Try our new research platform with insights from 80,000+ expert users

Hillstone S-Series Network Intrusion Prevention System vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Hillstone S-Series Network ...
Ranking in Intrusion Detection and Prevention Software (IDPS)
22nd
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
4th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (14th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of July 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Hillstone S-Series Network Intrusion Prevention System is 1.1%, up from 0.6% compared to the previous year. The mindshare of Vectra AI is 11.2%, up from 10.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

reviewer1080873 - PeerSpot reviewer
Complements any firewall
The core processors are there and it's able to generate reports for that. It also complements any kind of firewall. For example, if an end user is using Palo Alto as a firewall, they'd need another layer of firewall like the S-Series that will protect internal servers. It's something that complements any firewall in the market.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Setup is straightforward with the same reliability and scalability as the firewall series."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."
"The packet-capturing feature is very useful."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
 

Cons

"Lack of tools to help educate end users"
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"Other alternatives, like Darktrace, have a fancier UI."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
 

Pricing and Cost Advice

Information not available
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"The solution is low-cost and affordable."
"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"It is an expensive solution, but it's not the most expensive we've seen. We also know how much we're going to pay, unlike with some other providers where all of a sudden our license explodes."
"The pricing is high."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
860,632 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
13%
Computer Software Company
12%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Ask a question
Earn 20 points
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

Hillstone S-Series NIPS
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Information Not Available
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: June 2025.
860,632 professionals have used our research since 2012.