We performed a comparison between Sophos UTM and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Check Point Software Technologies, Cisco, Sophos and others in Unified Threat Management (UTM)."The initial setup has been fine."
"It works well without any maintenance. So far, it has worked pretty well regardless of the traffic."
"It's easy to use."
"We find all of the features valuable because together they fit the needs of our customers."
"Good basic firewall functions with advanced firewall scanning."
"The most valuable feature is ransomware protection."
"The most valuable feature is the price. I've been requesting prices all over these years between different solutions like Fortinet, Palo Alto, and Check Point and Sophos has been the cheapest and the best of all of them that I have tried. I have been working with Fortinet, it's a fact that the price is surprisingly better."
"It allows our developers to be able to securely log into servers to deploy and manage software."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"I like the way that Vectra AI focuses on the internal network. Nowadays, most of the attackers are already inside, and they can be inside for many years before they start attacking. With normal monitoring, it's quite difficult to find them."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks."
"The product could be simplified and made more self-explanatory."
"The interface configuration could be improved."
"I would like them to move from the Classic Load Balancer to the Network Load Balancer. This would make it easier to do certain things with Amazon. They are able to do some enhancements with Network Load Balancer that they are unable to do with Classic Load Balancer."
"Support for IKEv2 is needed in this solution."
"When we call support, we get put on hold for a long time."
"The management suite is easy and the agent is easy to develop."
"There is absolutely no support when using AWS. If you buy the on-premise Sophos solution, you get support."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"Other alternatives, like Darktrace, have a fancier UI."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
Sophos UTM is ranked 3rd in Unified Threat Management (UTM) with 110 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Sophos UTM is rated 8.4, while Vectra AI is rated 8.6. The top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.