We performed a comparison between NetWitness Platform and Zabbix based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"Incident management is its most valuable feature."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"It's quite economical compared to other solutions in the market."
"The most valuable features are the integration and ease of use."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The most valuable features are the threat prediction and network forensics."
"The most valuable feature is network traffic monitoring."
"We are able to monitor our virtual infrastructure, virtual machines, windows servers, databases, and the network using a simple network management protocol. We are able to pull almost all the metrics that we want, receive notifications, and have them integrate with telegrams for certain devices that are critical, such as UPSs."
"Zabbix is scalable."
"There is a problems page that shows us every warning or problem that occurs on our VMs globally. The map screen is also really useful because this is something that was missing. I don't know every other tool in the market. So, I don't know if this is a good point of only Zabbix, or other tools are also doing it, but from my point of view, this is the most useful page that I use, along with the problems page that efficiently lists the problem, recovery time, ending hours, starting hours, and so on."
"Zabbix can use old data to current data to set the threshold. We can use previous data to set the threshold."
"The solution is stable."
"It has good graphs of what is going on within the operating system."
"Every new asset placed in the environment can be automatically detected, predicting human failures."
"The initial setup is very complex and should be simplified."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"It is not so easy to customize this product."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Health monitoring of the event sources and devices."
"The product's licensing models are complex to understand. This particular area needs improvement."
"I am having difficulties connecting it to Grafana, as well as some of the other plugins like Kibana."
"Correlation of events would be a wonderful addition."
"Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features."
"The documentation gets a bit messy between versions and is not too detailed, which is a bit painful for first-timers, especially when they run into issues."
"Implementing Zabbix is difficult. I've deployed many solutions over the years, and Zabbix is the hardest to implement. You have to do some development to get it to work with IBM, Micro Focus, or HP products."
"Zabbix claims that there is an auto-discovery process but my team member was facing difficulty and was told that it's not really automatic, and there are some manual steps."
"There are not too much documentation or manuals. We found the tutorials very easy to understand but do not go deep enough in the use of Zabbix. We need more manuals, proper use, documentation, etc."
"Implementation is always tailored to the customer and the kind of information we need from the client to carry it out can make them very uncomfortable. Sometimes the clients are not ready to share it."
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Zabbix is ranked 1st in Network Monitoring Software with 98 reviews. NetWitness Platform is rated 7.4, while Zabbix is rated 8.2. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios XI and Nagios Core.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.