We performed a comparison between NetWitness XDR and Plixer Scrutinizer based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Microsoft Defender XDR is scalable."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"This solution allows us to locate the malware in real-time."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"It is stable. We have been using it for some time, without any issues."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"It's agnostic as far as what your network gear is. As long as it supports an sFlow, JFlow, NetFlow, some kind of flow monitoring, Plixer will support it very well."
"Visualization of the network traffic is the most valuable feature. It allows you to drill into information quite quickly."
"The solution helps to enrich the data context of our network traffic. It allows me to see what applications are most in use on a slightly historical basis, going back a day or week at tops. It allows me to tune QoS or traffic shaping around what's being used. It saves me from having to unnecessarily upgrade, if I don't need to."
"It shows us the saturation of the network of devices. It gives us a clear view of the flows in the network to understand, for instance, planning upgrades in the network to get an idea of what's going on the network on traffic flows. It gives us insight, for instance, on what's going on on our VPN Client. There are a lot of things where it provides very helpful information. It also gives us our security reports with quite detailed information on what's going on in the network, and whether there are data exfiltrations and so on."
"As a network engineer, the ability to identify what traffic on the link is consuming all the bandwidth at any given time, and provide immediate feedback to the business, is the most valuable feature."
"One of the most valuable features of Plixer Scrutinizer is the reporting, particularly how easy it is to drill down into the reports. Another valuable feature of the solution is its overall visibility. It's great. I also liked Plixer Scrutinizer in terms of deployment time and that it's very simple to set up. Once you get the appliance set up and connected, the customer starts to see results immediately, versus other solutions where that could take a while."
"The ability to view the status of the top-10 at a glance is helpful. We immediately know which link is over-utilized or heavily used... and it's all in real-time."
"The most valuable features of Plixer Scrutinizer are its ease of use, accessibility, and UI."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The tool gives inconsistent answers and crashes a lot."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The initial setup requires a high level of skill."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The contamination feature could be improved."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The solution creates a visual map of a particular location and how the network flows. You need to spend time to generate all those maps. If they could figure out a way to reduce the time needed to generate the maps, that would be great."
"In Plixer Scrutinizer, scalability is an area with minor concerns where improvements are required."
"I wish the reporting side was easier to work with, but it does a decent job. I also wish the reporting side was a little more intuitive or they offered more reporting examples."
"They're working on the security areas, so it can provide more insight. What they have is still pretty much IP-concentric. If they were to make it IP and URL, they'd be a little bit ahead on that."
"Data retention needs improvement. Data retention is a thing where we are looking for a better way to collect flow data for a longer time to do forensic research on security incidents. By default, data retention is quite low. We need detailed data in safe storage for a longer time, e.g., for a couple of months. An improvement would be a way to export data into a secure long-term storage."
"The visual acuity of how it presents data can sometimes be confusing. It takes a bit for people to spin up how to look at the graphs."
"For updating the Scrutinizer platform, when we have the actual data, it never happens in one day. Every time we have the data, we are obliged to install a new server in order to integrate the old data, and every time it has a problem. Most of the time, we were obliged to scrap all the data because we couldn't transfer it to the new server. So, it would be very good if they could improve this part."
"There is room for improvement around the data that they have on the website about solutions... they should have more templated solutions on their website. Going out and identifying how to do RTP performance with a Cisco router, or how to do application response times in an Arrista data center deployment was where most of the work was... They should spend some more time documenting solutions and putting together white papers."
NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews while Plixer Scrutinizer is ranked 9th in Network Traffic Analysis (NTA) with 15 reviews. NetWitness XDR is rated 8.0, while Plixer Scrutinizer is rated 8.6. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Plixer Scrutinizer writes "Advanced reporting runs analytics on NetFlow and provides signature-based recognition of problems in the network environment". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Plixer Scrutinizer is most compared with SolarWinds NetFlow Traffic Analyzer, Flowmon , ManageEngine NetFlow Analyzer, Cisco Secure Network Analytics and PRTG Network Monitor.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
