IT Central Station is now PeerSpot: Here's why

RSA NetWitness Logs and Packets (RSA SIEM) Valuable Features

Mahesh Suryawanshi - PeerSpot reviewer
Program Manager at EGYANAM TECH

We have not evaluated this tool. It is evaluated by the client's company directly. That said, I have found it has good threat intel insights, comparatively speaking. 

From the client-side, there are economical kinds of features.  It's quite economical compared to other solutions in the market. 

The solution is scalable. 

The technical support is very good.

View full review »
IO
Solution Specialist- Data Protection at a tech services company with 11-50 employees

The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs. So, the capture packet also gives you specific insight into what's going on in the network, and it makes your trace investigation much more comprehensive.

The user interface is fine.

View full review »
ST
Manager at a comms service provider with 10,001+ employees

The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools.

View full review »
Buyer's Guide
RSA NetWitness Logs and Packets (RSA SIEM)
June 2022
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,812 professionals have used our research since 2012.
Seakr Dg - PeerSpot reviewer
Security Operations Manager at a computer software company with 1,001-5,000 employees

The newer 11.5 version that my team is using has found it to have good mapping.

View full review »
Rahul Patel - PeerSpot reviewer
Cyber security Lead at a manufacturing company with 1,001-5,000 employees

The wireless feature is good, it tells you when to check a spot, which file it has used to encrypt, whether it is spreading and how many hosts have been infected. It's about data analysis. Looking at the network logs, it's difficult to figure out where the problem is coming from and where it's going, but those kinds of features help me a lot. The solution provides lots of automatic rules which is helpful. Technically speaking, this is a good product. 

View full review »
AR
Associate Manager Human Resources at a financial services firm with 1,001-5,000 employees

The most valuable features are the packet inspection and the automated incident response.

View full review »
LB
Presales Manager at a tech services company with 51-200 employees

It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets. I think the most important thing was that it gives the customer the capability to discover and respond to an incident. It gives customers visibility about their most important servers and devices.

Regarding the packet model, the most important thing is how easy it is to rebuild the raw data. Through one click, you can see an email that was sent even without accessing the mailbox from the user. It's easy to rebuild the raw data, especially the packet.

View full review »
MT
Security Engineer/Architect at Telecom Italia

The most valuable feature is the security that it provides.

The log-related capabilities are good.

It integrates well with other risk-assessment tools.

View full review »
PR
Analyst at Microland Limited

What we are mainly using are the RSA Concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.

View full review »
Buyer's Guide
RSA NetWitness Logs and Packets (RSA SIEM)
June 2022
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
610,812 professionals have used our research since 2012.