We performed a comparison between Fortinet FortiSandbox and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well."
"It is a stable solution."
"The solution has the highest stability...The solution's setup is not complex as they are already included in Fortinet."
"It is an easily scalable solution."
"FortiSandbox helps us handle unknown threats. Every vendor is competing for who can detect an unknown threat the fastest. Fortinet is competitive in the market."
"The analysis engine is a very valuable feature."
"One of the valuable features is its ability to detect new threats."
"The real-time analysis capability of FortiSandbox is beneficial for email analysis."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"It's quite economical compared to other solutions in the market."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable features are the threat prediction and network forensics."
"The response time from technical support should be improved."
"Most people are confused about how to use the right integration of the right Fortinet product."
"It would be better if it had support for Mac and Linux."
"Sometimes, there are issues upgrading the version of the firewall or the SD-LAN box. After we upgrade to the latest version of the software, we still have the same box. I think it's the same for every vendor."
"The initial setup of Fortinet FortiSandbox is complex. You cannot only deploy Fortinet FortiSandbox without deploying the stack of Fortinet solutions. The implementation and integration are challenging tasks with the device and placement in the network. We needed to do POC and offloading testing."
"The reporting tools could be improved in Fortinet FortiSandbox."
"Something that needs to improve, is the end-point protection."
"Fortinet FortiSandbox should improve its performance and security accuracy to keep competitive with other solutions, such as IBM."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"The initial setup is complex. There are other solutions that are easier to implement."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"Its technical support could be better."
"The initial setup is very complex and should be simplified."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
Fortinet FortiSandbox is ranked 4th in Advanced Threat Protection (ATP) with 36 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Fortinet FortiSandbox is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Trellix Network Detection and Response, Check Point SandBlast Network, Microsoft Defender for Office 365 and Fortinet FortiEDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Fortinet FortiSandbox vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
