We performed a comparison between NetWitness Platform, Palo Alto Networks WildFire, and Sophos Cyberoam UTM based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The product's initial setup phase was not at all difficult."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"It's quite economical compared to other solutions in the market."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"We have found that Palo Alto Networks WildFire is scalable. We currently have six thousand users for the product."
"Installing this product as a datacenter firewall for segregation and segmentation, and also configuring policies between zones has improved my organization."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"The solution has plenty of features."
"It is stable and pretty much scalable."
"Their technical support is outstanding and top-notch."
"It catches modified signatures of known viruses."
"Having a firewall solution with a data quota is very important when the bandwidth is limited, which really distinguishes it from other products."
"I'm more inclined towards the conventional firewall. So for me, I'm more geared towards the standard firewall type functionalities as well as the web application firewall because that seems to work fine."
"Technical support is excellent."
"Content filtering, as this enables me to control that which employees can view at different time quotas."
"The solution's web filtering is an important feature for us in our company."
"The most valuable feature is the IPSec forwarding."
"The initial setup was straightforward."
"You can geofence yourself if there is an incoming attack or a continuous ping from a company outside your country."
"An area for improvement would be better automation and more inbuilt use cases."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"The log system is a bit complex and has room for improvement."
"It is not so easy to customize this product."
"The initial setup is very complex and should be simplified."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The solution should have more integration capabilities with different platforms."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"In terms of what I'd like to see in the next release of Palo Alto Networks WildFire, each release is based on malware that has been identified. The key problem is an average of six months from the time malware is written to the time it's discovered and a signature is created for it. The only advice that I can give is for them to shorten that timeframe. I don't know how they would do it, but if they shorten that, for example, cut it in half, they'll make themselves more famous."
"The cost of the solution is excessively high."
"The cost of this solution could still be improved, in particular, giving product discounts for charitable causes."
"Any enhancements should likely be focused on the firewall appliance to further strengthen overall security capabilities, such as refining app and user identity features."
"The VPN and decryption need improvement."
"It's not really their problem, it's a problem across the board. There will always be problems with interrupted traffic. We have to set it up where we're playing a middle man game where we're stripping it out, looking at it, and then putting it back together and sending it on its way. That requires CPU cycles. And there's some overhead with that."
"The deployment model could be better."
"The GUI is better in 8.0, but I still feel it lacks the fast response most of us desire. Logs are much quicker."
"The Traffic Discovery feature should allow administrators to disconnect unnecessary live connections."
"When it comes to web filtering and application filtering, it does not contain enough signatures to determine all of the sites that need to be blocked."
"The setup is a bit complex, so we needed help from a consultant."
"It should have a better VPN client. We decided to find something different than Cyberoam because of the VPN client software. It would be nice to have a user interface not only in English but also in different languages."
"The configuration requires an expert to be set up, so it could be made simpler."
"The solution is at its end of life and some of the appliances are finishing."
"The VPN needs to be improved."
"While the security features are excellent, they could be improved."