IT Central Station is now PeerSpot: Here's why

Fortinet FortiSandbox vs RSA NetWitness Logs and Packets (RSA SIEM) comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Buyer's Guide
Fortinet FortiSandbox vs. RSA NetWitness Logs and Packets (RSA SIEM)
May 2022
Find out what your peers are saying about Fortinet FortiSandbox vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: May 2022.
608,010 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The deployment capability is a great feature.""Microsoft Defender for Office 365 is a stable solution.""Does a thorough job of examining email and URLs for malicious content.""The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time.""At the moment we are satisfied with this product. It's a stable, scalable, and resilient solution for us.""The good part is that you don't have to configure it, which is very convenient.""Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links.""Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."

More Microsoft Defender for Office 365 Pros →

"The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs.""The solution is easy to manage.""Overall, it works fine. Its interface is also fine.""Compared to other solutions, it's easy to configure and implement because of the templates. The timing of scanning files is faster.""The scanner office document as well as PDF are useful. The most valuable thing is that you can emulate different operating systems without having the danger of getting something infected. It emulates several operating systems, and as a result, you either get the file or you don't get the file.""Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox""Fortinet FortiSandbox is scalable."

More Fortinet FortiSandbox Pros →

"The most valuable features are the packet inspection and the automated incident response.""The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools.""The solution is really scalable for the high-end power, enterprise customer.""The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs.""The most valuable feature is the security that it provides.""It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets.""What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.""The newer 11.5 version that my team is using has found it to have good mapping."

More RSA NetWitness Logs and Packets (RSA SIEM) Pros →

Cons
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types.""We are always looking for others tools to increase automation on tasks. There can be better integration with other solutions, such as PowerPoint and email.""Configuration requires going to a lot of places rather than just accessing one tab.""This product's effectiveness could be improved, in terms of detecting unwanted spam or even malware between the emails, compared to other products.""In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement.""They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not.""The custom alerts have to improve a lot.""It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."

More Microsoft Defender for Office 365 Cons →

"The initial setup is not too complex but could be easier.""If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer.""The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed.""I don't know if it is viable to do an improvement like this. When there are passwords in the password-protected files, it can't scan them or do things like this. I don't know if an algorithm or something else could make it better. Nowadays, many legitimate office documents have passwords.""There could be more templates and a higher number of simulated VMs to configure more use cases. Sometimes we need to configure many use cases in many different environments, and if the number of VMs that we configure is limited, we have to remove some and reconfigure the environment if we need another environment.""The reporting tools could be improved in Fortinet FortiSandbox.""If we can have more dashboards, it would be good."

More Fortinet FortiSandbox Cons →

"Technical support could be improved.""An area for improvement would be better automation and more inbuilt use cases.""The multi-tenant capabilities are lagging compared to IBM QRadar.""The initial setup is complex. There are other solutions that are easier to implement.""The solution should have more integration capabilities with different platforms.""More customizability is required, which is something that they need to improve on.""It is not so easy to customize this product.""RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."

More RSA NetWitness Logs and Packets (RSA SIEM) Cons →

Pricing and Cost Advice
  • "It's a user-base subscription."
  • "From the pricing point of view, like any other product in the market, there is scope for negotiation."
  • "Defender is a little bit more expensive as compared to others. We are in the manufacturing environment. So, we don't have a high budget for all of our endpoint devices. Its cost is a major concern for us."
  • "For licensing, it's usually a yearly package for customers who are subscribed to Office 365, but they can also pay on a monthly basis."
  • "Microsoft Defender for Office 365 is an add-on to the Office license. Many customers are purchasing this solution."
  • "Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system."
  • More Microsoft Defender for Office 365 Pricing and Cost Advice →

  • "Altogether, it is about €10,000 for the Sandbox and Email Gateway."
  • "We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well."
  • "There is a license to use this solution."
  • "Fortinet is more reasonable than Palo Alto."
  • "The price is competitive."
  • "The price of Fortinet FortiSandbox is expensive."
  • More Fortinet FortiSandbox Pricing and Cost Advice →

  • "Our license is for one year."
  • "There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
  • "We are on an annual license for the use of the solution."
  • "RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
  • More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
    608,010 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable feature of Microsoft Defender for Office 365 is the ease of use.
    Top Answer:Microsoft Defender for Office 365 comes with Microsoft Windows. It is free with the operating system.
    Top Answer:Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For… more »
    Top Answer:The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox… more »
    Top Answer:It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware… more »
    Top Answer:There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual.
    Top Answer:If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox… more »
    Comparisons
    Also Known As
    MS Defender for Office 365
    FortiSandbox
    RSA Security Analytics
    Learn More
    Overview

    Microsoft Defender for Office 365 protects all of Office 365 against advanced threats like business email compromise and credential phishing, and automatically investigates and remediates attacks. With Defender for O365 you get Integrated threat protection for all of Office 365 that gives you:

    - Native protection for Office 365 with built-in protection that simplifies administration, lowers total cost of ownership, and boosts productivity.

    - Unparalleled scale and effectiveness with powerful automated workflows to improve SecOps efficiency.

    - A complete solution for collaboration that protects you from attacks across the kill chain.

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Today’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It's also a key component of our Advanced Threat Protection solution.

    If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

    Offer
    Learn more about Microsoft Defender for Office 365
    Learn more about Fortinet FortiSandbox
    Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
    Sample Customers
    Microsoft Defender for Office 365 is trusted by companies such as Ithaca College.
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Manufacturing Company29%
    Performing Arts14%
    Logistics Company14%
    Financial Services Firm14%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Comms Service Provider19%
    Government7%
    Financial Services Firm6%
    REVIEWERS
    Comms Service Provider30%
    Computer Software Company20%
    Wholesaler/Distributor10%
    Logistics Company10%
    VISITORS READING REVIEWS
    Comms Service Provider26%
    Computer Software Company23%
    Government7%
    Financial Services Firm5%
    REVIEWERS
    Comms Service Provider33%
    Computer Software Company27%
    Financial Services Firm20%
    Manufacturing Company13%
    VISITORS READING REVIEWS
    Computer Software Company26%
    Comms Service Provider20%
    Financial Services Firm9%
    Government8%
    Company Size
    REVIEWERS
    Small Business31%
    Midsize Enterprise23%
    Large Enterprise46%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise19%
    Large Enterprise55%
    REVIEWERS
    Small Business50%
    Midsize Enterprise25%
    Large Enterprise25%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise20%
    Large Enterprise60%
    REVIEWERS
    Small Business27%
    Midsize Enterprise12%
    Large Enterprise62%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise16%
    Large Enterprise64%
    Buyer's Guide
    Fortinet FortiSandbox vs. RSA NetWitness Logs and Packets (RSA SIEM)
    May 2022
    Find out what your peers are saying about Fortinet FortiSandbox vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: May 2022.
    608,010 professionals have used our research since 2012.

    Fortinet FortiSandbox is ranked 8th in Advanced Threat Protection (ATP) with 7 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 7th in Advanced Threat Protection (ATP) with 12 reviews. Fortinet FortiSandbox is rated 8.0, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 8.0. The top reviewer of Fortinet FortiSandbox writes "Good performance and integration capabilities with good technical support". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Economical with good technical support and is easily scalable". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Check Point SandBlast Network, FireEye Network Security, McAfee Advanced Threat Defense and Symantec Advanced Threat Protection, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, RSA enVision, ArcSight Enterprise Security Manager (ESM) and Elastic Security. See our Fortinet FortiSandbox vs. RSA NetWitness Logs and Packets (RSA SIEM) report.

    See our list of best Advanced Threat Protection (ATP) vendors.

    We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.