Intercept X – Enhanced Performance and Protection Updates

ProductsIntercept XIntercept X for Server

The release period to all Intercept X and Intercept X for Server customers will begin on February 23, 2022

We are pleased to announce that we will soon be introducing significant performance and protection enhancements to all Intercept X and Intercept X for Server customers.

Customers will automatically receive this new functionality throughout the release period that begins on February 23, 2022. Please note that if your organization restricts access to specific domains with a firewall or proxy, three new Sophos domains must be added to ensure you continue to receive the latest Intercept X updates going forward. See this knowledgebase article for more detail.

A new scanning engine

A multi-year endeavor in the making, this ground-up rewrite of functionality touches nearly every aspect of Intercept X and brings multiple benefits.

  • Reduced footprint
    The new architecture significantly reduces the size of the Intercept X agent while continuing to deliver the incredibly broad feature set that is crucial for stopping the latest threats
  • AI-first protection
    Intercept X has provided exceptional signatureless protection with deep learning AI and behavioral detections for a long time. This release strengthens this approach and further reduces the use of signatures
  • Smaller updates
    Enhancements to the update delivery mechanism mean that the majority of updates will be smaller in size, resulting in reduced bandwidth consumption and less disk space consumed on update cache servers

HTTPS inspection

The introduction of HTTPS traffic inspection enables Intercept X to decrypt and re-encrypt HTTPS network traffic to examine it for malicious content, automatically block elements as required and keep valid traffic secure. Admins can choose to exclude websites from HTTPS inspection by hostname or IP address if desired. This functionality can be controlled from Global Settings -> SSL/TLS decryption of HTTPS websites.

Important – Adding new domains

If your organization restricts access to domains with a firewall or proxy and uses recommended Sophos wildcards, you will continue to receive updates and no action is needed.

However, if your organization names specific domains, you must add the following three new Sophos domains to continue receiving the latest Intercept X updates going forward. See this article for more information on domains.

  • sophosupd.com
  • sophosupd.com
  • sophosupd.net

Release schedule

Rollout to Intercept X customers begins February 23, 2022. Rollout to Intercept X for Server customers begins April 19, 2022. Both rollouts will be performed in stages and are expected to take two months to complete.