We performed a comparison between Netsurion and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Managed Security Services solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I like most about Netsurion is the level of visibility and reporting."
"I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one."
"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."
"The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network."
"Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for."
"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."
"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."
"The virtualization solution supports data center virtualization, network and security."
"Log Insight correlates with the VMware product log. It can assemble the logs you want, making it easier to find the output, incident, or keyword you want to search."
"The setup and installation are very easy."
"The root cause analysis feature is very valuable."
"The most valuable feature is server virtualization. It's been very useful."
"It allows us to gain a comprehensive overview of our infrastructure."
"Our current costs are too high, and this tool will help us to better optimize our infrastructure."
"It gives the customer a quick overview, so they don't have to dig. There's a clear dashboard with many sensors in a single space. He gets a helicopter view of his environment, but he can investigate further if there are serious issues. It's pretty user-friendly."
"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
"I would like to see the dashboard come up more quickly."
"Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging."
"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."
"It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email."
"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."
"Everything that I've wanted has been added in. EDR was added, and MITRE was added. Those were two big ones that we didn't even have to push for."
"The product's price falls on the higher end of the spectrum, making it an area of concern."
"It needs better integration with third-party analytics tools."
"The tool does not provide a centralized pane for monitoring."
"Log retention should have more options for user control."
"Integration with other vendors is something that could be improved, they could add more vendors."
"It's great for VMware, but it would be good if they had third-party logins."
"I don't use the solution on a day to day basis, so I'm not sure what specifically can be improved."
"I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Netsurion is ranked 4th in Managed Security Services with 24 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. Netsurion is rated 8.4, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, Graylog and IBM Security QRadar. See our Netsurion vs. VMware Aria Operations for Logs report.
We monitor all Managed Security Services reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
