We performed a comparison between NetWitness Platform and Symantec Advanced Threat Protection based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Their technical support responds quickly and are knowledgable."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Offers a good wireless feature."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The solution is really scalable for the high-end power, enterprise customer."
"Technical support is very responsive. You just have to open a ticket. They respond in a timely manner. Their response is good. I'm satisfied."
"Symantec Endpoint Protection provides end-to-end protection. Along with antivirus protection, it has a lot of key areas, including intrusive prevention, firewall features, and application and device control."
"All of the solution's features are quite valuable for us. We especially like the threat protection it provides."
"What I like most about Symantec Advanced Threat Protection is its notification capability."
"The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration."
"The most valuable feature is NetFlow threat protection."
"You don't have to buy a separate email security platform. You can enable that using their endpoint, and I like that. You don't have to have two agents running on the same box."
"They manage to solve detection quite nicely. There is some rather elaborate detection compared to other providers."
"Security needs improvement."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"The solution should have more integration capabilities with different platforms."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"Its technical support could be better."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The support has dropped down to a five out of ten."
"The support for new OSs and older OSs could be a little tighter. They need to be more upfront about what protection services they're going to provide on new OSs. I haven't seen the Windows 11 version out yet. It is either already released in Beta, or the Beta will be released soon. There could be a little bit more advanced updates on what they're doing to help protect Windows 11 environments. They can let us know in advance so that we know it is going to be protected. We can't roll out the new OS without putting end-point protection on it. So, they should tell us what is their support model for that, and what are they doing to protect Windows 11. They're not telling me, and that's a criticism. The same issue is applicable to all the other antivirus tools. It is not just Symantec; all of them have this problem."
"There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed."
"Scalability could be better."
"An improvement could be made on the reporting because then it would be easier to collect information and submit it for compliance."
"Not ideal for advanced threat protection."
"The cloud platform needs to have improvement in terms of the user interface and the different capabilities it has available. It needs to match the other leading next-gen EDR products that are available in the market. That's the reason why we are stepping away from Symantec. Their cloud environment is just generally lacking in comparison to others."
"It should be able to collect information if the agent is disabled."
More Symantec Advanced Threat Protection Pricing and Cost Advice →
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Symantec Advanced Threat Protection is ranked 18th in Advanced Threat Protection (ATP) with 14 reviews. NetWitness Platform is rated 7.4, while Symantec Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Provides end-to-end antivirus protection and has good stability ". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Symantec Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Microsoft Defender for Office 365, Trellix Network Detection and Response, Check Point SandBlast Network and Fortinet FortiSandbox. See our NetWitness Platform vs. Symantec Advanced Threat Protection report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.