I'm currently dealing with some major frustrations using Sophos for our security software in a mixed environment. We have about 60% of our company on Windows and 40% on Macs. The Windows devices run smoothly with Sophos, but on the Mac side, we keep running into issues. After any OS update, some of our Mac devices trigger an error saying "A macOS device doesn't meet Sophos prerequisites and might not be protected," and this happens randomly and frequently. We've tried working with support, but it hasn't been very fruitful.
Another big problem is the performance impact Sophos has on our engineers' Mac systems due to the Live/Runtime protection. We've attempted to add specific applications to exception lists to mitigate this, but it just leads to an ever-growing list of exceptions that barely help. After over a year of dealing with these headaches, I'm ready to explore better alternatives. I've been considering CrowdStrike or SentinelOne, but I'm looking for advice from others who have been in a similar position and aren't pushy salespeople.
5 Answers
As a Sophos employee, I can suggest that you check if the permissions for the Sophos Endpoint have changed on those Macs. Sometimes the macOS permissions can randomly shift, which affects device security. Additionally, using management software to standardize installation paths can help reduce your hassle with exceptions. Implementation of that could make things run a lot smoother.
Bitdefender has worked well in our mixed environment. Make sure you outline what features are critical for you, and you should be set. Performance has been solid across both Windows and Mac.
We switched to Defender for Endpoint since it's bundled with our M365 licensing, and honestly, we haven’t had any issues with performance on Macs. It’s been quite stable for us compared to Sophos.
I completely get your frustration! We've faced the same prerequisite issues with Sophos on Macs. I switched to SentinelOne because it doesn't have those same problems, but do keep in mind, you'll still might need to manage a lot of exceptions. While SentinelOne can handle importing exceptions in bulk, it requires proper formatting of CSVs, which can be a hassle when you have a lot of different setups. Overall, I find it more reliable than Sophos in a Mac environment, but everyone's experience can differ.
We've recently moved from SentinelOne to CrowdStrike, and it’s been pretty impressive. We didn’t have the best time with support from SentinelOne, especially with issues regarding false positives on Mac systems. Though we chose SentinelOne for cost initially, during our analysis, we've now found much better stability with CrowdStrike on both OS.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures