We performed a comparison between Fortinet FortiSandbox and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FortiSandbox analyzes the behavior of processes in a sandbox environment, which is useful for threat hunting. The solution has an excellent standard configuration, and you can prioritize the types of files of VMs you want to analyze. It also integrates seamlessly with other Fortinet solutions, like FortiGate, FortiMail, and FortiEMS."
"The technical support is very good."
"The solution has the highest stability...The solution's setup is not complex as they are already included in Fortinet."
"The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well."
"It is an easily scalable solution."
"Fortinet FortiSandbox puts suspicious files in quarantine, analyzes for virus risks, and lets them out of quarantine if it detects no risk."
"Fortinet FortiSandbox is faster than other sandbox solutions."
"Fortinet FortiSandbox's most valuable feature is the security it provides against threats, such as ransomware. Additionally, it integrates well with APIs."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The most valuable features are the packet inspection and the automated incident response."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."
"The initial setup is not too complex but could be easier."
"The reporting tools could be improved in Fortinet FortiSandbox."
"At least once a week we have a false alarm. This needs to be adjusted so that we get fewer of these occurrences."
"Fortinet FortiSandbox should improve its performance and security accuracy to keep competitive with other solutions, such as IBM."
"The integration is limited. The solution needs to offer better integration with multiple vendors."
"For additional features, maybe a form of execution pain files in a non-virtual environment because it has threats that identify when it is being run in a virtual machine."
"Not practical for real-time web traffic analysis because users won't wait for the FortiSandbox to complete its analysis before accessing content"
"Security needs improvement."
"Health monitoring of the event sources and devices."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The implementation needs assistance."
Fortinet FortiSandbox is ranked 5th in Advanced Threat Protection (ATP) with 36 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. Fortinet FortiSandbox is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Trellix Network Detection and Response, Check Point SandBlast Network, Microsoft Defender for Office 365 and Fortinet FortiEDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Fortinet FortiSandbox vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.