Share your experience using Confluera

My current use case for Darktrace is network detection and response.

The functions I find most valuable in Darktrace are the AI analyst as well as the detection.The autonomous response capabilities of Darktrace are not crucial for me because it doesn't work in a network where there are no core switches. In a modern network, the autonomous response doesn't work, especially when sitting in a shared data center.If I'm running a traditional network where I am not in a shared data center with a layer two dedicated for my resources, then it can work for me. However, if I am in a data center where I don't have layer two, it becomes an issue because the autonomous response is reliant on sending spoofed TCP resets to my core switch to block traffic, which is a major issue.

I am uncertain what would make Darktrace better because of the autonomous response issue. In a shared environment, it doesn't work, and there are still some integration issues. They say they can integrate with most firewalls, but when we did an integration with Meraki MX firewalls, that integration didn't work and still doesn't work to this day.

I've been working with Darktrace for more than five years.

For stability, I would rate Darktrace an eight out of ten.

For scalability, I would rate it an eight out of ten because they integrate with many technologies.

The technical support from Darktrace is very good, including support from their resellers. We worked with Grove, who are with 360 Integrity now, and they are quite good.

Positive

The initial setup process for Darktrace is complex because I need a network technician or engineer to configure the span port on my core switches, and I need assistance to choose which VLANs I want to ingest traffic from. Beyond that, everything is easy; the management of Darktrace is quite easy. Making exclusions is easy, and investigating within the platform is quite easy. However, the initial setup becomes complex due to the requirement of getting someone to create the span, and needing a dedicated span for Darktrace on the switch.

The main competitor of Darktrace at the moment, based on how long they've been in the market, would be Vectra. Vectra does a similar thing, but Darktrace would beat Vectra based on the algorithms that Darktrace is using because Darktrace's algorithms in terms of AI and ML are quite good.Cisco is also coming with some technologies such as Cisco Secure Analytics, network analytics, and Cisco Secure Cloud Analytics. That technology is quite good because if running mainly on Cisco, such as SD-WAN Meraki devices with remote workers using Cisco Umbrella or AnyConnect, pulling data from them and pushing it into an XDR or Secure Analytics can be quite effective, providing reachability, visibility, and scalability.

Regarding the number of IPs monitored using Darktrace, they provide licenses that allow monitoring of around 16,000 IP addresses, and they give a buffer. Monitoring is possible for as many devices as long as they are in line with the traffic. However, devices that are not in line with the spanning won't be visible, which means there is no visibility.My recommendation for Darktrace would be based on the kind of network someone is running. If someone is running a network where they have dedicated layer two switches, I would most definitely recommend Darktrace as it's a good product. However, if someone is running in a shared environment where they share the layer two with other customers in that data center, then Darktrace wouldn't be suitable.For an overall rating, I would give Darktrace an eight out of ten.

On-premises

Other

We have moved to Palo Alto Networks URL Filtering with PAN-DB.

I still work with Palo Alto Networks URL Filtering with PAN-DB for Asia Petroleum Limited.

I am speaking about Palo Alto Networks URL Filtering with PAN-DB VM-Series firewall.

We are using Palo Alto Networks URL Filtering with PAN-DB as a full guard advanced wildfire URL filtering, DP, with DNS security.

PanDB is what I use for URL filtering.

For Palo Alto Networks URL Filtering with PAN-DB, we are normally using Office 365 exchange services and SharePoint, so user access from laptops, and we are using a DVP PanDB private cloud for accessing Office 365 applications.

When it comes to Palo Alto Networks URL Filtering with PAN-DB, it has totally changed compared to Sophos. This is very advanced compared to Sophos. The options, especially in the OS of Palo Alto, are very stable.

The best advantages of Palo Alto Networks URL Filtering with PAN-DB compared to Sophos are that URL filtering is very advanced. All the functions of content filtering are content-based and connect with App ID. This is a very useful tool compared to Sophos. The main feature is the App ID, and basic filtering works based on App ID. Every application is assigned an App ID, and all filtering is done through that ID.

I think URL filtering could be better to some extent.

Improvements could be made in Palo Alto Networks URL Filtering with PAN-DB compared to Sophos. The URL filtering option in Palo Alto gives a very clear vision of the network and the applications using URL filtering. If you assign a user in a group not to access certain URLs, that user should only be allowed to access LinkedIn without running videos. However, deep URL filtering in Palo Alto is not configurable. One user can have access to LinkedIn with video running, while another cannot. They should improve this deep analysis of URL filtering options.

We have been using URL filtering with PanDB for three months, as our license for Sophos expired recently.

The installation of Palo Alto Networks URL Filtering with PAN-DB is quite difficult compared to others. It is not very user-friendly because the options are very typical to configure. First, we install it with the support of the vendor, then we try to configure it ourselves, but it's not familiar and not easy to configure. There are too many options, and it takes a lot of time. If you don't read through the internet, you cannot configure it because the option names are very different from what you're used to.

Palo Alto Networks URL Filtering with PAN-DB is stable, and I haven't seen glitches. It is the number one product in the Gartner report. Forrester also says Palo Alto is a leader in 2024.

Palo Alto Networks URL Filtering with PAN-DB is very scalable, and we also monitor it ourselves. If we need any support, we open a ticket on Prisma and resolve the issues.

Technical support from Palo Alto is very good.

I would rate the support as a three out of ten.

I would rate support from Palo Alto Networks URL Filtering with PAN-DB around nine.

Positive

We installed with a vendor as we are not a very big network. It is a small network of a total of 150 users. We only run internal applications in our network, using Office 365 cloud, not any critical applications using the cloud.

I think Palo Alto Networks URL Filtering with PAN-DB is too costly compared to others.

Regarding real-time analysis with Palo Alto Networks URL Filtering with PAN-DB, it's also good compared to Fortinet and Palo Alto. We are starting to not use it for a long time, but if you use Prisma Access in the cloud, you can check all the application filtering data and have a clear bird's-eye view of your network through Prisma Access.

Currently, we do not need maintenance for Palo Alto Networks URL Filtering with PAN-DB, but we plan to in the future.

Regarding AI features, I have seen some advanced AI integration with Palo Alto Networks URL Filtering with PAN-DB. If you configure it not on your own and try to configure via AI, you can create a rule. The AI function, called AI ops, is very advanced. I am not currently using it, but I attended a seminar where I learned about AI features in Palo Alto. Even if you are not capable of configuring the firewall on your own, it's possible to do it via AI. You simply ask them to create rules, and they create them for you while also providing step-by-step configuration notes in PDF format. This is very advanced.

I would rate Palo Alto Networks URL Filtering with PAN-DB a perfect 10 out of 10.

Private Cloud

Other