We performed a comparison between Arista NDR and Auvik Network Management (ANM) based on real PeerSpot user reviews.
Find out in this report how the two Network Traffic Analysis (NTA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Other solutions will say, "Hey, this device is doing something weird." But they don't aggregate that data point with other data points. With Awake you have what's called a "fact pattern." For example, if there's a smart toaster on the third floor that is beaconing out to an IP address in North Korea, sure that's bizarre. But if that toaster was made in North Korea it's not bizarre. Taking those two data points together, and automating something using machine-learning is something that no other solution is doing right now."
"This solution help us monitor devices used on our network by insiders, contractors, partners, or suppliers. Its correlation and identification of specific endpoints is very good, especially since we have a large, virtualized environment. It discerns this fairly well. Some of the issues that we have had with other tools is we sometimes are not able to tell the difference between users on some of those virtualized instances."
"We appreciate the value of the AML (structured query language). We receive security intel feeds for a specific type of malware or ransomware. AML queries looking for the activity is applied in almost real-time. Ultimately, this determines if the activity was not observed on the network."
"Arista NDR's scalability is very good, making it easy to add more hardware components. You can order additional hardware and integrate it by stacking it with the existing setup. This feature cannot be seen in other NDR tools."
"It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now."
"The interface itself is clean and easy to use, yet customizable. I like that I can create my own dashboards fairly easily so that I can see what is important to me. Also, the query language is pretty easy to use. I haven't needed to use it a ton, but as I need to go in and do different queries based on their requests, it has been fairly simple to use."
"The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that."
"The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'"
"In my experience as an MSP, Auvik stood out for its ease of deployment."
"Auvik has a dynamic mapping feature. Once you get things loaded, it will show you how everything is connected. It also shows the alerts on that map, making it a very quick and human-readable way to dig into it. Overall, that visualization is really nice, especially the dynamic facet."
"The network mapping is an excellent feature, as each device is represented by a different shape or object, which is great for helping us, our staff in training, and our customers understand how the network is structured. Seeing the bigger picture helps immensely, as we provide remote support; we're not boots on the ground."
"The most valuable features of Auvik are the alerting and monitoring. Those functions mean it easily more than pays for itself. I have it integrated with Slack with multiple channels set up for our IT office. When just about any part goes down that I have assigned in the alerting portion, it will let the right people know within minutes."
"The mapping is excellent as it allows us to see where elements connect and got us out of a few binds. I accidentally wiped the configuration of three Meraki 48-Port Switches, and we could see each of the VLANs and their configurations using the solution. We utilized Auvik to see how individual ports were configured, which allowed us to get back up with much less effort than if we hadn't had Auvik."
"The configuration management is the most valuable feature. I worked at an MSP before where they didn't have something collecting network device configurations. It was basically up to the technician who did it last, and you never knew if they saved a copy or not. Auvik makes that a lot more automated so we don't have to worry, if a device dies, that we don't know how it was configured."
"I don't worry about the scalability of the solution because it is quite a broad, scalable, modern platform."
"One of the best things about Auvik, and it's why it's one of my go-to products, are the remote access capabilities. Without a VPN and without any other way in, I'm able to get in and work on and troubleshoot my devices through the remote access console. It has multiple options for that and has been very useful and a huge time-saver. That's one of the killer features. It's one of my must-haves and that's why I like it so much."
"The one thing that the Awake platform lacks is the ability to automate the ingestion of IOCs rather than having to import CSV files or JSON files manually."
"I would like to see a bit more in terms of encrypted traffic. With the advent of programs that live off the land, a smart attacker is going to leverage encryption to execute their operation. So I would like to see improvements there, where possible. Currently, we're not going to be decrypting encrypted traffic. What other approaches could be used?"
"When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way."
"While the appliance is very good, and I think they're working on it, it would probably help if they integrated the management team cases into the appliance so that everything we are working on with them would be accessible on our platform, on the dashboard, on the portal. Right now, Awake is just an additional team that uses the appliance that we use and then we communicate with them directly. Communication isn't through the portal."
"One thing I would like to see is a little bit more education or experience on AWS cloud for their managed services team. We've explained how we have the information set up, that the traffic coming in goes to the AWS load balancer and then gets sent on to our internal servers... but when I get notices they always tell me this traffic is coming from the IPs belonging to the load balancers, not the source IPs. So a little bit more education for their team about how AWS manages the traffic might help out."
"I would like to see the capability to import what's known as STIX/TAXII in an IOC format. It currently doesn't offer this."
"One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far."
"They've been focused on really developing their data science, their ability to detect, but over time, they need to be able to tie into other systems because other systems might detect something that they don't."
"I requested that Auvik implement an alarm system to notify me immediately of any disruptions or anomalies."
"The one thing that I need more help with is the networking of virtualization hosts. I need more information on those hosts and which virtual networks are attached to what, the virtual switches that are in there, and how they function. None of that exists currently."
"I would like to see Auvik have some more documentation with a typical CM solution like Splunk. I want to see more examples of things like configuring port forwarding for firewalls. In addition to collecting data from different types of appliances, I would like to customize more of the metrics for each appliance."
"I'd like to be able to deep dive more into the reporting. The reporting is still being scaled and built out and I would love to see some additional products being added to the stack. For example, Auvik covers certain types of firewalls, but I would like to see more enterprise stuff added to the stack."
"The user interface is not intuitive."
"Integrating some LLM/AI capabilities into the product that would enable us to use natural language to query the tool and get sensible answers back would be great."
"We have a few other networking tools. Some of them are specifically for managing Wi-Fi. They have some great features where they give specific recommendations based on the network traffic they're seeing and based on other customers that have had similar issues, or even just by looking at your own data that they're gathering. They give AI-based recommendations on how to improve the network. Auvik could have something like that. It gives us excellent visibility into the network, but if there is a way to include some remediation tips that are digestible by level-one and level-two techs, that would be great."
"They can definitely build more alerts."
More Auvik Network Management (ANM) Pricing and Cost Advice →
Arista NDR is ranked 8th in Network Traffic Analysis (NTA) with 14 reviews while Auvik Network Management (ANM) is ranked 3rd in Network Traffic Analysis (NTA) with 139 reviews. Arista NDR is rated 9.0, while Auvik Network Management (ANM) is rated 8.8. The top reviewer of Arista NDR writes "Gives us network layer visibility into things that may not be covered by other monitoring tools, such as shadow IT". On the other hand, the top reviewer of Auvik Network Management (ANM) writes "Enables us to get on top of issues before they become an outage". Arista NDR is most compared with Palo Alto Networks Advanced Threat Prevention, Vectra AI, Trend Micro Deep Discovery, Cisco Secure Network Analytics and Forcepoint Next Generation Firewall, whereas Auvik Network Management (ANM) is most compared with PRTG Network Monitor, LogicMonitor, SolarWinds NPM, Zabbix and Meraki Dashboard. See our Arista NDR vs. Auvik Network Management (ANM) report.
See our list of best Network Traffic Analysis (NTA) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
