Try our new research platform with insights from 80,000+ expert users

IBM Security Network IPS vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Security Network IPS
Ranking in Intrusion Detection and Prevention Software (IDPS)
25th
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
4th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (18th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of September 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of IBM Security Network IPS is 0.8%, up from 0.6% compared to the previous year. The mindshare of Vectra AI is 10.6%, down from 10.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Vectra AI10.6%
IBM Security Network IPS0.8%
Other88.6%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Jacob_Koithra - PeerSpot reviewer
User-friendly and has a good blocking feature but is quite expensive
Defining the new security rules and policies sometimes becomes a challenge. Integration with other platforms becomes a challenge as well. I'd like to see more integration with other tools and technologies. XGS 7100 has an end of support for the 30th of December 2022. Many are losing support. All the products of the XGS, including XGS 3100, 4100, 5100, and 7100, support is ending in December 2022. We need to know what is the plan post that? Do we need to spend money on them? Will that be extended? There has been no communication on the website either. It's an expensive device.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is its simplicity."
"The initial setup is simple."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"I like the way that Vectra AI focuses on the internal network. Nowadays, most of the attackers are already inside, and they can be inside for many years before they start attacking. With normal monitoring, it's quite difficult to find them."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"Most of their use cases, including deployment, are managed by the tool itself, requiring less manual input from our team."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
 

Cons

"In the future, I would like to see a hybrid option so that we can work both on-premises and in the cloud."
"I'd like to see more integration with other tools and technologies."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"Other alternatives, like Darktrace, have a fancier UI."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"ExtraHop has better features that seem more advantageous when compared to Vectra."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
 

Pricing and Cost Advice

"The cost of operations is very low."
"My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector."
"Its cost is too much. It's an investment that we can afford. It's a lot, but it's worth it."
"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
"The solution is low-cost and affordable."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
867,445 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise10
Large Enterprise27
 

Questions from the Community

Ask a question
Earn 20 points
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

Security Network Intrusion Prevention System, IBM Security Network Protection, XGS, GX
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Equifax, Christian Hospital Centre
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about IBM Security Network IPS vs. Vectra AI and other solutions. Updated: September 2025.
867,445 professionals have used our research since 2012.