We performed a comparison between IBM Security QRadar and Check Point Harmony Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: IBM Security QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Check Point Harmony Endpoint provides a sophisticated defense against ransomware and phishing attacks. The solution is praised for its forensic analysis and VPN connectivity. IBM QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture. Users say Check Point could improve its endpoint vulnerability management and threat-hunting features.
Service and Support: Some customers of IBM Security QRadar have had trouble connecting with knowledgeable support staff and experienced delayed responses. While several users lauded Check Point support for its problem-solving skills, others said there is room for improvement.
Ease of Deployment: IBM Security QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set. Setting up Check Point Harmony Endpoint is uncomplicated, and one admin is usually enough for the job. It may take time to configure the solution due to the wide range of available blades.
Pricing: IBM Security QRadar can be costly because users need to buy new hardware to upgrade. Users generally find the price of Check Point Harmony Endpoint to be reasonable and competitive. They perceive it as more cost-effective than other solutions, though some said it could be lower.
ROI: IBM Security QRadar delivers a high return on investment, improving security through its advanced user behavior analytics. Check Point Harmony Endpoint provides a comprehensive and economical solution, and customers say the product has helped them grow.
Comparison Results: Our users prefer IBM Security QRadar over Check Point Harmony Endpoint. The advanced security features and overall strength of QRadar make it the favored option. Users like QRadar's extensive and actionable insights, user-friendly interface, and adaptability. QRadar offers a comprehensive overview of network activity and risk management.
"The stability is very good."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The setup is pretty simple."
"Ability to get forensics details and also memory exfiltration."
"The product's initial setup phase is very easy."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Resource overheads have been reduced and we are overall more secure as a business."
"The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers."
"The forensics allows us to search retrospectively for an URL or file opened by users, for example, when you need to quickly check who else has clicked on a phishing link."
"It's easy to scale as needed."
"The most valuable feature is forensics."
"One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users machine. This is a very valuable feature of this solution."
"The communication with the console is very dynamic and remote, without the need to return to the computer locally."
"It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"Network-Based Anomaly Detection (NBAD): Using NetFlow, JFlow, SFlow, or QFlow (all 7 layers), offenses are detected as a response when a rule is triggered."
"The feature that I find the most useful is that IBM QRadar User Behavior Analytics is free of charge. It's a fully free product that can be installed on top of IBM QRadar SIEM."
"There are a lot of great out-of-the-box features included."
"It's built around Red Hat Linux, which is highly robust."
"I have found IBM QRadar to be stable."
"In terms of the most valuable features, the log collections and log processing mechanisms are good. They have good dashboards."
"It has improved my efficiency."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The dashboard isn't easy to access and manage."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR can be improved by providing more detailed reporting."
"The solution should address emerging threats like SQL injection."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"ZTNA can improve latency."
"They should also add new functions such as threat hunting."
"Technical support needs to be improved, along with the response time."
"Areas that have room for improvement are the scope of the product and, while I think the support is good, they can improve support as well."
"We would like to have the ability to stop and restart the service remotely, which is something that we can do easily with Symantec but have a hard time with when using Check Point."
"The next release should consider a strong threat detection mechanism that can categorize various levels of attacks for faster analysis."
"The Infinity Portal login is "iffy" at times."
"It gives you an alert for malicious sites, which, after searching on the Google database, don't come out to be the same."
"There are still functionalities that I have not been able to fully test and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point."
"There are a lot of things they are working on and a lot of technologies that are not yet there. They should probably work out a better reserve with their ecosystem of business partners and create wider and more in-depth qualities, third-party tools, and add-ons. These things really give immediate business value. For instance, there are many limitations in using SAP, EBS, or Micro-Dynamics. A lot of things that are happening in those platforms could also be monitored and allowed from the cybersecurity risks perspective. IBM might be leaving this gap or empty space for business partners. Some larger organizations might already be doing this. It would be very nice if IBM can make some artificial intelligence part free of charge for all current QRadar users. This would be a big advantage as compared to other competitors. There are companies that are going in different directions. Of course, you can't do everything inside QRadar. In general, it might be very good for all players to provide more use cases, especially regarding data protection and leakage prevention. There are some who are already doing some kind of file integrity or gathering some more information from all possible technologies for building anything related to the user and data analysis, content analysis, and management regarding the data protection."
"While the interface is easy to use, it could be a little more responsive."
"There is a shortage of skilled individuals with knowledge about the solution. There is training required."
"I would like for Yara to be supported by all components."
"Ideally we would like a mobile version so that any alert that comes in will notify us in a mobile app, or by using SMS integration."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"Do your research before implementing it, because it is tough to implement."
"It would be good if the program allowed certain profiles to only see certain customer information."
Check Point Harmony Endpoint is ranked 7th in Endpoint Detection and Response (EDR) with 101 reviews while IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews. Check Point Harmony Endpoint is rated 8.8, while IBM Security QRadar is rated 8.0. The top reviewer of Check Point Harmony Endpoint writes "Excellent anti-ransomware protection, zero-day phishing protection, and web browsing filtering". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Check Point Harmony Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business and SentinelOne Singularity Complete, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security. See our Check Point Harmony Endpoint vs. IBM Security QRadar report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.