Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSandbox vs NetWitness Platform comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSandbox
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (3rd), Threat Deception Platforms (7th)
NetWitness Platform
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (37th), Security Information and Event Management (SIEM) (29th)
 

Mindshare comparison

Fortinet FortiSandbox and NetWitness Platform aren’t in the same category and serve different purposes. Fortinet FortiSandbox is designed for Advanced Threat Protection (ATP) and holds a mindshare of 9.7%, up 9.5% compared to last year.
NetWitness Platform, on the other hand, focuses on Log Management, holds 0.3% mindshare, down 0.4% since last year.
Advanced Threat Protection (ATP)
Log Management
 

Featured Reviews

Abdelhamid Saber - PeerSpot reviewer
Enhanced network security with adaptable integration and really good support
We use FortiSandbox for scanning files and images that pass through our networks. It integrates with different devices, such as five adapters and other Fortinet devices It is time-saving and more secure. It saves us from a lot of antivirus and anti-malware issues. The adapter is beneficial as it…
MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The main benefit of Fortinet FortiSandbox is that it allows organizations to detect and prevent unknown threats from entering an infrastructure."
"The scanner office document as well as PDF are useful. The most valuable thing is that you can emulate different operating systems without having the danger of getting something infected. It emulates several operating systems, and as a result, you either get the file or you don't get the file."
"It is a stable solution."
"Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox"
"Overall, it works fine. Its interface is also fine."
"FortiSandbox helps us handle unknown threats. Every vendor is competing for who can detect an unknown threat the fastest. Fortinet is competitive in the market."
"Fortinet FortiSandbox's most valuable feature is the security it provides against threats, such as ransomware. Additionally, it integrates well with APIs."
"The most valuable features of Fortinet FortiSandbox are the analysis options, artificial intelligence, and the many interfaces it provides."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"NetWitness can be highly beneficial for incident detection and response."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Performance and reporting are very good."
 

Cons

"The reporting tools could be improved in Fortinet FortiSandbox."
"The main area of concern in Fortinet FortiSandbox is its detection capabilities."
"It can be difficult if you need to use the Command Line Interface (CLI). It's much easier if you only have to deal with the GUI."
"In the next release, I would like to see machine learning and anti-exploitation included."
"The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed."
"It would be better if it had support for Mac and Linux."
"The licensing can be very confusing. It needs to be simplified."
"At least once a week we have a false alarm. This needs to be adjusted so that we get fewer of these occurrences."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The log system is a bit complex and has room for improvement."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
 

Pricing and Cost Advice

"The price is competitive."
"The solution is not expensive at all."
"We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well."
"The solution is unavailable at a lower cost and can be difficult to deploy."
"Fortinet FortiSandbox is a nominally priced product, so I would not say that it is a very cheap tool."
"There are no costs in addition to the standard licensing fees."
"The price of Fortinet FortiSandbox is expensive."
"There are additional costs, which isn't included in the licensing fee."
"It’s cheaper to run virtual machines in a VMware environment."
"It is cheap."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"Our license is for one year."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"The product price was reasonable for my region and the market."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Government
12%
Financial Services Firm
10%
Manufacturing Company
7%
Financial Services Firm
18%
Computer Software Company
17%
Government
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSandbox?
The real-time analysis capability of FortiSandbox is beneficial for email analysis.
What is your experience regarding pricing and costs for Fortinet FortiSandbox?
I think it's affordable. For the six to seven months of usage, the cost has been reasonable.
What needs improvement with Fortinet FortiSandbox?
We sometimes face a delay in email scanning due to not having multiple virtual machines. Improvements could be made in dynamic scanning, scanning all email components such as URLs and attachments, ...
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
 

Also Known As

FortiSandbox
RSA Security Analytics
 

Overview

 

Sample Customers

Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
Los Angeles World Airports, Reply
Find out what your peers are saying about Fortinet FortiSandbox vs. NetWitness Platform and other solutions. Updated: September 2022.
859,687 professionals have used our research since 2012.