We performed a comparison between Rapid7 InsightIDR and Sophos UTM based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The web interface is great — very useful and user-friendly."
"Intelligent alerting to avoid the common problem of alert fatigue associated with traditional SIEMs."
"Very intuitive and easy to set up."
"I like the tool's user analysis feature."
"Integration with threat modeling from the Metasploit and InsightIDR repositories."
"During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application belongs to a known ransomware group. The system rates the threat, offering a clear detection ratio, such as 97 out of 100. It not only identifies threats but also illustrates the associated behaviors, helping us understand the potential risk to a particular endpoint."
"Simple configuration and automatically syncs to the cloud platform."
"We were able to identify criminals attempting to login from China and put a stop on their IP locations."
"The most valuable features of the solution are application filtering and web filtering."
"This is a very stable product."
"The firewall itself is very strong and provides great security."
"The most valuable feature of Sophos UTM is the simple-to-use interface."
"The most valuable features of Sophos UTM are the ease of use, it is very user-friendly. You can understand what they implement in the new firmware, and it's easy to manage the firewalls."
"The most valuable features of this solution are the firewall application and application control."
"Configuration troubleshooting is eased by the use of the color-coded, live firewall log."
"The initial setup is pretty easy."
"The dashboard is an area that could be simplified."
"The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level."
"The ability to tune the collector for custom logs would greatly help."
"Needs a better ability to customize the check within the console."
"The main problem lies in the processes within the client's operating systems."
"InsightIDR's integration with other solutions could be improved. Also, I'd like more control from the portal over what's happening on the endpoint side. For example, when I see an attack on an endpoint, I want to be able to stop it from the portal."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"With Sophos UTM, there is a general rule in the firewall when the country blocking can block some countries from accessing your data. In the current version, you still need to add it by putting in the IP range. This feature would be helpful for administrators and it gives them the advantage to block stuff in less time."
"It's stable, but the reaction time of the GUI is terrible."
"It is a little too CPU resource intensive, so we would like to see improvements there."
"It needs a better user interface. The one they have is not so good."
"Monitoring and reporting are areas that need improvement."
"The reporting could improve by providing information on where, or from which device attacks are coming from. We are already given the country where the attack is coming from but more information would be beneficial."
"The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
"The only time we face a problem or issues is when we place a ticket. We have found that response is very slow."
Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Rapid7 InsightIDR is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.