ExtraHop Reveal(x) for IT Operations Reviews

ExtraHop is basically an NDR solution - Network Detection and Response. It's a cloud-based offering.

If you want to look at real-time traffic to see what's happening in and out, in terms of malicious traffic throughout the network, you can reveal the suspicious activity using the ExtraHop NDR solution. 

It maps the complete network topology so it looks for devices and it builds a complete network, builds a path. It looks for the misconfiguration of the devices and so on. It gives you full 360-degree visibility into your entire infrastructure. For example, it can show you what components are residing, what vulnerabilities it has, and so forth.

When it comes to ExtraHop, it has a very useful feature. Not only can you look at the protocol import level. It also has a live PCAP analysis. Therefore, even if you have PCAP files, Packet Capture files, you can run and have a live recording of the PCAP. That's something this is unique. Otherwise, it's very similar to NetBrain. I wouldn't call it an NDR, however, ExtraHop is mainly comparable to an NDR provider.

The solution is stable.

The setup is simple. 

The solution could get more aggressive in the discounting of the overall cost.

Support could be better. We'd like to see a local presence within the region in order to have seamless service whether it's the support, the implementation, or professional services.

As resellers, we've proposed this product on a number of projects.

The solution is stable and reliable. There are no bugs or glitches and it doesn't crash or freeze. 

The solution is scalable in the sense the appliance is size-based on the throughput - how much traffic pipe you want to ingest. It's a license-based product and the way it is set up makes it scalable.

For example, if you got an appliance of GB, and, after one year, if you wanted to increase the throughput of that appliance, you could simply buy the original license. It's a software upgrade.

In terms of support, it's always being backed from HQ. A lot of these vendors nowadays, such as ExtraHop or Fidelis, don't have a local support center here based in like UAE. I'm based in UAE. However, they enable using the support through HQ (which is not in UAE). 

With the first level of support, you will receive help from the sales engineer and through your partners or distributors who are based within the specific region. They will guide you. However, in case of a disaster, a software upgrade, or malfunctioning of the software, then you will have the proper technical support that's based somewhere in the US.

Support doesn't have to be faster as this solution is not a very critical solution. It will not impact or bring down your production. It's an out-of-the-box solution. Even if it is down for eight hours, there is no downtime or impact on the production networks. Therefore a lot of vendors are providing the standard support that's basically the next business day or the same day.

I'm also familiar with NetBrain, which is more of an NDR solution.

The product offers a simple, straightforward setup. It's not overly complex or difficult. 

Price-wise, it's head to head in cost compared to the other competitors. They're not selling their product at a premium. It's comparable to the market competitors. It's in the same range. It's also subscription-based licensing. The terms can last up to three years. 

We are a reseller. The solution can be used both on the cloud and on-premises. 

I'd recommend the solution in general.

I'd rate it eight out of ten.