Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Palo Alto Networks VM-Series comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

NetWitness Platform
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (37th), Security Information and Event Management (SIEM) (29th)
Palo Alto Networks VM-Series
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
64
Ranking in other categories
Firewalls (13th), Advanced Threat Protection (ATP) (9th)
 

Mindshare comparison

NetWitness Platform and Palo Alto Networks VM-Series aren’t in the same category and serve different purposes. NetWitness Platform is designed for Log Management and holds a mindshare of 0.3%, down 0.4% compared to last year.
Palo Alto Networks VM-Series, on the other hand, focuses on Firewalls, holds 0.9% mindshare, up 0.7% since last year.
Log Management
Firewalls
 

Featured Reviews

MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
RonnieYazdani - PeerSpot reviewer
User-friendly CLI and efficient dashboard streamline operations with robust security features
I find Palo Alto Networks VM-Series easy to deploy, and none of my customers have had significant complaints. My customers have high certifications provided by Palo Alto Networks. The friendly dashboard and the ability to easily command and use the CLI make Palo Alto Networks VM-Series a better product. It offers robust solutions, making it valuable to my customers.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The newer 11.5 version that my team is using has found it to have good mapping."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"Offers a good wireless feature."
"It has excellent scalability."
"The solution strengthens our IT posture."
"The additional visibility, which was lacking with cloud-native tools, has improved the organization's cloud security posture. Advanced enforcement and granular security controls help manage potential threats."
"It has a good performance which helps you with the stability of your virtual environment."
"Palo Alto's robust threat intelligence supports new updates, and I can open cases directly with their Threat Intelligence team."
"In Palo Alto the most important feature is the App-ID."
"The most valuable features are web control and IPS/IDS."
"The most valuable feature is that you can launch it in a very short time. You don't have to wait for the hardware to arrive and get it staged and installed. From that perspective, it is easy to launch. It is also scalable."
 

Cons

"We have encountered issues with unresolved crashes."
"The tool's integration capability isn't so great."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"Its technical support could be better."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"Technical support could be improved."
"Security needs improvement."
"I find it difficult to reach technical support at Palo Alto Networks."
"Palo Alto should update their documentation to make it more readable and provide easier-to-follow instructions through videos."
"The solution needs to have more easily searchable details or documentation about it online, so it's easier to Google if you have queries."
"Enhancing the ease of accessing technical support would be useful."
"It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity."
"The user-friendliness of the UI could be improved."
"It can definitely improve on the performance."
"The product needs improvement in their Secure Access Service Edge."
 

Pricing and Cost Advice

"This is a pricey solution; it's not cheap."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"The licenses are good but the cost is very expensive."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"The product is expensive."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"For licensing, It depends how they want to use the firewall. The firewall can be used only for IPS purposes. If you only want that firewall IPSs, you will only need a license that is called threat prevention. That license, threat prevention, includes vulnerabilities, antivirus signatures and one additional measure (that I can't remember), but it includes three measures and security updates."
"I know Palo Alto is not cheap. They have been telling me, the members of the finance team, it is not a cheap solution. It is a solution whose target is that no matter how big your organization is, small, medium, or large, it is about the maturity of your security team or infrastructure team whom you want to work with."
"I rate Palo Alto Networks VM-Series pricing an eight out of ten."
"The solution is expensive. I rate its pricing a three out of ten."
"The product is costly but provides all essential security features. I rate the pricing a seven out of ten."
"The cost of this product varies from customer to customer and the relationship with IBM, including how many offerings from IBM are already being used."
"Palo Alto can be as much as two times the price of competing products that have twice the capabilities."
"Do not buy larges box if you do not need them. Rightsizing is a great task to do before​hand."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
17%
Manufacturing Company
5%
Real Estate/Law Firm
5%
Computer Software Company
16%
Financial Services Firm
14%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
Features comparison between Palo Alto and Fortinet firewalls
In the best tradition of these questions, Feature-wise both are quite similar, but each has things it's better at, it kind of depends what you value most. PA is good at app control, web filtering a...
How does Azure Firewall compare with Palo Alto Networks VM Series?
Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the overall cost is reasonable. Azure Firewall offers a solid threat awareness, can...
 

Also Known As

RSA Security Analytics
No data available
 

Overview

 

Sample Customers

Los Angeles World Airports, Reply
Warren Rogers Associates
Find out what your peers are saying about NetWitness Platform vs. Palo Alto Networks VM-Series and other solutions. Updated: September 2022.
861,390 professionals have used our research since 2012.