We performed a comparison between Vectra AI and VMware NSX based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"Vectra AI is the best. It is a major product in our cybersecurity."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."
"The packet-capturing feature is very useful."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"To be able to do the DR and SRM migrations from datacenter to datacenter, we're able to do them with SRM with VXLAN, with the NSX product."
"This solution comes with an API that can easily integrate with other solutions."
"The most valuable feature of VMware NSX is the ability to set up virtual networking environments."
"The most valuable feature of VMware NSX is the load balancing and routing of firewall rules. Many of the features are beneficial."
"The most valuable feature is the integration with the firewall."
"The we can actually extend Layer 2 networking across datacenters, and also Layer 3 networking, which comes along with it."
"I really like the management dashboard, the tailor-made assurance, the telemetry, and the ease of integration with all other solutions of VMware, such as vSphere."
"The ability to scale from different clouds. At the moment, the scalability of the product is the number one thing that I saw."
"Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"If you're worried that NSX is too complex, I would tell you to take another look. If you compare NSX to a similar solution you might find it to be a bit more complex. Usually, the guy that comes in to implement NSX isn't the network guy and will lack the knowledge for the program. He can lack the knowledge for this program and will therefore think it's complex. You need somebody with network experience."
"The solution is quite complex. You need to keep your thinking cap on and know what you are doing: Go to the training and listen to the solution architects when they come in because they have a lot of knowledge."
"The setup of the solution could be simplified."
"The solution could improve by having a more streamlined setup."
"VMware NSX should be able to scale for different customers, even the big ones. Its scalability needs improvement. Stability for it should also be improved."
"They have some limitations in the firewall features as compared to the on-prem or dedicated hardware appliance. They can add more features, such as IPS and IDS, to the cloud firewall."
"It could be more user-friendly, but it's manageable. When we add a specific node to this particular NSX and the configuration changes, it won't push through the errors where required, but it'll accept it. However, while using it, we will have issues. It can also be more stable."
"We have done three installations and we have not had any critical issues. The time it took for the installation was approximately two days. However, they should provide better documentation."
Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews while VMware NSX is ranked 2nd in Network Virtualization with 94 reviews. Vectra AI is rated 8.6, while VMware NSX is rated 8.0. The top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". On the other hand, the top reviewer of VMware NSX writes "Allows for seamless micro-segmentation and the support is exceptional". Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Trellix Network Detection and Response, whereas VMware NSX is most compared with Nutanix Flow Network Security, Illumio, Akamai Guardicore Segmentation, Cisco ACI and Cisco Secure Workload.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.