We performed a comparison between NetWitness Platform and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The most valuable features are the packet inspection and the automated incident response."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"Performance and reporting are very good."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The most valuable features are the integration and ease of use."
"Very functional and good for detecting malicious traffic."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"The server appliance is good."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"It is not so easy to customize this product."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"Technical support could be improved."
"Security needs improvement."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"It is very expensive, the price could be better."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"Technical packaging could be improved."
"It is not a very secure product."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
More Trellix Network Detection and Response Pricing and Cost Advice →
NetWitness Platform is ranked 18th in Log Management with 36 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. NetWitness Platform is rated 7.4, while Trellix Network Detection and Response is rated 8.4. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and LogRhythm SIEM, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Fortinet FortiGate, Zscaler Internet Access and Symantec Advanced Threat Protection. See our NetWitness Platform vs. Trellix Network Detection and Response report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.