Crystal Eye XDR vs Sophos UTM comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
5,482 views|4,069 comparisons
Red Piranha Logo
32 views|21 comparisons
Sophos Logo
3,848 views|2,577 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Crystal Eye XDR and Sophos UTM based on real PeerSpot user reviews.

Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

    Information Not Available
  • "The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it."
  • "If you can afford it, go for a small Check Point, as it is easier to manage."
  • "Unless you are in the United States, or you have to use Sophos, you can't contact Sophos directly. You have to use a third-party ​company, and they all have different ways of how they explain their licensing."
  • "Go to a vendor and let them assess your needs so you can get a right-sized device."
  • "Sophos offers free training when selling their products from within the partner portal.​"
  • "I would recommend to follow Sophos’ sizing guidelines for choosing which license and model to use. Sophos has their own way of going about this and supplies partners with all the information required. If you follow their documentation and guidelines, there should be zero questions about licensing and sizing."
  • "For under 50 users, MSP licensing is profitable."
  • "​In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.​​"
  • More Sophos UTM Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application. Fortinet: If it… Read more →
    Questions from the Community
    Top Answer:Scanning, vulnerability reporting, and the dashboard are the most valuable features.
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Top Answer:While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a… more »
    Ask a question

    Earn 20 points

    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Top Answer:The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW… more »
    Top Answer:The most valuable features of the solution are application filtering and web filtering.
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Astaro
    Learn More
    Interactive Demo
    Red Piranha
    Demo Not Available
    Sophos
    Demo Not Available
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Crystal Eye XDR 

    Extend, Detection and Response 

    Crystal Eye XDR (Extended Detection & Response) protects, detects and responds to threats across your whole organisation, all from a single unified platform. It secures your organisation from the cloud to the endpoint with a range of integrated security controls.

    Problems

    • Security incidents are becoming more complex while compliance obligations are becoming harder to meet.
    • Organisations are struggling with too many products from different vendors which aren’t integrated together.
    • Companies need to be able to quickly identify real threats from all the noise and then initiate rapid response procedures to minimise business impact.

    Solution

    • XDR solves these problems by avoiding the complexity of configuring and monitoring separate security systems.
    • XDR offers a single unified platform that delivers security protection, threat detection and incident response across your whole organisation.

    Benefits

    • Reduce the risk of a security incident.
    • Reduce time to detect and respond to an event.
    • Reduce the cost of securing your business.

    XDR – Extended Detection & Response

    • XDR involves the collection and correlation of event data from endpoint, network and cloud sensors to identify real threats anywhere in your environment and automatically trigger a coordinated response to secure your business.
    • The first fully-integrated detection and response platform is ready to go out-of-the-box, so it delivers a consistent level of security without the complexity of integrating products from multiple vendors.
    • Our network-based and cloud-based sensors (Crystal Eye XDR) deliver Network Detection & Response (NDR), in combination with our host-based sensors (XDR Endpoints) deliver End-Point Detection & Response (EDR) which all work together to deliver Extended Detection & Response (XDR).
    • Crystal Eye Orchestrate is our centralised management console which takes care of the service delivery and also acts as a data lake to collect all the data for correlation and response coordination. This is a significantly simpler process due to the standard data format and shared data storage used across the Crystal Eye products, which avoids the laborious task of normalising and correlating data from different technologies.

    More than SIEM

    • XDR avoids the complex integration required with Security Information & Event Management (SIEM) and breaks down the silos between different systems by having a single data store for all events.
    • Where SIEM focuses on pulling the data together into events, XDR has the added benefit of pro-active and automated rapid response to stop threats in their tracks before real damage occurs. XDR goes a step further to provide advanced threat detection with research analysis labs to support defensive efforts.

    Integrated SOAR

    • Our XDR solution has integrated Security Orchestration, Automation & Response (SOAR) processes which allow you to automate responses to low-risk threats and coordinate responses to high-risk threats with the relevant resources.
    • These capabilities are typically not accessible for most organisations, but our integrated SOAR approach provides a comprehensive, cost-effective response solution available to businesses of any size. Our automated incident response process gets executed immediately when a breach occurs and is significantly cheaper than alternative options.

    Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.

    Sophos UTM Features

    Sophos UTM has many valuable key features. Some of the most useful ones include:

    • Web and Email Filtering
    • General Management
    • Network Protection
    • Network Routing and Services
    • Advanced Threat Protection
    • Authentication
    • Email Encryption and DLP
    • Web Policy
    • End-User Portal
    • VPN IPsec Client, VPN SSL Client, and Clientless VPN
    • Web Application Firewall Protection
    • UTM Endpoint Protection and Management
    • SEC Endpoint Integration
    • Logging and Reporting

    Sophos UTM Benefits

    There are many benefits to implementing Sophos UTM. Some of the biggest advantages the solution offers include:

    • Simplifies your IT security without the complexity of multiple point solutions
    • Intuitive interface to help you quickly create policies to control security risks
    • Provides clear, detailed reports to give you the insight you need to improve your network performance and protection
    • Complete control to block, allow, shape and prioritize applications
    • Two-factor authentication with one-time password (OTP)
    • Integrated wireless controller
    • Allows you to connect remote offices with easy VPN and Wi-Fi

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Sophos UTM solution.

    PeerSpot user Dana B., Network Administrator at a manufacturing company, says “The web and email filtering are the two biggest and most valuable aspects of the solution for us. The solution overall has just been a good, cost-effective solution for us. The solution offers a lot of functionality. The solution scales well. We've found the technical support to be helpful. The stability and performance are quite good.”

    A Technical Director at a security firm mentions, "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."

    Marek M., Senior Network Engineer at a computer software company, comments, “Sophos UTM is the simplest of these products to set up. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.”

    A Software Sales Manager at a tech services company explains, “The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.”

    James D., IT Manager at Manual Workers Union, states, “The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money. The solution has many great features. From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. The initial setup is simple. We enjoy its general stability. The solution can scale. So far, the solution has been problem-free.”

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    One Housing Group
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company12%
    Government12%
    Financial Services Firm12%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    No Data Available
    REVIEWERS
    Comms Service Provider12%
    Manufacturing Company12%
    Financial Services Firm10%
    Computer Software Company9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider10%
    Government8%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise24%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise57%
    No Data Available
    REVIEWERS
    Small Business58%
    Midsize Enterprise20%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business36%
    Midsize Enterprise19%
    Large Enterprise45%
    Buyer's Guide
    Extended Detection and Response (XDR)
    March 2024
    Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR). Updated: March 2024.
    765,386 professionals have used our research since 2012.

    Crystal Eye XDR is ranked 41st in Extended Detection and Response (XDR) while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Crystal Eye XDR is rated 0.0, while Sophos UTM is rated 8.4. On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Crystal Eye XDR is most compared with Untangle NG Firewall, whereas Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.