We performed a comparison between NetWitness Platform, Palo Alto Networks WildFire, and Zscaler Internet Access based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The newer 11.5 version that my team is using has found it to have good mapping."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"Offers a good wireless feature."
"The product's initial setup phase was not at all difficult."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"Their technical support responds quickly and are knowledgable."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The most valuable feature is the improved security that it offers."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"We get support in the free version."
"The graphic user interface of Palo Alto is good and it's easy to configure."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"The solution is completely integrated with all the other Palo Alto products. I think that it is the best part for endpoint protection. The firewall features include URL and DNS filtering, threat protection, and antivirus."
"Remote access is excellent."
"The way that the solution quickly updates to adjust to threats is the solution's most valuable aspect. When there's a security attack, within five minutes, all Wildfire subscribers have access to updates so that all systems will be safe. Its threat prevention is way better than other vendor products."
"The most valuable feature of Zscaler Internet Access is that it is a consolidated solution, it comes with many features, such as DLP."
"After a proper implementation, the maintenance is very low."
"Zscaler Web Security protects our users in remote locations from internet threats - even if they are not connected to our network."
"The VPN is valuable, as the whole technology is very different from a traditional VPN."
"Whether you are in a hotel somewhere, or in Africa, it does not matter. You will get the Zscaler protection presence anywhere."
"The most valuable features I found in Zscaler Internet Access are the restriction of users for a particular URL, the security feature related to stopping DDoS, and the VPN."
"All internet access flows through the Zscaler proxy, regardless of whether people are in office or remote. I have greater control site access and I minimize the number of compromises that we experience to almost none."
"The solution is stable."
"An area for improvement would be better automation and more inbuilt use cases."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"It is not so easy to customize this product."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"The cyber security visibility and forensics features to receive more information about incidents could improve in Palo Alto Networks WildFire."
"I don't think it needs to improve anything, except maybe the speed to deploy the changes."
"The threat intelligence that we receiving in the reporting was not as expected. We were expecting more. Additionally, we should be able to whitelist a specific file based on a variety of attributes."
"The cost of this solution could still be improved, in particular, giving product discounts for charitable causes."
"In the future, Palo Alto could reduce the time it takes to process the file."
"The size of Palo Alto's cloud is big but it could be easier to use from a product management perspective."
"The only complaint that we receive from our customers is in regards to the price."
"There are certain changes that I was expecting in the previous version, and I hope that they are soon fixed. All of the problems that I have faced so far have been resolved."
"They block Zscaler IPs when the traffic origin is from Zscaler IPs. They've been blocked by certain government organizations so the end users are not able to visit those websites unless we ask them to unblock those IP. This is a bit problematic."
"The price of the solution could be improved."
"One thing that they could improve is the ability to import rules from other platforms."
"The solution can be improved by advancing some of the newer technologies such as the DLP feature, and adding email security."
"In terms of usage, here in the GCC, it's still growing a growing market, so the combination of DLP, data leak prevention, to a certain extent is fine. But what it requires is user-based access or role-based access. The solution needs to grow into that, which definitely takes time. There's not an easy way to integrate it, when you have a cloud-based solution."
"I would like to see the ability to choose a pool of IPs for my company, set up rules based on them, and know that those IPs are not used by other companies."
"We'd like for them to include some sort of antivirus tool."
"Cloud App’s database should be improved."