We performed a comparison between Check Point Security Management and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The pricing of the product is excellent."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Check Point Security Management Server offers a wide range of security features, including firewall, intrusion prevention, VPN, application control, and threat prevention capabilities."
"The management API is the best new feature for me. It allows us to further automate our customers' automated server ordering."
"The cluster solution made our job easier any fault to the device will not halt entire internet connectivity."
"The log dashboard in the SmartConsole is very useful and convenient for monitoring and tracking."
"It provides for capabilities and has allowed us to be more scalable."
"Regarding the tool's valuable features, I would say that Check Point is a very accessible and fast tool, especially when dealing with logs for the first time."
"We can easily push the policies to any of our gateways."
"The firewall cleverly handles such attacks without compromising on performance."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Technical support is always great."
"We are able to diagnose problems before our customers."
"Support has been excellent. Sumo Logic's support staff is really good, both their account management staff and direct support."
"It provides easy visibility. I also like the shareable queries because we share a lot across groups."
"The features I found valuable with the Sumo Logic Security solution are the search option and the ability to customize the search for the information in the logs."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"For many of our services, we use Sumo Logic to track errors and send notifications to our Slack channel, if there are issues. Then, we have our support people monitoring this, and they can react quickly."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The only thing is sometimes you can have a false positive."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"We'd like to see more connectors."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"I would like this solution to be integrated directly into the Cluster XL equipment."
"They need to make a Mac version of the SmartConsole, in my opinion."
"We would like to improve the upgrade process in order to do mass upgrades to firewalls and to be able to upgrade target firewalls at the same time."
"The usability of the solution could be improved."
"In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer."
"It would be helpful if we could enable URL and application traffic control remote access."
"Among the things that I would like in the future is for the solution to have its application on Android and iOS, as many of the administrators have adopted remote administration positions due to what has happened since the pandemic. This would help us to have an easier and simpler administration."
"Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture."
"I would like better UI-driven functionality to create alerts and reports. Now, we have to understand the syntax, so it is a little difficult for someone to pick it up without using the manuals. If there was more of a graphical user interface, it would be beneficial."
"We would like the ability to drill down into a dashboard and get into deeper levels."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"There needs to be improvement on imported data which can be used within Sumo Logic to do more advanced queries."
"The solution should improve its UI."
"Sumo Logic Security is expensive, and its pricing could be improved."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"The initial setup is the most stressful, like learning how to use it."
More Check Point Security Management Pricing and Cost Advice →
Check Point Security Management is ranked 9th in Log Management with 55 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. Check Point Security Management is rated 8.8, while Sumo Logic Security is rated 8.6. The top reviewer of Check Point Security Management writes "Great DDoS protection, high availability, and useful firewall rule implementation". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". Check Point Security Management is most compared with Wazuh, Fortinet FortiAnalyzer, IBM Security QRadar, LogRhythm SIEM and Splunk Cloud Platform, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our Check Point Security Management vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.