already include XDR are Intercept X Advanced with XDR and Intercept X Advanced for Server with XDR. To understand the licensing model of Sophos Central XDR, we recommend reading the licensing guide.

Use cases include:

  • Get a complete understanding of your environment by integrating all available information from endpoints, servers, and firewall in one place, so you can see the whole picture. You'll be able to quickly compare indicators of compromise between different data sources for insight into any suspected attacks: drilling down granularly if necessary!
  • Hunt down network threats. Use detailed information to identify potential problems in the system that could hurt your business or company's bottom line, like illegal activity and hackers searching for an opportunity! For example, use ATP and IPS detections to investigate suspect hosts or activity on your own system - see if anything's suspicious! Use blocked malicious traffic events to understand a wider attack campaign.
  • Manage the mystery of IoT devices with ease. Firewall data enables admins to pinpoint unmanaged, guest and IoT connections across their organization’s environment - all from a single console that gives you full visibility into everything happening on today's networks (and tomorrow!).

The Sophos Data Lake provides offline access to critical data

It's no surprise that cybersecurity is a top priority for modern organizations. The Sophos Data Lake is a key component of XDR and enables offline access to critical data from Intercept X, the firewall & Email Gateway, even when devices are taken or destroyed. This is giving companies an edge in visibility into their entire environment and the power to drill down on granular detail within areas of interest with ease! Data retention periods are 7 days (EDR) and 30 days (XDR). This is in addition to the current 90 days of retention available on the device.

Cross-product querying

The power of cross-product querying is that it allows you to quickly move between your data sources and answer critical questions. For example, using firewall information to identify suspicious activity will then allow for an investigation into the suspected endpoint without any downtime or interruption on either end!

Scheduled Queries

As a data analyst, you likely spend hours poring through your datasets and trying to make sense of what they mean. But how do we know if those numbers actually mean anything? Scheduled Queries give us an opportunity for insight into our information by running scheduled queries overnight so that critical (and important!) insights are waiting when users like yourself need them most!

XDR-ready Products

Sophos Central XDR can currently be used with the following products:

  • Sophos Firewall (only with SFOS and Xstream Protection license)
  • Endpoints (Intercept X Advanced with XDR)
  • Server (Intercept X Advanced for Server with XDR)
  • Sophos Central Email Gateway

Coming Soon

Sophos Mobile and Cloud Optix will soon be sending data into the Sophos Data Lake giving XDR users access to rich mobile and cloud environment data.

Product was added to shopping cart