Coming October 25: PeerSpot Awards will be announced! Learn more

RSA NetWitness Network OverviewUNIXBusinessApplication

RSA NetWitness Network is #9 ranked solution in top Network Detection and Response (NDR) tools and #10 ranked solution in Network Traffic Analysis tools. PeerSpot users give RSA NetWitness Network an average rating of 8.0 out of 10. RSA NetWitness Network is most commonly compared to Darktrace: RSA NetWitness Network vs Darktrace. RSA NetWitness Network is popular among the large enterprise segment, accounting for 64% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Buyer's Guide

Download the Network Traffic Analysis (NTA) Buyer's Guide including reviews and more. Updated: September 2022

What is RSA NetWitness Network?

RSA NetWitness® Network exposes network data to enhance a security
team’s capabilities to detect and respond to today’s advanced threats. RSA
NetWitness Network provides immediate deep visibility for rapid detection,
efficient investigation and forensics, in order to reduce dwell time. With
unparalleled speed for real-time behavior analytics, RSA patented technology
accelerates detection and investigation of threats as they traverse your
network. RSA NetWitness Network provides real-time visibility into all your
network traffic—on premises, in the cloud and across virtual environments.
RSA NetWitness Network enables threat hunting with streamlined workflows
and integrated, automated investigation tools that analysts use to hunt
and monitor the timing and movements of threat actors. Through a unique
combination of behavioral analytics, data science techniques and threat
intelligence, RSA NetWitness Network detects known and unknown attacks
that put organizations at risk.

RSA NetWitness Network Customers
Busan Bank, Banorte Bank, Eastern Bank
RSA NetWitness Network Video

RSA NetWitness Network Pricing Advice

What users are saying about RSA NetWitness Network pricing:
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."
  • "We are on a three-year contract to use RSA NetWitness Network."
  • "It is an expensive product."
  • RSA NetWitness Network Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Manager, Soc
    Real User
    Top 20
    Log correlation is good, but the solution is slow and there are many licensing complications
    Pros and Cons
    • "The log correlation is good."
    • "The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."

    What is our primary use case?

    The product is mainly used for security, log reviews, and monitoring.

    In India, mostly on the requirement segment, we don't deploy the solution on the cloud. We use the solution on-premises.

    What is most valuable?

    The log correlation is good. There may be some benefits to the solution, but most of my time has gone to configure it rather than to work with it. So maybe I'm not so aware of that.

    What needs improvement?

    The problem with this product is that it's a bit slow. I am not very happy with this product. In the past, I have worked with a different tool, which was only maintaining a log, but I found that solution much better than NetWitness. It is not properly configured yet.

    One part of this product that needs to be improved is the log passing. Often, it doesn't work or logs go missing. There are many licensing complications as well.

    For how long have I used the solution?

    I have been working with this product for almost one year. I'm not working directly with the product. I do the implementation for companies. We use the latest versions of the solution.

    I'm technically not hands-on with these tools because I manage the team, so I am not exposed to anything.

    Buyer's Guide
    Network Traffic Analysis (NTA)
    September 2022
    Find out what your peers are saying about RSA, Darktrace, ExtraHop Networks and others in Network Traffic Analysis (NTA). Updated: September 2022.
    635,987 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    My own network is very complex. It might be stable, but many times, even our appliances are not. We have had improper shutdowns, so I will not blame RSA. If an improper shutdown happens, then it takes a lot of time to make it up. It doesn't work until you start the machine, and it will work. Finally, you have to get a ticket, then they will do lots of things on them. The services will start and then it will work. We've been having some power issues in my previous assignments, and a lot of trouble in that way.

    What do I think about the scalability of the solution?

    The solution is scalable. It creates 3,000 lab logs per second. I think the solution is suitable for large companies, or medium to large companies.

    How are customer service and support?

    I don't think RSA has good support.

    How was the initial setup?

    The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is troubleshooting and working with technical support. Log passing is also one of the biggest challenges. Sometimes you don't get the logs, but even when we make the log passes, they don't work. They suddenly stop working. It might just be a problem from my side as well, but the end result is that it is not working as smoothly as it should.

    Deployment time just depends on different circumstances. Many times, our men were unable to get to the data center. There were some wiring problems and improper shutdowns. We did have trouble with connecting with other people in our department. It took an unusual amount of time. I think we should have been done in 45 to 60 days, but it took us more than eight or nine months to get it done. The deployment time just depends on the current scenario. Tech support would say, "We don't do this, we don't do that. You have to purchase that service and that service."

    What's my experience with pricing, setup cost, and licensing?

    The pricing is not very economical. It is a costly product for India. When you purchase it, you have to purchase a module separately.

    What other advice do I have?

    I would rate this solution 4 out of 10. I would not suggest that someone use this solution because support is a main issue. I would prefer to go with IBM QRadar or some other new AI-based tools.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    SupravatMaji - PeerSpot reviewer
    Associate Vice President - IT Security at Inspira Enterprise
    Real User
    Top 20
    Beneficial single unified dashboard, good native application integration, and high availability
    Pros and Cons
    • "The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
    • "RSA NetWitness Network could improve on integration with non-native application integration."

    What is most valuable?

    The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good.

    What needs improvement?

    RSA NetWitness Network could improve on integration with non-native application integration.

    For how long have I used the solution?

    I have been using RSA NetWitness Network for approximately three years.

    What do I think about the stability of the solution?

    RSA NetWitness Network on-premise is stable. I have not used the version to compare.

    What do I think about the scalability of the solution?

    RSA NetWitness Network could improve scalability. The process is simple you can stack on devices. It can scale horizontally and vertically.

    How are customer service and support?

    The technical support from RSA NetWitness Network is good because the response time is fast. Whenever you raise a request, we receive a response. It's not immediately but based on the priority, and on the server, we have a response. 

    How was the initial setup?

    The initial setup of the RSA NetWitness Network is fine. The device setup is easy. However, we need professional services for creating dashboards and other aspects. 

    What about the implementation team?

    We used professional service for some of the implementation aspects.

    What was our ROI?

    We have seen a return on investment using RSA NetWitness Network.

    What's my experience with pricing, setup cost, and licensing?

    We are on a three-year contract to use RSA NetWitness Network.

    What other advice do I have?

    My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable.

    I rate RSA NetWitness Network a nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Network Traffic Analysis (NTA)
    September 2022
    Find out what your peers are saying about RSA, Darktrace, ExtraHop Networks and others in Network Traffic Analysis (NTA). Updated: September 2022.
    635,987 professionals have used our research since 2012.
    Maged Magdy - PeerSpot reviewer
    Security Consultant at Global Solutions
    Real User
    Top 5Leaderboard
    Great visualizations, stable, and easy to use and deploy

    What is our primary use case?

    It is our all-in-one platform for logs and packets for our network and for EDR.

    What is most valuable?

    It is very easy to use, and its usability is great. The use cases are also very easy. 

    The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great.

    What needs improvement?

    Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training.

    For how long have I used the solution?

    I have been using this solution for about two or three years.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    It is not meant for small businesses. It is for medium to very large enterprises.

    How are customer service and technical support?

    They have very good staff in tech support.

    How was the initial setup?

    Its installation is easy. 

    What about the implementation team?

    I did it myself.

    What's my experience with pricing, setup cost, and licensing?

    It is an expensive product.

    What other advice do I have?

    I would rate RSA NetWitness Network a ten out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Amr Abdelaziz - PeerSpot reviewer
    Information Security Specialist at Masria Digital payments
    Real User
    Top 20
    A stable solution with a user friendly interface

    What is our primary use case?

    We use this solution for network security.

    What is most valuable?

    The interface of this solution is very flexible and easy to use.

    What needs improvement?

    We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues.

    For how long have I used the solution?

    We have been using this solution for two months.

    What do I think about the stability of the solution?

    We have found this solution to be stable so far.

    How was the initial setup?

    The initial setup of this solution is straightforward.

    What other advice do I have?

    I would rate this solution a nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free Network Traffic Analysis (NTA) Report and find out what your peers are saying about RSA, Darktrace, ExtraHop Networks, and more!
    Updated: September 2022
    Buyer's Guide
    Download our free Network Traffic Analysis (NTA) Report and find out what your peers are saying about RSA, Darktrace, ExtraHop Networks, and more!