We performed a comparison between Splunk Enterprise Security and vRealize Network Insight based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."It follows MITRE ATT&CK and Cyber Kill Chain frameworks. There are certain notable events for which we can configure our security posture."
"Splunk Enterprise Security is a standard solution providing good customer service and partnership."
"It is easy to use, and easy to implement."
"It is easy to use in any environment."
"The breadth of the data sources that Splunk can ingest data from is broad and deep and it does an exemplary job at handling structured data."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"We have a more secure, robust environment, which keeps the harmful software out of the zone required."
"Splunk has helped improve our company's resilience level."
"It allowed us to set up NSX and to do microsegmentation, without all of the pain points of having to determine each port and each IP address that needed to have access, and which ones needed to be blocked."
"The most valuable feature for us is that insight into what our network is really doing - it's a fairly complex network. Not having to go through thousands of lines of network configuration to find firewall ports that were open or closed, for various ports, was very valuable. It went out and found everything we need very quickly."
"It provides deep visibility into what is happening with traffic and helps us manage our network."
"By doing dependency mapping, it makes migrations more efficient. There are less outages that require engineers to spend additional hours troubleshooting the migration failures."
"It allows us to see how the network devices function as well as to see network glitches or fluctuations or dropping of packets."
"It has really tightened down the security. That was something that we were lacking. It has also given us deep visibility into our network. We can really get down and see all of the traffic within the data center, between the VMs, between the applications, database servers, other application servers, web servers. We can identify everything that is communicating, and we can see it all on one product."
"The most valuable feature is being able to easily see the path that the VM traffic is taking, what ports are in use."
"I like being able to see the flows coming in and out of the product. In terms of monitoring network flows, we use it to verify whether or not different servers/applications should be communicating with each other."
"I would like Splunk to add more integration. QRadar has many indications with more products than Splunk."
"It's costly."
"I have concerns about the architecture as well since I can see it is not very well defined."
"It needs to improve the way to install third-party apps and enable installation without logging into splunk.com."
"Splunk ES could have more pre-built integrations and rules. The detection is fairly accurate, but it depends on the rules you create. Splunk's out-of-the-box configuration isn't that useful."
"Splunk can improve its third-party device application plugins."
"It requires a significant amount of relatively complex architecture once you push past the single server instance."
"I'd like to see more integration with more antivirus systems."
"When we talk about those micro-segmentation rules, there's an Export function. It is very macro-segmentation oriented instead. So if you choose an application, it will find the tiers within that application and say that it's communicating on, say, port 80 to a separate VLAN. There might be 200 machines in that other VLAN. You don't want to open port 80 at all of them. So we need a lot more granularity in those suggested firewall rules."
"The only issue we have is that the solution does not always capture the host names."
"There's enough information there, especially in the visualizations, but I would love to see this in a kiosk mode, where I could have a dashboard for interested stakeholders to see and appreciate what's going on. Then, moving on to a more practical level for our Help Desk, our operations team could benefit by seeing, in real-time, a visual view of the network."
"The compatibility with each and every component of the infrastructure is the main thing that I am looking for. I would like them to make sure that it's compatible with different kinds of storage systems, etc. I have seen the compatibility list. I feel it can be more compatible than it is right now."
"There could be some deeper analytics into packet inspection and trace flows. It could use some kind of machine learning to look at Layer 7 traffic for potential malware or corrupt packets."
"There is room for improvement when it comes to pricing because we pay here in Brazil, and all the costs are based on the dollar."
"It just needs to be more reliable and more accurate. At some point, there are some things where it does not match properly."
"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern."
Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 246 reviews while vRealize Network Insight is ranked 23rd in IT Infrastructure Monitoring with 44 reviews. Splunk Enterprise Security is rated 8.4, while vRealize Network Insight is rated 8.6. The top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, AppNeta by Broadcom, Zabbix and ExtraHop Reveal(x) for IT Operations.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.