We changed our name from IT Central Station: Here's why
Get our free report covering Fortinet, Cisco, Cisco, and other competitors of Palo Alto Networks WildFire. Updated: January 2022.
563,208 professionals have used our research since 2012.

Read reviews of Palo Alto Networks WildFire alternatives and competitors

Bálint Kamarás
Lead IT Security Consultant at Compliance Data Systems Kft.
Consultant
Top 5
Good incident management and great integrations but needs to improve its on-premises appliances
Pros and Cons
  • "The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration."
  • "Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly."

What is our primary use case?

We primarily use the solution for its integration capabilities.

What is most valuable?

Their integrations are pretty good as are their Sandbox solutions, their proxies, and their LTAs with API or ICAP protocols.

Symantec has good experience in the field. They're good at picking up on trends.

They have one of the biggest background cloud networking internet solutions due to the fact that they have a lot of customers everywhere in the world and they have a lot of data.

The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration.

If you have to integrate it with CM solutions, you can correlate data more with other solutions, for example, with firewalls. The result of this integration is that it gives you much more information. 

There are customers where the engineers have enough time to investigate all of the incidents. However, you can also collect this data in a CM and then in an incident and response management solution. It ends up saving a lot of time

What needs improvement?

Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly.

Symantec ATP doesn't offer add-ons or anything of that nature. It's a closed architecture, a closed system. It's based on a Linux OS, and we haven't got a lot of privileges to change anything.

That said, if you are integrated with content analysis, then you have to use a lot of very good add-ons for the content analysis to find and analyze and investigate. If you only have ATP it's not enough to be effective. You have to use other solutions from Symantec, like its content analysis. You have to integrate the messaging gateway or email security and so on. 

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is mostly stable. However, these types of solutions can be blocking items and will need to be adjusted. If you have any LAN, for example, and an on-premise solution, then you need to change it. When you do you will lose the connection. Therefore, if you have LAN solution, you need to change the mode out of work hours.

What do I think about the scalability of the solution?

In terms of the on-premises appliances, you need very big appliances to handle the storage. Users of on-premises solutions really need to size things up correctly at the outset, as it isn't easy to scale a physical environment.

How are customer service and technical support?

We've contacted technical support in the past. 

As of right now, with the Broadcom acquisition, many people are changing roles which causes support to be rather slow. The senior engineers are now moving to premium support. Due to these changes the customers aren't the happiest as they have to wait longer for help or information. This has only been happening for about a year, which, in thte scheme of things, isn't too long.

Which solution did I use previously and why did I switch?

We've worked with Palo Alto in the past and have just started using Check Point.

How was the initial setup?

Whether the initial setup is straightforward or complex depends on on the company and its requirements and if it plans to integrate the solution into other products.

Deployment times vary; it really depends on the organization's existing architecture and on the integration. For example, if you like to only implement systems for the EDR facility, all the EDR, along with the manager, is a pretty fast process. However, if you would like to integrate it with your email security or with your web proxy, or with anything else, that will be complicated and will lengthen the processes. The implementation can take anywhere from one month to one year.

What's my experience with pricing, setup cost, and licensing?

The solution isn't the least expensive option. Other solutions do cost more, however.

What other advice do I have?

We have been platinum partners with Symantec.

The solution is at a bit of a crossroads due to its acquisition by Broadcom and they changed their EDI solution because Broadcom had an EDI network solution too. There were EDI scanners in the network, but it's on the side. Now they have a new direction in this area, due to the fact that they want to solve these processes only from the endpoint side. Frankly, I am still waiting for the restart of this new direction. I do not think it's enough. 

While most deployments are using on-premises, we have some hybrid and cloud solutions too. It depends on the customer.

Whether or not this is a suitable solution for a company depends on its network and requirements. Different products offer different benefits. A company needs to shop around to see which fits best. For example, it's not the best solution for enterprise companies. Also, their price is not the cheapest, however, there are many more that are more expensive as well. 

I'd rate the solution seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Security Engineer at a computer software company with 1,001-5,000 employees
Real User
Top 10
Effective behavior analysis, useful manual scan, and overall comprehensive features
Pros and Cons
  • "The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs."
  • "The reporting tools could be improved in Fortinet FortiSandbox."

What is our primary use case?

We are using Fortinet FortiSandbox to inspect and scan all our files. All the files inside our organization that is transferred through the company. The solution scans the files inside the PSVM because it has many VMs inside the FortiScan. It's working on zero-day attacks and not based on the signature of the threat. It's based on behavior analysis.

What is most valuable?

The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs.

Fortinet FortiSandbox has manual scan features. We have other sandboxes solutions from other vendors but they don't have this feature. It allows you to interpret or intervene in the scan whatever you want. It is a SOC analyzer, and it is called Manual Scan or something similar. Comparing this feature to other vendors, it's very good.

What needs improvement?

The reporting tools could be improved in Fortinet FortiSandbox.

For how long have I used the solution?

I have been using Fortinet FortiSandbox for approximately six years.

What do I think about the stability of the solution?

The stability of the solution is good.

What do I think about the scalability of the solution?

We have not tried to scale the solution, it has been working fine for what we have been using it for at this time.

We have approximately 50 devices and 1,000 to 2,000 files being scanned daily.

We use the solution extensively.

Which solution did I use previously and why did I switch?

We use similar sandbox solutions from Forcepoint and Palo Alto.

How was the initial setup?

The installation of Fortinet FortiSandbox is very easy.

What about the implementation team?

We did the implementation ourselves.

What's my experience with pricing, setup cost, and licensing?

We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well.

What other advice do I have?

I would recommend Fortinet FortiSandbox to others, it is the most comprehensive sandbox available.

I rate Fortinet FortiSandbox an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Senior Network Engineer at a tech services company with 201-500 employees
Real User
Top 20
Easy to manage, scalable and stable
Pros and Cons
  • "The solution is very stable. I would estimate it's 99.9% stable, if not more."
  • "Technical support is something that needs improvement."

What is our primary use case?

We primarily implement the solution for our clients.

What is most valuable?

The solution assures that we can manage all our other relevant related solutions from one place. Clients can manage everything - the data center firewall, the perimeter firewall, and the cloud, etc. They can have one single consolidated management that makes everything more visible and transparent from one place.

What needs improvement?

We recently upgraded to the latest release of the new version, IP40. Since it is new, whatever features that were not there in the IP30 version, have been added to IP40. Right now, we are gradually going through it, so I cannot say what might be lacking just yet. 

Technical support is something that needs improvement.

For how long have I used the solution?

We've been using the solution for two years.

What do I think about the stability of the solution?

The solution is very stable. I would estimate it's 99.9% stable, if not more.

What do I think about the scalability of the solution?

The solution is extremely scalable. It's not difficult to expand it as necessary.

How are customer service and technical support?

Technical support is good. They have a team in Dubai that is taking care of the Middle East. First, we will try to contact them, and if they are busy they normally will escalate the request to another office. They're quite good and have been very helpful. We've been satisfied with the level of support and the amount of access they give for assistance. However, they could provide additional materials to us so that we don't have to reach out to them directly.

Which solution did I use previously and why did I switch?

We mostly promote this solution, but we also work with Palo Alto and Fortinet.

What other advice do I have?

We are an integrator as well as a partner. 

I'd rate the solution ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Get our free report covering Fortinet, Cisco, Cisco, and other competitors of Palo Alto Networks WildFire. Updated: January 2022.
563,208 professionals have used our research since 2012.