2018-07-04T06:10:00Z

What advice do you have for others considering NetWitness XDR?

Julia Miller - PeerSpot reviewer
  • 0
  • 4
PeerSpot user
14

14 Answers

AO
Real User
Top 20
2022-09-23T08:47:44Z
Sep 23, 2022

I'd rate the solution a six out of ten.

Search for a product comparison
Amr Abdelaziz - PeerSpot reviewer
Real User
Top 20
2022-08-17T12:16:45Z
Aug 17, 2022

I would rate this solution a nine out of ten.

HS
Real User
Top 20
2022-08-11T09:05:54Z
Aug 11, 2022

I would give NetWitness Endpoint a rating of seven out of ten because it's missing the features of modern EDR solutions.

SupravatMaji - PeerSpot reviewer
Real User
Top 20
2022-06-23T13:13:23Z
Jun 23, 2022

My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable. I rate RSA NetWitness Network a nine out of ten.

HT
Real User
Top 20
2022-05-21T05:03:16Z
May 21, 2022

I rate this solution eight out of 10.

HananSyed - PeerSpot reviewer
Real User
Top 20
2022-04-25T12:01:32Z
Apr 25, 2022

I would recommend others to use RSA NetWitness Endpoint at this time because they have evolved from an MD to an EDR solution to an XDR solution. They have a single solution in which they can pivot from the NetWitness to the endpoint. Everything is combined in a single pane of glass. Earlier, they used to have distinct solutions. The NetWitness EDI used another pane of glass and then the EDR used a different one. Now the EDR and MDR have been combined into a single solution. That is an advantage from the security perspective. They can use a lateral movement and see all aspects in a single pane of glass. It's an easy investigation for everyone. I would definitely recommend this solution. I rate RSA NetWitness Endpoint an eight out of ten.

Find out what your peers are saying about NetWitness, VMware, CrowdStrike and others in EPP (Endpoint Protection for Business). Updated: March 2024.
765,386 professionals have used our research since 2012.
PS
Real User
2021-11-23T19:14:24Z
Nov 23, 2021

I would rate this solution 4 out of 10. I would not suggest that someone use this solution because support is a main issue. I would prefer to go with IBM QRadar or some other new AI-based tools.

TM
Real User
Top 10
2021-09-16T15:38:37Z
Sep 16, 2021

Those looking to implement RSA NetWitness Endpoint should do a comprehensive assessment of their environment to check whether they really need the solution. Sometimes you buy the solution and you do not have the right people to use it. Ensure that you invest in the right expertise to use it because after you invest in people, then you invest also in the processes and technologies. If you have the technology but and you do not have the expertise to operate the solution it will not be useful. I rate RSA NetWitness Endpoint a ten out of ten.

MM
Real User
2021-03-05T17:21:52Z
Mar 5, 2021

I would rate RSA NetWitness Network a ten out of ten.

TM
Real User
Top 10
2020-06-08T06:12:00Z
Jun 8, 2020

This is a product that I recommend. My advice for anybody who is implementing it is to make sure that they have somebody who understands it very well. Having somebody who will configure it properly is the right way to have it generate the output that you want. Also, you have to make sure that all of the endpoints are up to date. They have to be online all of the time so that you're able to have visibility on any compromises that may happen. If an endpoint is instead offline, it becomes difficult to investigate or to monitor compromises or malware. I would also suggest deploying a virtual environment. By doing so, it can be cloud-based, and what you need to do is called Event Source Onboarding. This is the process whereby you are providing the consultant with the events that you want to collect data from. In my opinion, this is the best platform, world-wide, and I am happy with it. I would rate this solution a ten out of ten.

DJ
Real User
2020-02-02T10:42:05Z
Feb 2, 2020

Architects love to use this tool, but the analysis is very complex, which is the point of NetWitness Network. It's not the best, but it's good. The analytics is probably a ten but because it is complex, but overall, I would rate this solution an eight out of ten.

HS
Real User
Top 20
2020-01-16T08:44:00Z
Jan 16, 2020

We use the on-premises deployment model. The contamination should be improved. If a new user needs better contamination capabilities, they should use something else. I'd rate the solution seven out of ten. If it offered better triaging of incidents, I'd rate it higher.

TM
Real User
Top 10
2019-07-16T05:41:00Z
Jul 16, 2019

My advice would be to go for it! It's a good solution and you will always have visibility over suspicious compromisers. It's an interesting solution that is very easy to deploy and you won't know there is this endpoint solution in your environment until someone tells you so. I rate this solution a ten out of ten.

AA
Real User
2018-07-04T06:10:00Z
Jul 4, 2018

I would highly recommend the solution. Just go ahead and get it. It is the best you can get. We chose a solution of RSA endpoint protection because of the value proposition they offered. It became clear that they have the right solution for a serious enterprise and the security operation center (SOC), and they offered the right value. It meets our major requirements and gives you peace of mind.

EPP (Endpoint Protection for Business)
A business endpoint is any device (such as mobile phone, desktop, laptop, tablet, server, or any virtual environment) that is physically an endpoint on a business’s enterprise computer network.
Download EPP (Endpoint Protection for Business) ReportRead more