• Home
  • Rapid7 InsightIDR vs. Sophos UTM

Rapid7 InsightIDR vs Sophos UTM comparison

Cancel
You must select at least 2 products to compare!
Rapid7 Logo
Rapid7 InsightIDR
Read 30 Rapid7 InsightIDR reviews
6,640 views|3,524 comparisons
95% willing to recommend
Sophos Logo
Sophos UTM
Read 110 Sophos UTM reviews
3,175 views|2,221 comparisons
89% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Security Information and Event Management (SIEM)
June 2024
Executive Summary

We performed a comparison between Rapid7 InsightIDR and Sophos UTM based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: June 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Agustinus DWIJOKO
A tool to detect malicious activities and provide security to networks and endpoints
I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company.
AlaaMady
A useable solution for small businesses who are willing to rely on cloud-based, centralized management of the software
I don't believe it has improved our organization; I don't actually like the product because of the features it is missing.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level.""I like that it's a cloud-based solution.""Rapid7's reporting is more robust than Tenable's.""The technical support is a solid 10 out of 10 as they take the time to answer any questions or problems which may arise in a reasonable time frame.""InsightIDR has allowed us to find potential security issues that we did not know existed, and get remediation quickly.""​​User behavioral analytics allows us to pinpoint abnormal or suspicious behavior among millions of events every day.""The web interface is great — very useful and user-friendly.""The alerting to drive investigations and remediation has been its most valuable feature.​"

More Rapid7 InsightIDR Pros →

"The initial setup is pretty straightforward.""The most valuable feature is that it is easy to administer.""Sophos integrates seamlessly, and we don't even feel it is running in the background.""The solution can scale.""Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator.""Sophos UTM's most valuable features are profiling and its simple configuration.""The product is extremely intuitive.""We find all of the features valuable because together they fit the needs of our customers."

More Sophos UTM Pros →

Cons
"One of the things that could be better is digital forensics. It is there, but it can be better. They could provide more on the endpoint detection level.""The interface for doing investigation needs to be enhanced with minor improvements that would make it more useful.""Needs a better ability to customize the check within the console.""Customised alert recipients need to be added to allow better first-line action and quicker response. Configurable honeypots would be a welcome addition.""I would like to see more development in InsightIDR towards building their SIEM solution and converting it to XDR.""Tenable Nessus is easier to deal with. It's more efficient and accurate. InsightIDR is heavier than Tenable in terms of performance and scanning. Rapid7 would be much easier to use if it had a network connector like Tenable. Tenable's connector allows continuous monitoring over the B caps.""The searching feature in Rapid7 InsightIDR needs to evolve""The reporting is the weakest aspect. There needs to be multi-level grouping for events (for example, group by user and destination). Right now, we can do a group by user and a separate table or group by destination. But I'd be more interested in where a person was logging into instead of who was logging in or where he was logging in."

More Rapid7 InsightIDR Cons →

"It needs a better user interface. The one they have is not so good.""The scalability of the product is an area with certain shortcomings where improvements are required.""The UI can be cumbersome and, sometimes, features are not where you think they should be.""There can be a delay when it comes to reaching out to technical support.""​Reporting: We have had to work manually in many of our reports.""Doesn't provide antivirus for individual computers.""The interface configuration could be improved.""The lack of import/export functions for network and service options drives me mad."

More Sophos UTM Cons →

Pricing and Cost Advice
  • "​I am sure that there are cheaper products out there, but none that meet so many of our needs whilst maintaining stability and usability.​"
  • "The team is very willing to work with companies. My suggestion is to call the Rapid7 sales department and see how they can help.​"
  • "Licensing is straightforward. If, for some reason, you don’t meet the minimum licensing requirements, there is a third-party managed service that can help."
  • "​Accurately predict your licensing counts as this is a subscription based product.​"
  • "The pricing and licensing are competitive."
  • "Licensing is by endpoint and amount of retention time (at least ours is). Default retention was one year, but we are able to push the retention further if needed. There's also a provide-your-own-S3 option for longer retention if you don't want to pay for the additional retention years in your Rapid7 agreement."
  • "It is a reasonably priced solution."
  • "It is on a yearly basis. For our own company, for about 250 users, it was 16,000 euros a year."

    • More Rapid7 InsightIDR Pricing and Cost Advice →

  • "The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it."
  • "If you can afford it, go for a small Check Point, as it is easier to manage."
  • "Unless you are in the United States, or you have to use Sophos, you can't contact Sophos directly. You have to use a third-party ​company, and they all have different ways of how they explain their licensing."
  • "Go to a vendor and let them assess your needs so you can get a right-sized device."
  • "Sophos offers free training when selling their products from within the partner portal.​"
  • "I would recommend to follow Sophos’ sizing guidelines for choosing which license and model to use. Sophos has their own way of going about this and supplies partners with all the information required. If you follow their documentation and guidelines, there should be zero questions about licensing and sizing."
  • "For under 50 users, MSP licensing is profitable."
  • "​In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.​​"

    • More Sophos UTM Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    Sophos UTM vs. Fortinet FortiGate
    I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application. Fortinet: If it… Read more →
    Questions from the Community
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What do you like most about Rapid7 InsightIDR?
    Top Answer:During simulations or demonstrations, the tool generates alerts, providing details such as the specific application, its origin, and potential threats. For instance, it can identify if an application… more »
    Read all 20 answers   →
    What is your experience regarding pricing and costs for Rapid7 InsightIDR?
    Top Answer:We chose Rapid7 because of its price. IBM QRadar charges us based on data storage. Rapid7 InsightIDR charges us based on the endpoints we connect to. We are satisfied with the product’s price.
    Read all 17 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite good. The most valuable features for me are their web and email filtering. I would… more »
    Read all 11 answers   →
    What Is The Biggest Difference Between Sophos UTM and Sophos XG?
    Top Answer:The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. They can not be compared with each other because the price, license, firewall… more »
    Read all 18 answers   →
    What do you like most about Sophos UTM?
    Top Answer:The most valuable feature of Sophos UTM is the endpoint protection feature.
    Read all 70 answers   →
    Ranking
    10th
    out of 80 in Security Information and Event Management (SIEM)
    Views
    6,640
    Comparisons
    3,524
    Reviews
    10
    Average Words per Review
    415
    Rating
    8.2
    1st
    out of 16 in Unified Threat Management (UTM)
    Views
    3,175
    Comparisons
    2,221
    Reviews
    27
    Average Words per Review
    392
    Rating
    8.2
    Comparisons
    Also Known As
    InsightIDR
    Astaro
    Learn More
    Rapid7
    Sophos
    Overview

    Parsing hundreds of trivial alerts. Managing a mountain of data. Manually forwarding info from your endpoints. Forget that. InsightIDR instantly arms you with the insight you need to make better decisions across the incident detection and response lifecycle, faster.

    Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.

    Sophos UTM Features

    Sophos UTM has many valuable key features. Some of the most useful ones include:

    • Web and Email Filtering
    • General Management
    • Network Protection
    • Network Routing and Services
    • Advanced Threat Protection
    • Authentication
    • Email Encryption and DLP
    • Web Policy
    • End-User Portal
    • VPN IPsec Client, VPN SSL Client, and Clientless VPN
    • Web Application Firewall Protection
    • UTM Endpoint Protection and Management
    • SEC Endpoint Integration
    • Logging and Reporting

    Sophos UTM Benefits

    There are many benefits to implementing Sophos UTM. Some of the biggest advantages the solution offers include:

    • Simplifies your IT security without the complexity of multiple point solutions
    • Intuitive interface to help you quickly create policies to control security risks
    • Provides clear, detailed reports to give you the insight you need to improve your network performance and protection
    • Complete control to block, allow, shape and prioritize applications
    • Two-factor authentication with one-time password (OTP)
    • Integrated wireless controller
    • Allows you to connect remote offices with easy VPN and Wi-Fi

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Sophos UTM solution.

    PeerSpot user Dana B., Network Administrator at a manufacturing company, says “The web and email filtering are the two biggest and most valuable aspects of the solution for us. The solution overall has just been a good, cost-effective solution for us. The solution offers a lot of functionality. The solution scales well. We've found the technical support to be helpful. The stability and performance are quite good.”

    A Technical Director at a security firm mentions, "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."

    Marek M., Senior Network Engineer at a computer software company, comments, “Sophos UTM is the simplest of these products to set up. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.”

    A Software Sales Manager at a tech services company explains, “The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.”

    James D., IT Manager at Manual Workers Union, states, “The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money. The solution has many great features. From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. The initial setup is simple. We enjoy its general stability. The solution can scale. So far, the solution has been problem-free.”

    Sample Customers
    Liberty Wines, Pioneer Telephone, Visier
    One Housing Group
    Top Industries
    REVIEWERS
    Comms Service Provider27%
    Computer Software Company20%
    Non Tech Company13%
    Security Firm13%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Manufacturing Company8%
    Financial Services Firm8%
    Government6%
    REVIEWERS
    Comms Service Provider12%
    Manufacturing Company12%
    Financial Services Firm10%
    Computer Software Company9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider9%
    Government9%
    Educational Organization6%
    Company Size
    REVIEWERS
    Small Business63%
    Midsize Enterprise20%
    Large Enterprise17%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise20%
    Large Enterprise53%
    REVIEWERS
    Small Business58%
    Midsize Enterprise20%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business37%
    Midsize Enterprise19%
    Large Enterprise44%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    June 2024
    Download Free Report
    Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: June 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 30 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. Rapid7 InsightIDR is rated 8.4, while Sophos UTM is rated 8.4. The top reviewer of Rapid7 InsightIDR writes "Helps in the management of compliance, secret events and information". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". Rapid7 InsightIDR is most compared with Darktrace, Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM and IBM Security QRadar, whereas Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.