Try our new research platform with insights from 80,000+ expert users

Sophos UTM vs Trellix Network Detection and Response comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
6.9
Sophos UTM offers competitive pricing and extensive security coverage, leading to swift ROI and improved network management efficiency.
Sentiment score
8.5
Trellix Network Detection and Response exceeded expectations by improving threat prevention and detection, boosting productivity and reducing response times.
 

Customer Service

Sentiment score
6.9
Sophos UTM is praised for responsive, knowledgeable support, despite occasional complaints, earning high marks for customer service.
Sentiment score
6.8
Trellix's support is praised for responsiveness, but improvements in expertise and incident response promptness are suggested by some.
The technical support by Sophos is amazing, especially when I pay for the enhanced support.
Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents.
 

Scalability Issues

Sentiment score
8.5
Sophos UTM scales well with proper sizing, enabling easy expansion in various environments from small setups to large networks.
Sentiment score
7.8
Trellix Network Detection and Response scales effectively in various industries, performing well in large enterprises without latency issues.
 

Stability Issues

Sentiment score
8.3
Sophos UTM is stable and reliable, with minimal issues, though updates can occasionally cause temporary problems.
Sentiment score
7.7
Trellix Network Detection and Response is stable and reliable, with consistent performance and high user satisfaction despite occasional minor issues.
 

Room For Improvement

Sophos UTM users seek improved scalability, performance, VPN capabilities, interface usability, cost transparency, support, and simplified management features.
Trellix Network Detection needs improved customization, integration, AI capabilities, support services, and a more user-friendly interface at reduced pricing.
I would love to see artificial intelligence capabilities integrated into Sophos UTM.
With artificial intelligence, there is room for improvement in all antivirus and security software.
There should be improvements in AI intelligence, faster decision-making, and a more responsive technical support team.
 

Setup Cost

Sophos UTM offers competitive pricing with varied licensing options, though some users find it costly compared to alternatives.
Trellix Network Detection is costly but effective, with yearly licensing, discounts, and competitive pricing against some competitors like Palo Alto.
The value between what I receive and what I pay is the best in the industry.
Pricing has become expensive recently due to the dollar hike and naira value changes in Nigeria.
 

Valuable Features

Sophos UTM provides scalable security with web protection, VPN, centralized management, and integration, suitable for all business sizes.
Trellix excels in threat protection with AI-driven analysis, automation, and enhanced visibility, benefiting security operations and incident management.
The zero-day protection and firewall rules are some of the most effective features for threat management.
This integration of the antivirus and the firewall works together to enhance security.
Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch.
 

Categories and Ranking

Sophos UTM
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
113
Ranking in other categories
Unified Threat Management (UTM) (6th)
Trellix Network Detection a...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Advanced Threat Protection (ATP) (12th), Network Detection and Response (NDR) (10th)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Sophos UTM is designed for Unified Threat Management (UTM) and holds a mindshare of 14.7%, up 13.6% compared to last year.
Trellix Network Detection and Response, on the other hand, focuses on Advanced Threat Protection (ATP), holds 5.3% mindshare, up 4.5% since last year.
Unified Threat Management (UTM)
Advanced Threat Protection (ATP)
 

Featured Reviews

Samaila Yusuf - PeerSpot reviewer
Network protection strengthens through effective threat management features and secure access control
The zero-day protection and firewall rules are some of the most effective features for threat management. I can set the rules and features, and also use IPsec to connect all my on-premises servers and link them to Sophos UTM so that they are protected even when in the cloud. Additionally, I use it to control access into the building through a captive portal integrated across all the PCs we have, ensuring secure access only for authenticated users.
BiswabhanuPanda - PeerSpot reviewer
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one
The in-depth investigation capabilities are a major advantage. When the system flags something as malicious, it provides a packet capture of that activity within the environment. That helps my team quickly identify additional context that most other tools wouldn't offer – like source IP or base64 encoded data. We can also see DNS requests and other details that aren't readily available in solutions like Check Point or others that we've tried. The detection itself is solid, and their sandboxing is powerful. There's a learning curve – you need a strong grasp of OS-level changes, process forking, registry changes, and the potential impact of those. But with that knowledge, the level of information Trellix provides is far greater than what we've seen elsewhere. The real-time response capability of Trellix has been quite effective, although it's not very fast. The key is this solution's concept of 'preference zero.' They don't immediately act on a zero-day. For example, the solution has seen a piece of malware for the first time. It'll let it in, then do sandboxing. Maybe after four or five minutes, it identifies that specific file's DNX Secure Store as malicious. At that point, they update the static analysis engine, and it gets detected if anything else tries to download the same file. There is that initial 'preference zero' concept, like with Panda. You may not hold traffic in the network. That's standard in the industry; we don't do much about it. To address that, we also have endpoint solutions. We use SentinelOne in our environment, which helps us identify threats like Western Bureaus and others.
report
Use our free recommendation engine to learn which Unified Threat Management (UTM) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Comparison Review

it_user216600 - PeerSpot reviewer
Jan 3, 2016
Sophos UTM vs. Fortinet FortiGate
I have used both Sophos and Fortinet products in production and I have found the Sophos UTM appliances (hardware and virtual) to be a better fit most of the time -- with a few caveats which I will touch on below. In both instances, the transition from TMG will be mostly straightforward. The main…
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Comms Service Provider
8%
Government
7%
Manufacturing Company
7%
Financial Services Firm
13%
Comms Service Provider
11%
Manufacturing Company
10%
Computer Software Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite good. The most valuable features for me are their web and email filtering. I wou...
What do you like most about Sophos UTM?
The most valuable feature of Sophos UTM is the endpoint protection feature.
What is your experience regarding pricing and costs for Sophos UTM?
The value between what I receive and what I pay is the best in the industry.
What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
What is your experience regarding pricing and costs for FireEye Network Security?
While I do not handle pricing directly, it is known that there is a variety of customers with different licensing needs, which depends on the organization's size and policy.
What needs improvement with FireEye Network Security?
The Trellix solution could be improved by enhancing the Central Management Console for faster visibility, which would help in network detection response. Networking often involves complexity that c...
 

Also Known As

Astaro
FireEye Network Security, FireEye
 

Overview

 

Sample Customers

One Housing Group
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
Find out what your peers are saying about Check Point Software Technologies, WatchGuard, Cisco and others in Unified Threat Management (UTM). Updated: June 2025.
859,687 professionals have used our research since 2012.