We performed a comparison between Cisco Secure Network Analytics and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Most valuable features are the network maps and server and network response time."
"The solution reduces the amount of time it takes to detect and remediate threats."
"The most valuable features provided by this solution are visibility and information."
"The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."
"The solution allowed us to not only get gain insight but also start collaborating with other tools."
"It's easy to set up. The deployment takes one or two days. You need to collect the data from a device and then direct it to the portal."
"The most valuable feature of this solution is the way the net flow is being merged together in a single pane. That's been extremely useful for us, because can see what's going on with traffic in one single place."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"Technical support is knowledgeable."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"It is stable. We have been using it for some time, without any issues."
"The log correlation is good."
"The interface of this solution is very flexible and easy to use."
"The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
"One area that could be improved in SNA is the integration with Cisco ISE for user and session details, which currently requires additional setup."
"It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"The initial setup is complex, as there is a lot to configure."
"I would like to see more expansion in artificial intelligence and machine learning features."
"Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk."
"We haven't seen ROI."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"Threat detection could be better."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 58 reviews while NetWitness XDR is ranked 9th in Network Detection and Response (NDR) with 15 reviews. Cisco Secure Network Analytics is rated 8.2, while NetWitness XDR is rated 8.0. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI. See our Cisco Secure Network Analytics vs. NetWitness XDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.