We performed a comparison between Infoblox Advanced DNS Protection and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Cisco, Infoblox, TitanHQ and others in Domain Name System (DNS) Security."The solution's user interface is very smooth compared to other products."
"The solution helps to identify and mitigate DNS attacks."
"I like that Infoblox Advanced DNS Protection is one hundred percent good, performance-wise."
"Centralized management of DNS, DHCP, and IPAM helped us a lot in simplifying and automating the management of network and services."
"DHCP is a basic service, and they've been doing it for years, so it's mature and stable."
"The security of the solution is perfect. It's very good at protecting us from attacks."
"Infoblox offers granularity and advanced DNS protection to mitigate DNS attacks. It's a very secure solution."
"The most valuable features of Infoblox Advanced DNS Protection are the services, DHCP, and debugging. Additionally, we can use APIs and ansible scripts."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"The solution is expensive."
"They should release frequent updates for its on-premises version."
"The solution's logging could be improved."
"There is a steep learning curve to be able to use Infoblox Advanced DNS Protection well."
"There should be better alerts for when attacks are happening."
"I think only the technical documentation and administration of box could be a little bit improved."
"Infoblox Advanced DNS Protection could be more user-friendly because you need knowledge if you want to use it. To handle the solution, you need to be a subject matter expert, so this is one area for improvement."
"They are not supporting high query logging. They have a very limited size for the syslog, so they are usually asking for external storage, external network, and integration in order to keep the syslog. If you are considering the high volume traffic of the carrier-grade, then the syslog will hold for around five to 10 minutes. This is not enough time and it is being rotated. This is the main issue and the main limitation that we face with them that they need to work on."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough."
"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
More Infoblox Advanced DNS Protection Pricing and Cost Advice →
Infoblox Advanced DNS Protection is ranked 2nd in Domain Name System (DNS) Security with 12 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Infoblox Advanced DNS Protection is rated 8.2, while Vectra AI is rated 8.6. The top reviewer of Infoblox Advanced DNS Protection writes "Stable, with good performance, and has no issues, support-wise". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Infoblox Advanced DNS Protection is most compared with Cisco Umbrella, F5 BIG-IP DNS, Zscaler Internet Access, Palo Alto Networks DNS Security and EfficientIP DNS Guardian, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Domain Name System (DNS) Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.