Try our new research platform with insights from 80,000+ expert users

Hillstone I-Series Server Breach Detection System vs NetWitness NDR comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Hillstone I-Series Server B...
Average Rating
7.0
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (28th), User Entity Behavior Analytics (UEBA) (22nd), Network Traffic Analysis (NTA) (17th)
NetWitness NDR
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Endpoint Protection Platform (EPP) (59th), Threat Intelligence Platforms (39th), Endpoint Detection and Response (EDR) (63rd), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Extended Detection and Response (XDR) (38th)
 

Mindshare comparison

While both are Network Security Systems solutions, they serve different purposes. Hillstone I-Series Server Breach Detection System is designed for Intrusion Detection and Prevention Software (IDPS) and holds a mindshare of 0.5%, up 0.3% compared to last year.
NetWitness NDR, on the other hand, focuses on Network Detection and Response (NDR), holds 2.2% mindshare, up 1.9% since last year.
Intrusion Detection and Prevention Software (IDPS)
Network Detection and Response (NDR)
 

Featured Reviews

DAVI TEIXEIRA - PeerSpot reviewer
Beneficial AI detection, helpful support, but modern UI needed
The initial setup of the Hillstone I-Series Server Breach Detection System requires a bunch of steps starting with installing the hardware and setting it up. However, most of the setup is done by the vendor. I rate the initial setup of the Hillstone I-Series Server Breach Detection System an eight out of ten. The vendor provides free training in the software provided.
SupravatMaji - PeerSpot reviewer
Beneficial single unified dashboard, good native application integration, and high availability
My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of the Hillstone I-Series Server Breach Detection System are the AI detection and monitoring of common threats."
"One or two people can maintain and support the solution. The maintenance is not difficult."
"This solution allows us to locate the malware in real-time."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"It is stable. We have been using it for some time, without any issues."
"Technical support is knowledgeable."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
 

Cons

"Hillstone I-Series Server Breach Detection System can improve by having more anti-spam features that will hopefully eliminate all of the other threats."
"The UI dashboard view needs to be improved because it is ugly. If it was more modern it would be better. Additionally, better integration with other databases would be good."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"The contamination feature could be improved."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
 

Pricing and Cost Advice

"The price of the solution is good. It is less expensive than the other solutions in the market. There are not any additional features or hidden costs."
"I do not have any opinion on the pricing or licensing of the product."
"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."
"We are on a three-year contract to use RSA NetWitness Network."
"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
"It is highly scalable. It can be bought based on your requirements."
"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
16%
Computer Software Company
15%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Comparisons

 

Also Known As

Hillstone sBDS
RSA ECAT, NetWitness Network
 

Overview

 

Sample Customers

Norbert Wiener University, Regional Government of the Amazon
ADP, Ameritas, Partners Healthcare
Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2025.
861,803 professionals have used our research since 2012.