We performed a comparison between NetWitness Platform and Symantec Advanced Threat Protection based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."NetWitness can be highly beneficial for incident detection and response."
"The most valuable feature is the security that it provides."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The most valuable features are the threat prediction and network forensics."
"The product's initial setup phase was not at all difficult."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration."
"You don't have to buy a separate email security platform. You can enable that using their endpoint, and I like that. You don't have to have two agents running on the same box."
"The most valuable feature is NetFlow threat protection."
"The great advantage in using this product is it creates multiple services."
"Symantec Endpoint Protection provides end-to-end protection. Along with antivirus protection, it has a lot of key areas, including intrusive prevention, firewall features, and application and device control."
"What I like most about Symantec Advanced Threat Protection is its notification capability."
"The most valuable feature is Click-time URL protection."
"The Application Control code and the easy integration are valuable features."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The solution should have more integration capabilities with different platforms."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"The tool's integration capability isn't so great."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"It should be able to collect information if the agent is disabled."
"The support for new OSs and older OSs could be a little tighter. They need to be more upfront about what protection services they're going to provide on new OSs. I haven't seen the Windows 11 version out yet. It is either already released in Beta, or the Beta will be released soon. There could be a little bit more advanced updates on what they're doing to help protect Windows 11 environments. They can let us know in advance so that we know it is going to be protected. We can't roll out the new OS without putting end-point protection on it. So, they should tell us what is their support model for that, and what are they doing to protect Windows 11. They're not telling me, and that's a criticism. The same issue is applicable to all the other antivirus tools. It is not just Symantec; all of them have this problem."
"The security features need to be improved."
"Entire threat protection is not available for the advanced features."
"The product's support services need improvement."
"There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed."
"It's a strange situation where the infrastructure of the consumer or customer is behind some kind of firewall and they have always used some kind of customized proxy. In this situation, the ATP has a very tough time to pass the information to the cloud and back. To fix, it requires a more elaborate and complex configuration for that particular case."
"The support has dropped down to a five out of ten."
More Symantec Advanced Threat Protection Pricing and Cost Advice →
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Symantec Advanced Threat Protection is ranked 18th in Advanced Threat Protection (ATP) with 14 reviews. NetWitness Platform is rated 7.4, while Symantec Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Provides end-to-end antivirus protection and has good stability ". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Symantec Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Microsoft Defender for Office 365, Trellix Network Detection and Response, Check Point SandBlast Network and Fortinet FortiSandbox. See our NetWitness Platform vs. Symantec Advanced Threat Protection report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.