We performed a comparison between Vectra AI and Zscaler Cloud IPS based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"The initial setup is straightforward and easy in comparison with other solutions."
"The best feature is that Zscaler allows for a separation between cloud applications and URL filtering. For example, under the cloud application segment, I can bypass Microsoft Office 365 without the need to add URLs manually. It's one click, so that's handy."
"The initial setup process is easy."
"Cloud IPS integration is seamless, and it uses a Zero Trust model. It also simplifies overall user access management."
"The product's most valuable feature is complete SSL inspection."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"I think Vectra AI's automation, reporting, and integration could be improved."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"There is always room for improvement."
"We encounter issues sharing IP addresses with other companies using the software."
"When it comes to scalability, the IPsec could be improved."
"We recently had a significant issue with Zscaler. I think they have too many customers and some of their connection edge nodes went down because there were too many requests. I think they aren't scaling enough to keep up with the demand in some areas. That's one thing they should improve."
"They have given limited free access for a year. Instead, they should increase the file size and give limited free access for around two months. It will allow engineers to evaluate the product."
Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews while Zscaler Cloud IPS is ranked 20th in Intrusion Detection and Prevention Software (IDPS) with 5 reviews. Vectra AI is rated 8.6, while Zscaler Cloud IPS is rated 9.0. The top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". On the other hand, the top reviewer of Zscaler Cloud IPS writes "Stable product with valuable SSL inspection features ". Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight, whereas Zscaler Cloud IPS is most compared with Palo Alto Networks URL Filtering with PAN-DB, Claroty Platform, Darktrace and ExtraHop Reveal(x). See our Vectra AI vs. Zscaler Cloud IPS report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.