What is most valuable?
We heavily use the "network analysis" section to dissect and analyze flows. When analyzing past incidents, we also use analysis of application performance. The analysis of the DNS queries is also very useful for us. In sum, we very much value the ability to program the PCAP captures according to the personalized criteria.
How has it helped my organization?
When we are approached for our expertise following an incident on an SI that seems to indicate network infrastructure, the application easily allows us to highlight the black points and to generate exculpatory (or inculpatory) reports for the infrastructure, pointing to the real blocking points.
What needs improvement?
We would like to see support for the sFlow protocol in a future version.
For how long have I used the solution?
What was my experience with deployment of the solution?
We have encountered problems with the license that is connected to the hypervisor on which the virtual appliance is deployed. All of a sudden, the VM is not transportable from one hypervisor to another, which worried us and forced us to review our mode of product displacement between different sites.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
No concerns in particular. The physical machine hosting the product is sized properly for our needs.
How are customer service and technical support?
The level of customer service is satisfactory. They make a point every year to follow up with our needs and product usage. Technical Support
The support is good enough and we received quick and competent assistance during incidents that we raised.
Which solution did I use previously and why did I switch?
We have not tested similar products over the long term.
How was the initial setup?
The documentation is clear enough to permit a rapid installation and configuration. The video tutorials were appreciated.
What about the implementation team?
The implementation was only done internally.