We performed a comparison between Rapid7 InsightIDR and Sophos UTM based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."Great coverage of all systems within our network from endpoint to firewall."
"User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day."
"Another very important part of insightIDR is the ability to collect data from endpoint devices via agent software. With a large remote workforce, this allows visibility into the endpoints that are connected to the internet, but not to the corporate network."
"The ability to ingest Office 365 log files, then process them into events and display them on a map."
"The UI is very good."
"Very intuitive and easy to set up."
"Rapid7 InsightIDR integrates well with other solutions. It's also easy to configure because Rapid7 InsightIDR has a lot of instructions posted on their website that customers can follow if they need to get the source log."
"InsightIDR helps us investigate an environment to discover information about incidents."
"Sophos UTM has a good user interface and granular security controls."
"It is a very good product. The threat monitoring process is the most valuable feature."
"Brings greater visibility into the network traffic coming inside and passing away from the company."
"It allows me to easily connect with more than forty-five remote sites and more than fifty remote users between IPsec and SSL VPN, applying the web filter and application filter to ensure a secure connection."
"Sophos UTM provides security for our network here and access through a VPN connection for our remote users. It also offers the flexibility to create different tools for accessibility."
"The most valuable features of the solution are application filtering and web filtering."
"The stability of Sophos UTM is very good. The solution has been stable since Sophos took over Cyberoam which was the original company providing this solution."
"Sophos UTM is very user-friendly and has good integration with other solutions."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"The searching feature in Rapid7 InsightIDR needs to evolve"
"The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful."
"The APIs can be further improved in Rapid7."
"I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"Needs a better ability to customize the check within the console."
"The integration capabilities of the solution have certain shortcomings where improvements are required."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"In short, the UI and UX are the areas of improvement in Sophos UTM and similar solutions compared to Palo Alto."
"There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
"The solution could be improved by adding cloud soundboxing."
"The scalability of the product is an area with certain shortcomings where improvements are required."
"During initial configuration, I encountered a few issues."
"The virus updates will always depend on new viruses that are discovered. Maybe they can send a notification or a reminder for update time."
"Finding information about Sophos’ sizing guidelines can actually be difficult. Also, Sophos does not make it clear what they mean by “users” when you are sizing a firewall, which then leads to undersized implementations."
Rapid7 InsightIDR is ranked 9th in Security Information and Event Management (SIEM) with 30 reviews while Sophos UTM is ranked 3rd in Unified Threat Management (UTM) with 110 reviews. Rapid7 InsightIDR is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.