Arista NDR vs Nagios Network Analyzer comparison

Cancel
You must select at least 2 products to compare!
Vectra AI Logo
14,799 views|7,269 comparisons
Arista Logo
3,391 views|1,488 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Arista NDR and Nagios Network Analyzer based on real PeerSpot user reviews.

Find out in this report how the two Network Traffic Analysis (NTA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Arista NDR vs. Nagios Network Analyzer Report (Updated: November 2022).
655,711 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into.""Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis.""It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload.""What I like best about Vectra AI is that it alerts you about suspicious activities.""It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra.""One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us.""The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."

More Vectra AI Pros →

"The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'""The interface itself is clean and easy to use, yet customizable. I like that I can create my own dashboards fairly easily so that I can see what is important to me. Also, the query language is pretty easy to use. I haven't needed to use it a ton, but as I need to go in and do different queries based on their requests, it has been fairly simple to use.""The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that.""When I create a workbench query in Awake to do threat hunting, it's much easier to query. You get a dictionary popup immediately when you try to type a new query. It says, "You want to search for a device?" Then you type in "D-E," and it gives you a list of commands, like device, data set behavior, etc. That gives you the ability to build your own query.""It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now."

More Arista NDR Pros →

"The initial setup is easy.""I have found that it has a good GUI and user-friendly administration."

More Nagios Network Analyzer Pros →

Cons
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard.""An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical.""The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful.""Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass.""If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company.""I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats.""I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."

More Vectra AI Cons →

"One thing I would like to see is a little bit more education or experience on AWS cloud for their managed services team. We've explained how we have the information set up, that the traffic coming in goes to the AWS load balancer and then gets sent on to our internal servers... but when I get notices they always tell me this traffic is coming from the IPs belonging to the load balancers, not the source IPs. So a little bit more education for their team about how AWS manages the traffic might help out.""One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far.""When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way.""While the appliance is very good, and I think they're working on it, it would probably help if they integrated the management team cases into the appliance so that everything we are working on with them would be accessible on our platform, on the dashboard, on the portal. Right now, Awake is just an additional team that uses the appliance that we use and then we communicate with them directly. Communication isn't through the portal.""The one thing that the Awake platform lacks is the ability to automate the ingestion of IOCs rather than having to import CSV files or JSON files manually."

More Arista NDR Cons →

"They need to have some automation models embedded in them.""There are some loopholes you need to be aware of from a security perspective."

More Nagios Network Analyzer Cons →

Pricing and Cost Advice
  • "Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
  • "From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country."
  • "Cost is a big factor, as always. However, I think we have a very good price–performance ratio."
  • "Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
  • "Vectra is a bit on the higher side in terms of price, but they have always been transparent. The reason that they are this good is that they invest, so they need to charge accordingly."
  • "My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector."
  • More Vectra AI Pricing and Cost Advice →

  • "We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher."
  • "The solution is very good and the pricing is also better than others..."
  • "The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at."
  • "Awake's pricing was very competitive. It's not a cheap option though. It's an investment to utilize it, but it's one that we decided was worth the cost, with the managed services. At our scale, it was a much better option to utilize their software and their managed services to handle this, rather than hiring another person to be an analyst. It was quite cost-effective for us."
  • "Because I represent a hedge fund, I have some leverage. I told them that they had to meet my conditions if they wanted me as a client. It was the same way with Awake. They wanted an initial four-year agreement. Initially, we signed on for a one-year contract, but they wanted the four-year deal when it came time for the renewal. I told them that I was not doing that. I said that they either had to do it on my terms, or I'd go somewhere else."
  • More Arista NDR Pricing and Cost Advice →

  • "They charge around ten thousand per month for one thousand nodes. That is their overall cost, but it differs on which company you are applying to, whether you are a service provider or an enterprise."
  • More Nagios Network Analyzer Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
    655,711 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the… more »
    Top Answer:The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any… more »
    Top Answer:Vectra is a bit on the higher side in terms of price, but they have always been transparent. The reason that they are… more »
    Top Answer:The query language that they have is quite valuable, especially because the sensor itself is storing some network… more »
    Top Answer:The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other… more »
    Top Answer:One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities… more »
    Top Answer:It is highly customizable and can be integrated well with third-party software.
    Top Answer:The graphics and reports can be a little bit better. You can retrieve all of the data but it could be presented more… more »
    Top Answer:We are a reseller and well sell several Nagios products, including Network Analyzer. It is used for collecting data from… more »
    Comparisons
    Also Known As
    Vectra Networks, Vectra AI NDR
    Awake Security Platform
    Learn More
    Overview

    Vectra threat detection and response is a complete cybersecurity platform that collects, detects, and prioritizes security alerts. The Cognito platform for Network Detection and Response (NDR) detects and responds to attacks inside cloud, data center, Internet of Things, and enterprise networks. The platform also provides automated response capabilities for low-level threats and escalates more severe anomalies to security personnel.

    Cognito captures data for multiple relevant sources and enriches it with context and security insights. It starts by deploying sensors across different networks in datacenters, IoT, or enterprise networks. The algorithm extracts relevant metadata from network and cloud traffic. The information can also be non-security information that can help investigation. 

    The data is enriched with security context to support critical use cases, such as threat detection, investigation, hunting and compliance. The platform is machine learning-based, which enables it to adapt to any new and current threat scenario. It detects, clusters, prioritizes, and anticipates attacks by using identity and host-level enforcement. 

    With the Vectra platform, a person can investigate 50 threats in just two hours. By prioritizing alerts and leveraging threat intelligence, it provides faster results.Vectra solves today’s security challenges for network detection and response. 

    One of Vectra’s best features is the emphasis they put in pairing research and data science for security insights. It offers behavior codification with unsupervised, supervised, and deep learning models. 

    The pricing is according to a subscription model with a free trial available.Vectra is available for Office 365, Azure AD and AWS Brain.

    Features of Vectra AI

    • AI-based threat detection and response. 
    • Detects attacks in real time with behavior-based threat detection. 
    • Consolidates and correlates thousands of events, detecting threats. 
    • Enriches threat investigation with a chain of evidence and data science security insights. 
    • Machine learning techniques, including deep learning and neural networks. 
    • Gives visibility into cyberattackers and analyzes all network traffic. 
    • Continuous updates with new threat detection algorithms. 
    • Provides encryption at rest and in transit. For the AWS version, it offers AES-256 encryption via AWS Key Management Service. 
    • Guaranteed availability according to the SLA of the service selected. 
    • Does not connect to public sector networks. 

    Benefits of Vectra AI

    • Behavioral models use AI to find unknown attackers. 
    • Context increases the accuracy of threat hunting. 
    • Allows for proactive action by prioritizing the most relevant information. 
    • Provides a clear picture and extensive context for investigations. 
    • Aids decision-making in the incident response process. 
    • Helps working with large datasets by capturing metadata at scale. 
    • Automates time-consuming analysis. 
    • Reduces the security analysts’ workloads on threat investigations. 

    Other advantages of Vectra services include that they can be deployed in the public, private, or hybrid cloud. Support is available via email or online ticketing with an average of 4 hours of response. Phone support is available 24/7. 

    Vectra provides full on-site and online training and documentation. Regarding the user interface, it supports several types of web browsers, such as Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari and Opera. However, it is not available for mobile devices.

    Reviews from Real Users

    Here’s what PeerSpot users of Vectra AI have to say about it:

    "One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us." - Dave W., Operations Manager at a healthcare company

    "It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low.” - T.S., Senior Security Engineer at a manufacturing company

    Arista NDR (formerly Awake Security) is the only advanced network detection and response company that delivers answers, not alerts. By combining artificial intelligence with human expertise, Arista NDR hunts for both insider and external attacker behaviors, while providing autonomous triage and response with full forensics across traditional, IoT, and cloud networks. Arista NDR delivers continuous diagnostics for the entire enterprise threat landscape, processes countless network data points, senses abnormalities or threats, and reacts if necessary—all in a matter of seconds. The Arista NDP platform stands out from traditional security because it is designed to mimic the human brain. It recognizes malicious intent and learns over time, giving defenders greater visibility and insight into what threats exist and how to respond to them. 

    The Advent of Advanced Network Detection and Response & Why it Matters

    The 5 Levels of Autonomous Security paper

    Nagios Enterprises delivers official products, services, and solutions for and around Nagios – the industry standard in enterprise-grade IT infrastructure monitoring. With millions of users worldwide, Nagios is the undisputed champion in the IT monitoring space. Our team of dedicated professionals works to ensure total customer satisfaction with all the services we provide. Our extensive network of partners helps extend Nagios services and solutions to new organizations and markets worldwide to meet a variety of business needs. Nagios Enterprises was founded in 2007 by Ethan Galstad. Ethan created what would later become known as Nagios in 1999, and currently serves as the President of Nagios Enterprises.

    Offer
    Learn more about Vectra AI
    Identify hidden network threats


    Your network may have security risks that you don't know about. Schedule a live demo to see how you can use Awake Security to identify and mitigate these threats.

    Learn more about Nagios Network Analyzer
    Sample Customers
    Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
    - Dolby Laboratories- Seattle Genetics- ARM Energy- Ooma- Prophix- Yapstone
    NuBlue, St.Elisabeth Hospital, Akamit Systems, National Radio Astronomy Observatory, ValueClick, Sunrise Banks
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Mining And Metals Company17%
    Retailer17%
    Manufacturing Company11%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider17%
    Financial Services Firm8%
    Government8%
    REVIEWERS
    Insurance Company18%
    Financial Services Firm9%
    Legal Firm9%
    Engineering Company9%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider15%
    Financial Services Firm9%
    Healthcare Company6%
    VISITORS READING REVIEWS
    Computer Software Company25%
    Comms Service Provider7%
    Financial Services Firm7%
    Government7%
    Company Size
    REVIEWERS
    Small Business16%
    Midsize Enterprise5%
    Large Enterprise79%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise15%
    Large Enterprise63%
    REVIEWERS
    Small Business18%
    Midsize Enterprise18%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise18%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise23%
    Large Enterprise54%
    Buyer's Guide
    Arista NDR vs. Nagios Network Analyzer
    November 2022
    Find out what your peers are saying about Arista NDR vs. Nagios Network Analyzer and other solutions. Updated: November 2022.
    655,711 professionals have used our research since 2012.

    Arista NDR is ranked 6th in Network Traffic Analysis (NTA) with 5 reviews while Nagios Network Analyzer is ranked 10th in Network Traffic Analysis (NTA) with 2 reviews. Arista NDR is rated 8.6, while Nagios Network Analyzer is rated 8.0. The top reviewer of Arista NDR writes "it's much easier to create your own queries and hunt for threats". On the other hand, the top reviewer of Nagios Network Analyzer writes "Easy to set up, integrates well with other solutions, and is largely quite stable". Arista NDR is most compared with Darktrace, Cisco Secure Network Analytics, Palo Alto Networks Threat Prevention, ExtraHop Reveal(x) and Corelight, whereas Nagios Network Analyzer is most compared with Darktrace and SolarWinds NetFlow Traffic Analyzer. See our Arista NDR vs. Nagios Network Analyzer report.

    See our list of best Network Traffic Analysis (NTA) vendors.

    We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.