We performed a comparison between NetWitness Platform, Palo Alto Networks WildFire, and Sophos Cyberoam UTM based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management."The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The solution is really scalable for the high-end power, enterprise customer."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"Their technical support responds quickly and are knowledgable."
"My primary use case for this solution is for a secure gateway."
"I love the idea of Palo Alto Networks WildFire. It's more geared toward preventing malware. If someone's laptop or phone is malware-infected, the tool prevents it from uploading valuable corporate data outside the corporate network. That's what I love about Palo Alto Networks WildFire. It stops malware in its tracks."
"Stability is never a concern."
"It is a stable solution...It is a scalable solution."
"A good tool for file scanning and email threat detection, especially when it comes to attachments and communications."
"We get support in the free version."
"The most valuable feature is the improved security that it offers."
"With this product, we receive the best monitoring and reports."
"I found that the best feature of Sophos Cyberoam UTM is reporting. Its reporting feature is excellent, fast, and easy to prep and launch."
"The best feature is the flexibility the product offers, in terms of remote access. What we had before was a decentralized mechanism in our organization, but after having this product we were able to get the remote locations into the same LAN. We were able to control the bandwidth and were able to take virtual access of those machines and give them the support, as and when required."
"The product, itself, doesn't seem to have any bugs or glitches."
"The most valuable feature of the solution stems from the fact that it is a very strong product with good support."
"The port forwarding is good."
"I'm more inclined towards the conventional firewall. So for me, I'm more geared towards the standard firewall type functionalities as well as the web application firewall because that seems to work fine."
"The most valuable feature is the IPSec forwarding."
"Our customers find it economical and offers good security. These two features are key. Ease of installation and implementation are also key factors."
"The log system is a bit complex and has room for improvement."
"Its technical support could be better."
"We have encountered issues with unresolved crashes."
"Health monitoring of the event sources and devices."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The deployment model could be better."
"The VPN and decryption need improvement."
"The GUI is better in 8.0, but I still feel it lacks the fast response most of us desire. Logs are much quicker."
"The solution can improve its traffic management."
"The configuration should be made a little bit easier. I understand why it is as it is, but there should be a way to make it easier from the user side."
"Any enhancements should likely be focused on the firewall appliance to further strengthen overall security capabilities, such as refining app and user identity features."
"The data analytical system for deployment needs to improve."
"The automation and responsiveness need improvement."
"The documentation is not straightforward."
"The solution had a feature to import users from a CSV file. However, the latest version does not have that option."
"The product strategy of the manufacturer is strange. I don't understand what they are doing in that regard."
"Technical support could be faster."
"While the security features are excellent, they could be improved."
"SD-WAN should be included in the tool."
"Sometimes, during part of the configuration, if you don't have a lot of technical knowledge, then you may struggle a bit to configure it."
"Hence, it needs to be easier to configure rules using the solution."