• Home
  • Sophos UTM vs. Trellix Network Detection and Response

Sophos UTM vs Trellix Network Detection and Response comparison

Cancel
You must select at least 2 products to compare!
Sophos Logo
Sophos UTM
Read 110 Sophos UTM reviews
3,175 views|2,221 comparisons
89% willing to recommend
Trellix Logo
Trellix Network Detection and Response
Read 37 Trellix Network Detection and Response reviews
1,917 views|1,335 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Unified Threat Management (UTM)
May 2024
Executive Summary

We performed a comparison between Sophos UTM and Trellix Network Detection and Response based on real PeerSpot user reviews.

Find out what your peers are saying about Check Point Software Technologies, Cisco, Sophos and others in Unified Threat Management (UTM).
To learn more, read our detailed Unified Threat Management (UTM) Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
AlaaMady
A useable solution for small businesses who are willing to rely on cloud-based, centralized management of the software
I don't believe it has improved our organization; I don't actually like the product because of the features it is missing.
BiswabhanuPanda
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity...
We had a serious incident where an attacker attempted a web shell attack on one of our web servers [DevOps server]. We were able to identify that... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"This is a very stable product.""Scaling out cannot be easier, as there are many migration paths.""The most valuable features of Sophos UTM are the ease of use, it is very user-friendly. You can understand what they implement in the new firmware, and it's easy to manage the firewalls.""The firewall itself is very strong and provides great security.""The most valuable feature of Sophos UTM is reporting, it is flexible. I can monitor the end user's devices, even when they are not on my network. It has good drill-down capabilities.""It improved bandwidth utilization and provided link load balancing features for internet and intranet lease lines.""The initial setup was easy.""The UTM features are reasonably strong and the patterns are updated on a regular basis"

More Sophos UTM Pros →

"The most valuable feature of the solution stems from how it allows users to do the investigation part. Another important part of the product that is valuable is associated with how it gives information to users in the form of a storyline.""It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye.""The installation phase was easy.""The solution can scale.""Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats.""We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up.""Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.""It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."

More Trellix Network Detection and Response Pros →

Cons
"The documentation during the AWS integration was a little fuzzy on getting it to work with how the whole public exposure versus private exposure, then routing some of the traffic.""Email spam filtering only works if you have an on-prem Exchange server. It doesn't interface with Office 365 like the XG model. That would be one feature that they could improve. They're not going to do it because they're trying to push us all to XG.""VPN needs IKEv2, but it’s in the roadmap. Also, all new, cool features will only come to the new Sophos XG Firewall.""Stay away from the wireless models, since you cannot put them in HA. They start to give you some weird issues once you start getting into multiple SSIDs and networks.""I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply.""Monitoring and reporting are areas that need improvement.""They could reduce the price.""The interface configuration could be improved."

More Sophos UTM Cons →

"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.""The analytics could be better. It seems heavily influenced by the McAfee and FireEye integration, and that integration still isn't seamless.""I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet.""A better depth of view, being able to see deeper into the management process, is what I'd like to see.""FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically.""Management of the appliance could be greatly improved.""Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier.""There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."

More Trellix Network Detection and Response Cons →

Pricing and Cost Advice
  • "The licensing model is very straightforward, it's a bit pricey, but for what you get, it's well worth it."
  • "If you can afford it, go for a small Check Point, as it is easier to manage."
  • "Unless you are in the United States, or you have to use Sophos, you can't contact Sophos directly. You have to use a third-party ​company, and they all have different ways of how they explain their licensing."
  • "Go to a vendor and let them assess your needs so you can get a right-sized device."
  • "Sophos offers free training when selling their products from within the partner portal.​"
  • "I would recommend to follow Sophos’ sizing guidelines for choosing which license and model to use. Sophos has their own way of going about this and supplies partners with all the information required. If you follow their documentation and guidelines, there should be zero questions about licensing and sizing."
  • "For under 50 users, MSP licensing is profitable."
  • "​In the case of a software/virtual appliance subscription, you pay by protecting user/IP addresses. You can do this to as much hardware resources as you like.​​"

    • More Sophos UTM Pricing and Cost Advice →

  • "Pricing and licensing are reasonable compared to competitors."
  • "The pricing is a little high."
  • "Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
  • "There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
  • "We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
  • "FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
  • "When I compare this solution to its competitors in the market, I find that it is a little expensive."
  • "The user fee is not as high but the maintenance fee is expensive."

    • More Trellix Network Detection and Response Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Unified Threat Management (UTM) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    Sophos UTM vs. Fortinet FortiGate
    I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main hang-ups will be with the VIP/load balancing and SSL. For some reason that completely escapes me, both of these vendors make getting valid certificates onto their boxes unnecessarily difficult -- the Fortinet appliances more so than the Sophos UTM appliances. At one point a Fortinet engineer had to write an entire manual on how to get an SSL certificate uploaded successfully on the 4.x firmware Sophos: The one feature that is missing (and this makes some amount of sense) from the Sophos appliance is BITS caching for updates. Other than that, Sophos offers a full replacement for TMG on UTM9. The XG platform also offers a replacement for the TMG; however, some of the rumblings about upcoming releases suggests that Sophos is going to give XG the Apple iOS treatment and "streamline" the interface...potentially cutting out/hiding some functionality. On the effectiveness of the NGFW, Sophos is mostly good but has a few issues blocking all pieces of an application. For instance, we had to build custom blocking rules for OpenVPN (the vpn was being used to bypass the content filter) because the default Application Control wasn't effectively blocking the application. Fortinet: If it… Read more →
    Questions from the Community
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite good. The most valuable features for me are their web and email filtering. I would… more »
    Read all 11 answers   →
    What Is The Biggest Difference Between Sophos UTM and Sophos XG?
    Top Answer:The Sophos UTM is a UTM and Sophos XG is the NGFW. First, you must know about the difference between a UTM and NGFW. They can not be compared with each other because the price, license, firewall… more »
    Read all 18 answers   →
    What do you like most about Sophos UTM?
    Top Answer:The most valuable feature of Sophos UTM is the endpoint protection feature.
    Read all 70 answers   →
    What do you like most about FireEye Network Security?
    Top Answer:We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and… more »
    Read all 24 answers   →
    What is your experience regarding pricing and costs for FireEye Network S...
    Top Answer:The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced. It's a bit on the expensive side, but we don't want to compromise with cheap, less… more »
    Read all 16 answers   →
    What needs improvement with FireEye Network Security?
    Top Answer:The analytics could be better. It seems heavily influenced by the McAfee and FireEye integration, and that integration still isn't seamless. STG needs to... I'm not sure what their roadmap is; they've… more »
    Read all 24 answers   →
    Ranking
    1st
    out of 16 in Unified Threat Management (UTM)
    Views
    3,175
    Comparisons
    2,221
    Reviews
    27
    Average Words per Review
    392
    Rating
    8.2
    9th
    out of 37 in Advanced Threat Protection (ATP)
    Views
    1,917
    Comparisons
    1,335
    Reviews
    6
    Average Words per Review
    562
    Rating
    8.5
    Comparisons
    Also Known As
    Astaro
    FireEye Network Security, FireEye
    Learn More
    Sophos
    Trellix
    Video Not Available
    Overview

    Sophos UTM is a unified threat management platform designed to protect your businesses from known and emerging malware including viruses, rootkits and spyware. The solution provides a complete network security package with everything your organization needs in a single modular appliance.

    Sophos UTM Features

    Sophos UTM has many valuable key features. Some of the most useful ones include:

    • Web and Email Filtering
    • General Management
    • Network Protection
    • Network Routing and Services
    • Advanced Threat Protection
    • Authentication
    • Email Encryption and DLP
    • Web Policy
    • End-User Portal
    • VPN IPsec Client, VPN SSL Client, and Clientless VPN
    • Web Application Firewall Protection
    • UTM Endpoint Protection and Management
    • SEC Endpoint Integration
    • Logging and Reporting

    Sophos UTM Benefits

    There are many benefits to implementing Sophos UTM. Some of the biggest advantages the solution offers include:

    • Simplifies your IT security without the complexity of multiple point solutions
    • Intuitive interface to help you quickly create policies to control security risks
    • Provides clear, detailed reports to give you the insight you need to improve your network performance and protection
    • Complete control to block, allow, shape and prioritize applications
    • Two-factor authentication with one-time password (OTP)
    • Integrated wireless controller
    • Allows you to connect remote offices with easy VPN and Wi-Fi

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Sophos UTM solution.

    PeerSpot user Dana B., Network Administrator at a manufacturing company, says “The web and email filtering are the two biggest and most valuable aspects of the solution for us. The solution overall has just been a good, cost-effective solution for us. The solution offers a lot of functionality. The solution scales well. We've found the technical support to be helpful. The stability and performance are quite good.”

    A Technical Director at a security firm mentions, "Sophos SG UTM had all the basic functionality that you needed. It is user-friendly and easy to manage for any integrator."

    Marek M., Senior Network Engineer at a computer software company, comments, “Sophos UTM is the simplest of these products to set up. If you follow the instructions using the wizard, which is just a few steps, then you will have a firewall to protect you and your customer.”

    A Software Sales Manager at a tech services company explains, “The overall visibility of the console is what I find most valuable, plus it's very user-friendly. It can be integrated with other solutions such as SOAR, SIEM, etc., even when you have an existing firewall. I really like that the console can be integrated. You'll see everything on the same window, and the single window feature of the machine is so good. These are the features I really like.”

    James D., IT Manager at Manual Workers Union, states, “The fact that it's on the cloud means we don't have to administer it on our network or deal with a physical machine, which saves us money. The solution has many great features. From the console, we can start different scannings on different machines. We enjoy the centralized reporting part of it. The initial setup is simple. We enjoy its general stability. The solution can scale. So far, the solution has been problem-free.”

    Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

    Sample Customers
    One Housing Group
    FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
    Top Industries
    REVIEWERS
    Comms Service Provider12%
    Manufacturing Company12%
    Financial Services Firm10%
    Computer Software Company9%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Comms Service Provider9%
    Government9%
    Educational Organization6%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company13%
    Government9%
    University9%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company10%
    Manufacturing Company8%
    Government7%
    Company Size
    REVIEWERS
    Small Business58%
    Midsize Enterprise20%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business37%
    Midsize Enterprise19%
    Large Enterprise44%
    REVIEWERS
    Small Business39%
    Midsize Enterprise18%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise12%
    Large Enterprise68%
    Buyer's Guide
    Unified Threat Management (UTM)
    May 2024
    Download Free Report
    Find out what your peers are saying about Check Point Software Technologies, Cisco, Sophos and others in Unified Threat Management (UTM). Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Sophos UTM is rated 8.4, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Fortinet FortiGate, Zscaler Internet Access and Vectra AI.

    We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.