I have not worked much on LogRhythm NetMon to be able to comment on what needs improvement in the product since there is another team in our company that is working on the solution presently. LogRhythm NetMon's pricing model is an area of concern that should be made a little bit cheaper in comparison to the other players in the market currently. With players like IBM QRadar that propose QNI or Darktrace in the market, LogRhythm NetMon needs to consider a reduction in its pricing model.
There is an issue with tunneling in relation to how the connectivity is established between the end devices and where NetMon is installed. On the console, I often observe that there's a difference of a few seconds or maybe a minute, and this lag time should not be there. The console can be improved in terms of access. It takes time to load the whole tool, though it might not all be related to NetMon. It could be related to the server. If there are a lot of VPN hops in between, then there will be the possibility of lag time.
The training for this product is not very good and needs to be improved. For example, the instructor came with a specific outline and does not like to go outside of the box. There should be documentation the describes more use cases and how to implement them.
Product Technical Manager at a tech company with 1-10 employees
Real User
2020-03-18T06:06:04Z
Mar 18, 2020
Our customers would always like to see additional features. Ideally, they want one solution to do everything, particularly with networking products. Often customer request features that are related to their day-to-day operation such as traffic congestion and network usage at a specific endpoint. Adding operational flavor into the existing network threat detection product would allow more customers to use a single platform to satisfy all their networking visibility needs. I'd like to see more of these types of visualization or dashboard geared toward this kind of usage is built out of the box and ready to use. Also, having network topology visuals from a specific endpoint can be a great feature that would help correlate and investigate faster.
Data Security Architect at a comms service provider with 1,001-5,000 employees
Real User
2019-02-24T10:18:00Z
Feb 24, 2019
I would like to see better integration with multiple products. Integration is not something that is readily available for most of the products. I would also like to see some more customization with the analytics that LogRhythm offers because there are competitive solutions on the market that get much more analytics, unlike LogRhythm. We have second-hand features when we look at the analytics portion of it. Otherwise, the solution is good but I'm expecting a little more in analytics.
I have not worked much on LogRhythm NetMon to be able to comment on what needs improvement in the product since there is another team in our company that is working on the solution presently. LogRhythm NetMon's pricing model is an area of concern that should be made a little bit cheaper in comparison to the other players in the market currently. With players like IBM QRadar that propose QNI or Darktrace in the market, LogRhythm NetMon needs to consider a reduction in its pricing model.
There is an issue with tunneling in relation to how the connectivity is established between the end devices and where NetMon is installed. On the console, I often observe that there's a difference of a few seconds or maybe a minute, and this lag time should not be there. The console can be improved in terms of access. It takes time to load the whole tool, though it might not all be related to NetMon. It could be related to the server. If there are a lot of VPN hops in between, then there will be the possibility of lag time.
Sometimes it's hard to find the network devices' self-audit logs.
The training for this product is not very good and needs to be improved. For example, the instructor came with a specific outline and does not like to go outside of the box. There should be documentation the describes more use cases and how to implement them.
Our customers would always like to see additional features. Ideally, they want one solution to do everything, particularly with networking products. Often customer request features that are related to their day-to-day operation such as traffic congestion and network usage at a specific endpoint. Adding operational flavor into the existing network threat detection product would allow more customers to use a single platform to satisfy all their networking visibility needs. I'd like to see more of these types of visualization or dashboard geared toward this kind of usage is built out of the box and ready to use. Also, having network topology visuals from a specific endpoint can be a great feature that would help correlate and investigate faster.
I would like to see better integration with multiple products. Integration is not something that is readily available for most of the products. I would also like to see some more customization with the analytics that LogRhythm offers because there are competitive solutions on the market that get much more analytics, unlike LogRhythm. We have second-hand features when we look at the analytics portion of it. Otherwise, the solution is good but I'm expecting a little more in analytics.