Coming October 25: PeerSpot Awards will be announced! Learn more

FireEye Network Security vs RSA NetWitness Logs and Packets (RSA SIEM) comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between FireEye Network Security and RSA NetWitness Logs and Packets (RSA SIEM) based on real PeerSpot user reviews.

Find out in this report how the two ATP (Advanced Threat Protection) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) report (Updated: September 2022).
635,987 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time.""The good part is that you don't have to configure it, which is very convenient.""It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It mentions the versions it has, and it updates. Within two hours of an update, it is reflected in the dashboard. That's really nice to have.""The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance.""Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links.""Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features.""The basic features are okay and I'm satisfied with the Defender.""The deployment capability is a great feature."

More Microsoft Defender for Office 365 Pros →

"The most valuable feature is the network security module.""The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design.""I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went.""It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye.""The solution can scale.""The server appliance is good.""It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities.""Very functional and good for detecting malicious traffic."

More FireEye Network Security Pros →

"It's quite economical compared to other solutions in the market.""The software is scalable to whatever is required, and you can also put a lot of resources in the cloud.""The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools.""The solution is really scalable for the high-end power, enterprise customer.""The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language.""I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution.""Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports.""Offers a good wireless feature."

More RSA NetWitness Logs and Packets (RSA SIEM) Pros →

Cons
"This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products.""The custom alerts have to improve a lot.""In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.""Configuration requires going to a lot of places rather than just accessing one tab.""We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email.""It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.""There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."

More Microsoft Defender for Office 365 Cons →

"Technical support could be improved.""FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically.""It is an expensive solution.""Technical packaging could be improved.""I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet.""It is very expensive, the price could be better.""They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules.""Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."

More FireEye Network Security Cons →

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine.""RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms.""The solution should have more integration capabilities with different platforms.""Technical support could be improved.""There are instances where you try to run the reports and then it does not give you the desired outcome.""The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too.""The multi-tenant capabilities are lagging compared to IBM QRadar.""If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."

More RSA NetWitness Logs and Packets (RSA SIEM) Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "The user fee is not as high but the maintenance fee is expensive."
  • "It's an expensive solution."
  • "Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."
  • "When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."
  • More FireEye Network Security Pricing and Cost Advice →

  • "There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
  • "We are on an annual license for the use of the solution."
  • "RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
  • "We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
  • "Compared to the competition, the is price is not that high."
  • More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which ATP (Advanced Threat Protection) solutions are best for your needs.
    635,987 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:It also gives the vulnerability status according to the versions you have selected. Let's say you have Google Chrome. It… more »
    Top Answer:I would recommend Microsoft Defender for Office 365. If you already have a deployment method, like CCM or something… more »
    Top Answer:In one of the reports, I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go… more »
    Top Answer:It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is… more »
    Top Answer:Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis.
    Top Answer:Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official… more »
    Top Answer:It would help if they could provide the malware analytics in the core package as that would make the cost more… more »
    Top Answer:I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's… more »
    Comparisons
    Also Known As
    MS Defender for Office 365
    FireEye
    RSA Security Analytics
    Learn More
    Overview

    Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:

    - Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.

    - Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.

    - A complete solution for collaboration that protects you from attacks across the kill chain.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    FireEye Network Security is an advanced threat protection and breach detection platform that provides industry leading threat visibility and protection against the world’s most sophisticated and damaging attacks. By leveraging FireEye’s unique technologies and threat intelligence, FireEye Network Security detects what other security solutions miss, providing holistic security from the perimeter to the network core.

    If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

    Offer
    Learn more about Microsoft Defender for Office 365
    Learn more about FireEye Network Security
    Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Manufacturing Company25%
    Comms Service Provider25%
    Performing Arts13%
    Logistics Company13%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider11%
    Government8%
    Financial Services Firm7%
    REVIEWERS
    Financial Services Firm27%
    Manufacturing Company13%
    Comms Service Provider13%
    University13%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider14%
    Financial Services Firm11%
    Government8%
    REVIEWERS
    Comms Service Provider31%
    Financial Services Firm25%
    Computer Software Company25%
    Manufacturing Company13%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider17%
    Financial Services Firm11%
    Government10%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise27%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise18%
    Large Enterprise55%
    REVIEWERS
    Small Business39%
    Midsize Enterprise19%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise16%
    Large Enterprise64%
    REVIEWERS
    Small Business26%
    Midsize Enterprise11%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise15%
    Large Enterprise63%
    Buyer's Guide
    FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM)
    September 2022
    Find out what your peers are saying about FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: September 2022.
    635,987 professionals have used our research since 2012.

    FireEye Network Security is ranked 8th in ATP (Advanced Threat Protection) with 7 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 7th in ATP (Advanced Threat Protection) with 12 reviews. FireEye Network Security is rated 8.8, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.4. The top reviewer of FireEye Network Security writes "A reliable and complete network protection solution that protects from signature-based and signature-less attacks and has powerful logging". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Economical with good technical support and is easily scalable". FireEye Network Security is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, Zscaler Internet Access, Check Point SandBlast Network and Cisco ASA Firewall, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, RSA enVision, ArcSight Enterprise Security Manager (ESM) and Cisco Secure Network Analytics. See our FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) report.

    See our list of best ATP (Advanced Threat Protection) vendors.

    We monitor all ATP (Advanced Threat Protection) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.