NetWitness NDR vs Plixer Scrutinizer comparison

"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."

"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."

"It is stable. We have been using it for some time, without any issues."

"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."

"The stability of the RSA NetWitness Endpoint is very good."

"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."

"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."

"Technical support is knowledgeable."

"We have had many requests to understand in the network which devices are connected to others. Most people don't have this information or are able to establish a map of data flow everywhere around the network. Scrutinizer can really help with this. We are using it to understand who is talking to what, how, and which protocols can help us to improve security and analyze flow."

"The most valuable features of Plixer Scrutinizer are its ease of use, accessibility, and UI."

"Plixer Scrutinizer is an affordable product. Plixer Scrutinizer is a tool that allows for customization, especially in scenarios where customers need new product features."

"The ability to view the status of the top-10 at a glance is helpful. We immediately know which link is over-utilized or heavily used... and it's all in real-time."

"It shows us the saturation of the network of devices. It gives us a clear view of the flows in the network to understand, for instance, planning upgrades in the network to get an idea of what's going on the network on traffic flows. It gives us insight, for instance, on what's going on on our VPN Client. There are a lot of things where it provides very helpful information. It also gives us our security reports with quite detailed information on what's going on in the network, and whether there are data exfiltrations and so on."

"The most valuable features of the solution are the ability to track what a device is doing and to go back historically. It is also able to go down to, and identify, very low levels of traffic."

"The reporting and generating troubleshooting reports would be the best feature; our host-to-host conversation reporting."

"Visualization of the network traffic is the most valuable feature. It allows you to drill into information quite quickly."

"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."

"I would like to see Security Orchestration and Response Automation (SOAR) integration."

"Threat detection could be better."

"The threat intelligence could improve in RSA NetWitness Endpoint."

"The contamination feature could be improved."

"RSA NetWitness Network could improve on integration with non-native application integration."

"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."

"The solution lacks a reporting engine."

"From what I understand it is that the solution is not very scalable in a high volume traffic environment with a large number of flows."

"There is room for improvement around the data that they have on the website about solutions... they should have more templated solutions on their website. Going out and identifying how to do RTP performance with a Cisco router, or how to do application response times in an Arrista data center deployment was where most of the work was... They should spend some more time documenting solutions and putting together white papers."

"The reporting structure, the front-end GUI, also needs some work. It needs some getting used to. It works fairly well, but it's a technical tool rather than a user tool. You have to understand the structure of the databases before you can really use it."

"I wish the reporting side was easier to work with, but it does a decent job. I also wish the reporting side was a little more intuitive or they offered more reporting examples."

"Though Plixer Scrutinizer has network detection and response, it's an area that needs just a little more rounding out. Another room for improvement in the solution is its lack of SaaS offering which some customers were looking for. My company deals in small to medium businesses, mid-market, and some customers wanted the SaaS feature which Plixer Scrutinizer doesn't offer. What I'd like to see in the next release of the solution is for it to have a SaaS offering because my company also deals with educational spaces and smaller businesses that just don't have the staff that can implement this. If there's either a managed service or SaaS-based offering to just make it a little easier for those types of customers, it would be a great addition to Plixer Scrutinizer."

"Knowing that they're coming out with a new user interface, that is an area where there is room for improvement. There are so many variables. They should limit the variables in the user interface and create some classes, like "simple," "novice," and "expert" to narrow down the variables within it."

"The solution creates a visual map of a particular location and how the network flows. You need to spend time to generate all those maps. If they could figure out a way to reduce the time needed to generate the maps, that would be great."

"We couldn't get it set up properly."

"The cost depends on the number of endpoints that you want to monitor, but it is not expensive."

"The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."

"It is highly scalable. It can be bought based on your requirements."

"It is an expensive product."

"I do not have any opinion on the pricing or licensing of the product."

"The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

"With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."

"NetWitness Endpoint is less costly than its competitors, but it offers fewer features."

"We pay our one-off cost for the licenses, per device, in blocks of 50. And then we pay an annual maintenance fee of about $15,000 Australian, which is, at this point in time, about $9,000 US, for those 250 devices. The upfront costs for the 250-license use, were about $50,000 Australian, which is about $32,000 US."

"Our entire solution, amortized over five years, is in the vicinity of $40,000 to $50,000 a year."

"Compared to some of the other tools we have, it's incredibly reasonably priced."

"The license is per device. We have 50 devices."

"There is a recurring maintenance fee after the initial purchase or if we want the license upgrade."

"It's about €10,000 a year for initial license and yearly maintenance costs. In addition, the hardware costs are about €10,000 once every five years."

"I rate Plixer Scrutinizer's price a three on a scale of one to ten, where one is low price or affordable, and ten is high price or expensive."

"We recently bought a license upgrade, so we will integrate more exporters. We upgraded from a 25 exporter license to a 50 exporter license. Therefore, there will be more flows, and this will be an extension. I don't know when we will purchase a faster server, because the server that we have is quite new."