• 1 Monthly Server license - Central Intercept X Advanced for Server with XDR and MDR.
  • 1 Hour AdvisionIT Onboarding free of charge (8/5 Service).
  • Monthly Report.
  • 24/7 Modern Sophos SOC Service.
VAT incl.


  • 5 Monthly Server licenses - Central Intercept X Advanced for Server with XDR and MDR.
  • 2 Hours AdvisionIT Onboarding free of charge (8/5 Service).
  • 1 Hour AdvisionIT Monthly Support & Monitoring (8/5 Service).
  • Weekly Report.
  • Monthly Report.
  • 24/7 Sophos Modern SOC Service.
VAT incl.


  • 10 Monthly Server licenses - Central Intercept X Advanced for Server with XDR and MDR.
  • 3 Hours AdvisionIT Onboarding free of charge (8/5 Service).
  • 3 Hours AdvisionIT Monthly Support & Monitoring (8/5 Service).
  • Weekly Report.
  • Monthly Report.
  • 24/7 Modern Sophos SOC Service.
VAT incl.


  • 15 Monthly Server licenses - Central Intercept X Advanced for Server with XDR and MDR.
  • 5 Hours AdvisionIT Onboarding free of charge (8/5 Service).
  • 5 Hours AdvisionIT Monthly Support & Monitoring (8/5 Service).
  • Weekly Report.
  • Monthly Report.
  • 24/7 Modern Sophos SOC Service.
VAT incl.











 Solution Comparison - Server Protection Tech Specs Supported Microsoft Operating Systems  Sophos Protection for Linux

In the following table, you can find more information for the chosen SECaaS Bundle.

SECaaS Monthly Bundles 

Bundle 1 Bundle 5 Bundle 10 Bundle 15 Custom Bundle

Sophos Central Intercept X Advanced for Server with XDR and MDR.

1 5 10 15 Request a quote

Monthly Support & Monitoring hours 

- 1 3 5 Request a quote

Onboarding Hours free of charge

1 2 3 5 Request a quote

Monthly report

Yes Yes Yes


Request a quote 
  •  Service Provisioning  - Once you purchase the SECaaS bundle, an Account Manager from AdvisionIT will contact you during business hours and schedule the provisioning of the service. Usually, an online onboarding meeting is being planned with our team to get to know you and your IT environment.
  •  The amounts for the SECaaS bundles(Software licenses and professional service) are paid automatically on monthly basis at AdvisionIT’s web platform – 

Advanced Vision IT can customize the solution you need based on your requirements. Further on, we can offer you Firewall from Sophos аnd additional support bundles which complement the solution for cybersecurity on your servers and workstations/laptops. For more details on these additional features and bundles, please contact us.

Sophos - Terms and Conditions 

Sophos end user license agreement Sophos services agreement 

Service Description - Sophos Managed Threat Response and Sophos Rapid Response Data Processing Addendum 



⇒  What is Sophos MDR For Servers? 

Sophos Managed Detection and Response is a fully managed service delivered by experts who detect and respond to cyberattacks targeting your computers, servers, networks, cloud workloads, email accounts, and more.

Sophos Managed Detection and Response (MDR) for Servers is a comprehensive security solution designed to provide advanced threat detection and response capabilities specifically tailored for server environments. As part of Sophos MDR service offerings, this solution combines cutting-edge technology with human expertise to deliver proactive protection against sophisticated cyber threats that target servers.





How Do MDR Service Work?

 How Do MDR Service Work? 

Managed Detection and Response (MDR) services work by providing continuous monitoring, detection, and response to security threats within an organization's IT environment. Here's an overview of how MDR services typically operate:

  •  Collection  - Security telemetry is gathered from across the full IT ecosystem: endpoint, firewall, network, cloud, email, and identity solutions. The more analysts can see, the faster they can respond.
  •  Threat Detection  - Threat intelligence and business context are added to the data to provide a more complete view. Related security events are grouped into clusters for complete and efficient investigation.
  •  Threat Hunting  - Highly-trained analysts proactively detect threats that bypass security products. They look for tactics, techniques, and procedures (TTPs) commonly used by cybercriminals and threats that may bypass various security tools.
  •  Investigation  - Analysts determine the scope and severity of the threat and identify the next steps.
  •  Remediation  - Analysts interrupt the attack to prevent it from spreading, removing malware and isolating impacted systems.
  •  Neutralization  - Analysts perform root cause analysis to fully eliminate the attacker and prevent recurrence.

 Sophos MDR Key Capabilities 


24/7 Threat Monitoring and Response

Sophos MDR for Servers provides round-the-clock monitoring and analysis by a team of skilled security analysts. These experts leverage advanced tools and technologies to investigate alerts, analyze threat intelligence, and make informed decisions regarding threat remediation.


Threat Detection

The solution employs advanced threat detection mechanisms to continuously monitor server environments for signs of suspicious activities and potential security breaches. This includes identifying indicators of compromise (IOCs), anomalous behaviors, and known attack patterns.


Real-Time Response 

Upon detecting a security incident or suspicious activity, Sophos MDR for Servers enables swift and effective response actions. This may include isolating affected servers, blocking malicious processes, and containing the spread of threats to prevent further damage.


Threat Hunting

In addition to automated detection, the solution includes proactive threat-hunting capabilities. Security analysts proactively search for signs of hidden threats and persistent attackers within server environments, helping to identify and neutralize potential risks before they escalate.


Incident Response Support

Sophos MDR for Servers offers incident response support to assist organizations in managing security incidents effectively. This includes guidance on containment strategies, forensic analysis, and post-incident remediation to minimize the impact of security breaches.


Centralized Management and Reporting

The solution provides a centralized management console for administrators to oversee the security posture of their server infrastructure. It offers comprehensive reporting and analytics capabilities, allowing organizations to gain insights into security incidents, trends, and areas of vulnerability.



 Sophos Threat Advisor 

 Sophos MDR 

 Sophos MDR Complete 

24/7 expert-led threat monitoring and response 

Compatible with non-Sophos security product 

Weekly and monthly reporting 

Monthly intelligence briefing: “Sophos MDR ThreatCast” 

Sophos Account Health Check 


Expert-led threat hunting 


Threat containment: attacks are interrupted, preventing spread (Uses full Sophos XDR agent (protection, detection, and response) or Sophos XDR Sensor (detection and response)) 


Direct call-in support during active incidents 


Full-scale incident response: threats are fully eliminated (Requires full Sophos XDR agent – protection, detection, and response) 



Root cause analysis 



Dedicated incident Response Lead 



Breach Protection Warranty (Covers up to 1$ million in response expenses) 






Advanced Vision IT Ltd  Cybersecurity Products & Software



⇒  Advanced Vision IT Ltd  Cybersecurity Products & Software 

To build good cybersecurity protection, you need physical products and software that will help strengthen your network against attacks. If you want to view some of the ADVANCED VISION IT's cyber protection solutions, click on the links below.

  •  Endpoint security and antivirus software   - offer a centralized management system from which security administrators can monitor, protect, and investigate vulnerabilities across all endpoints, including computers, mobile devices, servers, and connected devices. Antivirus software helps keep a computer system healthy and free of viruses and other types of malware.
  •  Employee Monitoring Solution  - Employee monitoring solutions are software tools that enable employers to monitor the activities of their employees while they are at work. These solutions can be used to track employees' computer usage, including their internet browsing history, email communication, keystrokes, and application usage.
  •  Cybersecurity Backup  - A backup is a copy of the system or network's data for file restoration or archival purposes. Backups are an essential part of a continuity of operations plan as they allow for data protection and recovery.
  •  Еmail Protection  - refers to technology designed to prevent, detect and respond to cyber-attacks delivered through email. The term covers everything from gateways email systems to user behavior to related support services and security tools.
  •  Password Vault Manager   - A password vault, password manager, or password locker is a program that stores usernames and passwords for multiple applications securely and in an encrypted format. Users can access the vault via a single “master” password.
  •  Vulnerability Assessment & Patch Management  - The main difference between patch management and vulnerability management is that patch management is the operational process of applying remediations (patches) to vulnerable systems. Vulnerability management is the process of identifying, scanning, and prioritizing vulnerabilities for remediation.
  •  Data loss prevention (DLP)    - makes sure that users do not send sensitive or critical information outside the corporate network. 
  •  Microsoft Office 365 and Azure Backup and  Migration  - Microsoft Office 365 is a cloud-based suite of productivity and collaboration tools that includes popular applications such as Word, Excel, PowerPoint, and Outlook. Azure Backup and Migration are cloud-based services offered by Microsoft that allow organizations to protect and migrate their data to the cloud.
  •  Zero Trust Network Access (ZTNA) Solution  - Zero Trust Network Access (ZTNA) is a security model that assumes that every user, device, and network connection is potentially insecure and should not be trusted by default. ZTNA replaces traditional perimeter-based security models, assuming that all network users and devices are trusted.
  •  Cloud Security  - Cloud security is a collection of security measures designed to protect cloud-based infrastructure, applications, and data. These measures ensure user and device authentication, data and resource access control, and data privacy protection.
  •  Next-Generation Firewall  - protects your network by filtering traffic and acting as a guard between your internal network and the rest of the world. Without a Firewall, your business systems could be left wide open and vulnerable to attack. It also serves as another protective layer to block malicious software.
  •  Active Directory Security and Recovery   are critical components of any organization's cybersecurity strategy. Here are some key steps that can be taken to secure and recover Active Directory.
  •  SIEM & SOAR  - SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) are both tools used in cybersecurity to monitor and respond to security threats.