NetWitness NDR vs Plixer Scrutinizer comparison

"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."

"Technical support is knowledgeable."

"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."

"The stability of the RSA NetWitness Endpoint is very good."

"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."

"The interface of this solution is very flexible and easy to use."

"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."

"Ability to isolate the machine when there are malicious files."

"Visualization of the network traffic is the most valuable feature. It allows you to drill into information quite quickly."

"The solution helps to enrich the data context of our network traffic. It allows me to see what applications are most in use on a slightly historical basis, going back a day or week at tops. It allows me to tune QoS or traffic shaping around what's being used. It saves me from having to unnecessarily upgrade, if I don't need to."

"It shows us the saturation of the network of devices. It gives us a clear view of the flows in the network to understand, for instance, planning upgrades in the network to get an idea of what's going on the network on traffic flows. It gives us insight, for instance, on what's going on on our VPN Client. There are a lot of things where it provides very helpful information. It also gives us our security reports with quite detailed information on what's going on in the network, and whether there are data exfiltrations and so on."

"Plixer Scrutinizer is an affordable product. Plixer Scrutinizer is a tool that allows for customization, especially in scenarios where customers need new product features."

"We didn't experience any bugs."

"We have had many requests to understand in the network which devices are connected to others. Most people don't have this information or are able to establish a map of data flow everywhere around the network. Scrutinizer can really help with this. We are using it to understand who is talking to what, how, and which protocols can help us to improve security and analyze flow."

"It's agnostic as far as what your network gear is. As long as it supports an sFlow, JFlow, NetFlow, some kind of flow monitoring, Plixer will support it very well."

"It helps us determine what is going on with our Internet and who is hogging it all up. If we get a real high throughput or a throughput that's going over and getting dropped fairly quickly, we can tell who (or what device) is consuming that traffic."

"The initial setup requires a high level of skill."

"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."

"The solution lacks a reporting engine."

"The contamination feature could be improved."

"RSA NetWitness Network could improve on integration with non-native application integration."

"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."

"When analyzing something, you have to click several times. It requires a lot of effort to find something."

"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."

"The reporting structure, the front-end GUI, also needs some work. It needs some getting used to. It works fairly well, but it's a technical tool rather than a user tool. You have to understand the structure of the databases before you can really use it."

"We couldn't get it set up properly."

"There is room for improvement around the data that they have on the website about solutions... they should have more templated solutions on their website. Going out and identifying how to do RTP performance with a Cisco router, or how to do application response times in an Arrista data center deployment was where most of the work was... They should spend some more time documenting solutions and putting together white papers."

"Data retention needs improvement. Data retention is a thing where we are looking for a better way to collect flow data for a longer time to do forensic research on security incidents. By default, data retention is quite low. We need detailed data in safe storage for a longer time, e.g., for a couple of months. An improvement would be a way to export data into a secure long-term storage."

"In Plixer Scrutinizer, scalability is an area with minor concerns where improvements are required."

"Knowing that they're coming out with a new user interface, that is an area where there is room for improvement. There are so many variables. They should limit the variables in the user interface and create some classes, like "simple," "novice," and "expert" to narrow down the variables within it."

"The visual acuity of how it presents data can sometimes be confusing. It takes a bit for people to spin up how to look at the graphs."

"Though Plixer Scrutinizer has network detection and response, it's an area that needs just a little more rounding out. Another room for improvement in the solution is its lack of SaaS offering which some customers were looking for. My company deals in small to medium businesses, mid-market, and some customers wanted the SaaS feature which Plixer Scrutinizer doesn't offer. What I'd like to see in the next release of the solution is for it to have a SaaS offering because my company also deals with educational spaces and smaller businesses that just don't have the staff that can implement this. If there's either a managed service or SaaS-based offering to just make it a little easier for those types of customers, it would be a great addition to Plixer Scrutinizer."

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."

"It is an expensive product."

"We are on a three-year contract to use RSA NetWitness Network."

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"I do not have any opinion on the pricing or licensing of the product."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"We have increased the license over time. We have added more licenses as the network has grown."

"Compared to some of the other tools we have, it's incredibly reasonably priced."

"There are no extra costs. It's about $8,000 a year. The bang for the buck (cost) is definitely a plus."

"We just renewed. The pricing is 5,000 euro per year. This is the final price. All tax (20 percent) is included."

"The licensing cost for Plixer Scrutinizer is in the middle. It's not the cheapest, but it's not the most expensive. Its licensing model is based on how many exporters, how many devices export information to the system. Plixer Scrutinizer has different modules you could add such as the security module which would cost extra."

"It's about €10,000 a year for initial license and yearly maintenance costs. In addition, the hardware costs are about €10,000 once every five years."

"The license is per device. We have 50 devices."

"I rate Plixer Scrutinizer's price a three on a scale of one to ten, where one is low price or affordable, and ten is high price or expensive."