We performed a comparison between NetWitness Platform, Palo Alto Networks WildFire, and SonicWall TZ based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"Their technical support responds quickly and are knowledgable."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"It's quite economical compared to other solutions in the market."
"My primary use case for this solution is for a secure gateway."
"I like the analysis they apply to the unknown files, and I think they have good technology to use as a sandboxing tool. I didn't find something similar to WildFire in the marketplace."
"Detailed reporting on analysis of content. The inspections are easily applied to security policy profiles and profile groups, and may be assigned on a per-rule basis."
"It has a user-friendly interface."
"It helps us when segmenting and securing the network and all sort of technologies, all sort of next generation needs. It's next generation phases of firewall like anti-virus, sandboxing, wifi, and VPN."
"Using WildFire has reduced the number of viruses and the amount of malware that comes into our system, which means that I don't have to rely on the end-users to identify it."
"The most valuable features of Palo Alto Networks WildFire are the good URL and file analysis that uses artificial intelligence. It has different interfaces, such as rest, SMTP protocol, and HTTPS. The Security incidents and event management are very good. Additionally, there are many file types that are supported and there is no limit to the number of files it can handle simultaneously. It integrates well with SIEM solutions."
"Stability is never a concern."
"I like the firewall product, the security server, and the content filter."
"I have found this solution to be easier to use when compared to other products, such as those offered by Cisco."
"It is very stable with no issues. The firewall's been up for the past 35 days non-stop. It's performed great. It has performed as it should perform."
"I find the security we are able to do with the policies to be valuable. The monitoring is valuable as well."
"SonicWall TZ is stable."
"SonicWall TZ is very user-friendly and has network MAC binding. Additionally, the firewall works well."
"User-friendly firewall solution which scales well, is stable, and has high availability."
"The features that we have found most valuable in SonicWall TZ are the intrusion and brute force attack prevention."
"We have encountered issues with unresolved crashes."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The solution should have more integration capabilities with different platforms."
"An area for improvement would be better automation and more inbuilt use cases."
"It is not so easy to customize this product."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"The cost of the solution is excessively high."
"There are some formats that the solution cannot support ."
"In the future, I would like to see more automation in the reporting."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
"They provide a medium level of technical support."
"The solution can improve its traffic management."
"As a firewall and 360 degrees of security, there needs to be more maturity."
"In terms of what I'd like to see in the next release of Palo Alto Networks WildFire, each release is based on malware that has been identified. The key problem is an average of six months from the time malware is written to the time it's discovered and a signature is created for it. The only advice that I can give is for them to shorten that timeframe. I don't know how they would do it, but if they shorten that, for example, cut it in half, they'll make themselves more famous."
"I would like to see a SonicWall integration with the DLP tool, this would be interesting. Data Loss Prevention integration."
"The log analyzer in SonicWall TZ is something that they need to improve upon."
"I currently have two of the issues from SonicWall. One issue is that the IP is not the public IP. Sometimes it moves to an alternate source and I have to refresh the new IP then we can go on."
"SonicWall TZ can improve the UI application and when you create any net policies or any new policy, it will not sync or work properly."
"The dashboard needs to be improved."
"I would like to see more integration with other platforms."
"There can be an improvement in analysis and reporting. We need enhancement on the reporting side."
"Its reporting can be improved. Currently, we cannot directly get the user names. It only shows the IP, which makes it a bit confusing because we need to use the IP to find the user. If we could directly get the name of the user, it would be better."