IBM Security QRadar SIEM vs. Sophos UTM

Sophos UTM

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
IBM Security QRadar SIEM	Score 8.7 out of 10	N/A	IBM Security QRadar is security information and event management (SIEM) Software.	N/A
Sophos UTM	Score 8.9 out of 10	N/A	Sophos UTM provides core firewall features, plus sandboxing and AI threat detection for advanced network security. It has customizable deployment options.	N/A

Pricing

IBM Security QRadar SIEM

Sophos UTM

Editions & Modules

No answers on this topic

Offerings

Pricing Offerings
IBM Security QRadar SIEM	Sophos UTM
Free Trial
Yes	Yes
Free/Freemium Version
No	No
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

Additional Details

—

t2.small - $0.123 - Total / hr m3.medium - $0.417 - Total / hr m3.large - $0.883 - Total / hr m3.xlarge - $1.366 - Total / hr m3.2xlarge- $1.982 - Total / hr c3.large - $0.555 - Total / hr c3.xlarge - $1.11 - Total / hr c3.2xlarge - $1.72 - Total / hr c3.4xlarge - $2.59 - Total / hr c3.8xlarge - $3.68 - Total / hr c4.large - $0.55 - Total / hr c4.xlarge - $1.099 - Total / hr c4.2xlarge - $1.698 - Total / hr c4.4xlarge - $2.546 - Total / hr c4.8xlarge - $3.841 - Total / hr m4.large - $0.868 - Total / hr m4.xlarge - $1.365 - Total / hr m4.2xlarge- $1.931 - Total / hr

More Pricing Information

Pricing Info

Community Pulse
	IBM Security QRadar SIEM	Sophos UTM
Top Pros	Pro Easy to use Pro Real time Pro Log sources	Pro Set up Pro User friendly Pro Site vpn
Top Cons	Minus Third party Minus Ease of use Minus Pricing model	Minus Easier to setup Minus Customer support Minus Device management

Features

IBM Security QRadar SIEM

Sophos UTM

Security Information and Event Management (SIEM)

Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
	IBM Security QRadar SIEM 8.7 60 Ratings 11% above category average	Sophos UTM - Ratings
Centralized event and log data collection	9.927 Ratings	00 Ratings
Correlation	8.960 Ratings	00 Ratings
Event and log normalization/management	9.527 Ratings	00 Ratings
Deployment flexibility	7.927 Ratings	00 Ratings
Integration with Identity and Access Management Tools	8.456 Ratings	00 Ratings
Custom dashboards and workspaces	7.660 Ratings	00 Ratings
Host and network-based intrusion detection	9.625 Ratings	00 Ratings
Data integration/API management	9.07 Ratings	00 Ratings
Behavioral analytics and baselining	8.339 Ratings	00 Ratings
Rules-based and algorithmic detection thresholds	9.240 Ratings	00 Ratings
Response orchestration and automation	7.75 Ratings	00 Ratings
Reporting and compliance management	7.838 Ratings	00 Ratings
Incident indexing/searching	8.97 Ratings	00 Ratings

Best Alternatives
	IBM Security QRadar SIEM	Sophos UTM
Small Businesses	AlienVault USM Score 8.0 out of 10	pfSense Score 9.2 out of 10
Medium-sized Companies	Splunk Enterprise Score 8.4 out of 10	pfSense Score 9.2 out of 10
Enterprises	Splunk Enterprise Score 8.4 out of 10	Next-Generation Firewalls - PA Series Score 9.3 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	IBM Security QRadar SIEM	Sophos UTM
Likelihood to Recommend	8.7 (81 ratings)	9.0 (11 ratings)
Likelihood to Renew	9.1 (3 ratings)	- (0 ratings)
Usability	9.1 (1 ratings)	10.0 (1 ratings)
Support Rating	8.6 (55 ratings)	7.9 (3 ratings)
Ease of integration	8.3 (51 ratings)	- (0 ratings)

User Testimonials
	IBM Security QRadar SIEM	Sophos UTM
Likelihood to Recommend	IBM QRadar is very well suited on environments where there are not multiple tenants or domains, we do have success on this kind of scenario. IBM Security QRadar SIEM is less appropriate for environments with multiple tenants, specially when each tenant represent a different End Costumer (such as for MSSP companies), those environments require a high amount of rules and building blocks replications, since each tenant will have its own "BB definitions", servers, rules exception, etc. Also, some information, such as EPS count or EPS dropped are generated by QRadar's own log sources, which takes place on default domain, therefore users associated with different domain can not have access to those logs, even when the information is related to other domain's environment. For example, even if Event Collector 1 is associated to Domain A, the log informing its dropped EPS is generated by System notification, log source that must be associated to Default domain. Incentivized Verified User Anonymous Read full review	Sophos UTM works great if you want a solid, obvious firewall. There's not a lot of second-guessing as to what you are about to do with every change you make. If you incorporate their wireless access points and RED (remote ethernet device) for remote users or small offices, it's considerably much easier to set up than other comparable solutions. If you are looking to manage your firewalls via the cloud, you are out of luck. Incentivized PC Paul Cheng IT Manager Read full review
Pros	IBM Enables identification and prioritization of vulnerabilities in IT infrastructure for corrective action. Facilitates security incident investigation and forensic analysis. Provides a real-time view of security events, enabling immediate incident response. Can integrate with external threat intelligence sources to enrich data and improve threat detection. Enables the generation of detailed and customized reports. Incentivized Brandon Lowry Cyber Security Specialist Read full review	Sophos Firewall Protection. The protection is unmatched, setup it a little daunting, but once set up it pretty much runs itself. Site-to-site VPN. Super easy to deploy so we are able to network all our sites together. The DHCP server function is actually really nice, I prefer using it over the traditional way of using a DC for DHCP. Incentivized Matthew James Systems Administrator \| POS Programming Specialist Read full review
Cons	IBM Need to spend more time configuring the system to properly interpret and normalize different type of data collected from multiple resources. While Rule creation QRadar uses that rules to detect security threats and generate alerts, but to creating and managing rules is bit complex & tedious work to complete. IBM Security QRadar SIEM is excellent in handling large & complex systems that requires in-depth knowledge and extensive training to configure and maintain the system which includes upgrading, optimization of performance & issue troubleshooting. Incentivized NP Neel Patel Sr Cloud Architect Read full review	Sophos Better standard support, it used to be great, now, not so much (for paying customers, that only aquired the Hardware) Better wireless solution, there is always room for that, now that everybody needs robust wifi, even at home! Faster and more robust wireless Access Points, or different vendor-like compatibility. Incentivized Juan Carlos Sanchez Pignalosa CEO And Founder Read full review
Likelihood to Renew	IBM With the arrival of IBM Security QRadar SIEM at our company, we have a better vision of all the security needs that may arise, it is a very safe software to use that prevents threats from damaging our IT environment, it is impossible to change it for another software. Incentivized Paige Jenkins Senior Telecommunications Specialist Read full review	Sophos No answers on this topic
Usability	IBM A very special system to use without problems, the process is very genuine and does not require complicated procedures. Incentivized Paige Jenkins Senior Telecommunications Specialist Read full review	Sophos The interface is no non-sense and easy to understand. No need for any consultants to help implement this solution. The performance is consistent and solid. Paired with a good amount of firmware and definitions, it's hard to find any fault in this product. It's interoperability with other Sophos products make a compelling argument to invest in more Sophos products. Incentivized PC Paul Cheng IT Manager Read full review
Support Rating	IBM Customer support is Good of IBM, While Using IBM QRadar its deployment is to slow and suddenly stop working and crashed we have contacted IBM Support and Rised a Ticket within a few minute we get call back from customer support and Query Resolved by them Fast And Rapid Support of Ibm Incentivized Abhishek Kumar Assistant Manager Read full review	Sophos I find the support fair. The wait can be frustrating when dealing with fire. The pandemic has not helped with this. Although the wait can be long, the support reps are knowledgeable and was able to resolve the issues I was facing. Incentivized MC Michael Cattano Sr. Systems Engineer Read full review
Alternatives Considered	IBM IBM Qradar takes the best from its competitors. Reliable and stable but sometimes very expensive, the SIEM from IBM offers a wide range of scenarios in which the customers can suite and size their own infrastructures. IBM Qradar doesn't really needs to stack up againt its competitors because it already sets an example in the SIEM world. Incentivized Verified User Anonymous Read full review	Sophos I would rate Sophos second on this list right below Webroot. Webroot has an easier user interface and policy builder. However, Sophos would be on top of its UI would be improved. I would rank CrowStrike third and McAfee last. Sophos is great for complex environments that have multiple needs. Incentivized NB Nate Binkley Network System Administrator Read full review
Return on Investment	IBM Offense investigation was really helped in tackling the incidents. It was accurate and brief The automation with IBM resilient (SOAR) was a milestone in elimination of user mistakes The X-Force threat intelligence supported us in getting the work done without any 3rd party enterprise OSINT database Incentivized Verified User Anonymous Read full review	Sophos Sophos has provided a secure Firewall for us. Integration with Sophos Central makes it easier to manage both. Site to site VPN Failover groups has caused more trouble than it's worth. High availability doesn't recognize when you are restarting for an update. Incentivized Verified User Anonymous Read full review
ScreenShots