"The deployment capability is a great feature."
"Microsoft Defender for Office 365 is a stable solution."
"Does a thorough job of examining email and URLs for malicious content."
"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us."
"The good part is that you don't have to configure it, which is very convenient."
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs."
"The solution is easy to manage."
"Overall, it works fine. Its interface is also fine."
"Compared to other solutions, it's easy to configure and implement because of the templates. The timing of scanning files is faster."
"The scanner office document as well as PDF are useful. The most valuable thing is that you can emulate different operating systems without having the danger of getting something infected. It emulates several operating systems, and as a result, you either get the file or you don't get the file."
"Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox"
"Fortinet FortiSandbox is scalable."
"The most valuable features are the packet inspection and the automated incident response."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The solution is really scalable for the high-end power, enterprise customer."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The most valuable feature is the security that it provides."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The newer 11.5 version that my team is using has found it to have good mapping."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email."
"Configuration requires going to a lot of places rather than just accessing one tab."
"This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"The custom alerts have to improve a lot."
"It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."
"The initial setup is not too complex but could be easier."
"If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."
"The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed."
"I don't know if it is viable to do an improvement like this. When there are passwords in the password-protected files, it can't scan them or do things like this. I don't know if an algorithm or something else could make it better. Nowadays, many legitimate office documents have passwords."
"There could be more templates and a higher number of simulated VMs to configure more use cases. Sometimes we need to configure many use cases in many different environments, and if the number of VMs that we configure is limited, we have to remove some and reconfigure the environment if we need another environment."
"The reporting tools could be improved in Fortinet FortiSandbox."
"If we can have more dashboards, it would be good."
"Technical support could be improved."
"An area for improvement would be better automation and more inbuilt use cases."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The initial setup is complex. There are other solutions that are easier to implement."
"The solution should have more integration capabilities with different platforms."
"More customizability is required, which is something that they need to improve on."
"It is not so easy to customize this product."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:
- Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.
- Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.
- A complete solution for collaboration that protects you from attacks across the kill chain.
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Today’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It's also a key component of our Advanced Threat Protection solution.
If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.
Fortinet FortiSandbox is ranked 8th in Advanced Threat Protection (ATP) with 7 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 7th in Advanced Threat Protection (ATP) with 12 reviews. Fortinet FortiSandbox is rated 8.0, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 8.0. The top reviewer of Fortinet FortiSandbox writes "Good performance and integration capabilities with good technical support". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Economical with good technical support and is easily scalable". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Check Point SandBlast Network, FireEye Network Security, McAfee Advanced Threat Defense and Symantec Advanced Threat Protection, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, RSA enVision, ArcSight Enterprise Security Manager (ESM) and Elastic Security. See our Fortinet FortiSandbox vs. RSA NetWitness Logs and Packets (RSA SIEM) report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.