We performed a comparison between NetWitness Platform and Symantec Advanced Threat Protection based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the security that it provides."
"The most valuable features are the integration and ease of use."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Offers a good wireless feature."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The most valuable feature is NetFlow threat protection."
"What I like most about Symantec Advanced Threat Protection is its notification capability."
"It has certainly helped out our audit efforts because we each stay compliant in terms of various security standards."
"Symantec Endpoint Protection provides end-to-end protection. Along with antivirus protection, it has a lot of key areas, including intrusive prevention, firewall features, and application and device control."
"They manage to solve detection quite nicely. There is some rather elaborate detection compared to other providers."
"You don't have to buy a separate email security platform. You can enable that using their endpoint, and I like that. You don't have to have two agents running on the same box."
"Technical support has been helpful and responsive."
"All of the solution's features are quite valuable for us. We especially like the threat protection it provides."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The implementation needs assistance."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The user interface is a little bit difficult for new users and it needs to be improved."
"More customizability is required, which is something that they need to improve on."
"Its technical support could be better."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"The initial setup is very complex and should be simplified."
"There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed."
"The product's support services need improvement."
"The support for new OSs and older OSs could be a little tighter. They need to be more upfront about what protection services they're going to provide on new OSs. I haven't seen the Windows 11 version out yet. It is either already released in Beta, or the Beta will be released soon. There could be a little bit more advanced updates on what they're doing to help protect Windows 11 environments. They can let us know in advance so that we know it is going to be protected. We can't roll out the new OS without putting end-point protection on it. So, they should tell us what is their support model for that, and what are they doing to protect Windows 11. They're not telling me, and that's a criticism. The same issue is applicable to all the other antivirus tools. It is not just Symantec; all of them have this problem."
"The administration interface needs a lot of improvement. It should be UI based, and simple. They need to improve it. It's pretty much not that friendly compared to what we were using as Bitdefender before. It's okay but is improving, actually."
"Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly."
"It should be able to collect information if the agent is disabled."
"Scalability could be better."
"An improvement could be made on the reporting because then it would be easier to collect information and submit it for compliance."
More Symantec Advanced Threat Protection Pricing and Cost Advice →
NetWitness Platform is ranked 18th in Log Management with 36 reviews while Symantec Advanced Threat Protection is ranked 21st in Advanced Threat Protection (ATP) with 14 reviews. NetWitness Platform is rated 7.4, while Symantec Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Provides end-to-end antivirus protection and has good stability ". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel, whereas Symantec Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Check Point SandBlast Network, Microsoft Defender for Office 365, Trellix Network Detection and Response and Fortinet FortiSandbox. See our NetWitness Platform vs. Symantec Advanced Threat Protection report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.