Back to ExtraHop Reveal(x) for IT Operations reviews

ExtraHop Reveal(x) for IT Operations Review

Good security detection and alerts, but we've had challenges with network visibility

Nov 08 2020

Download PDF

What is our primary use case?

Our primary use case is network security.

What is most valuable?

The most valuable features are security detections, perimeter detection, dashboards, and alerts.

What needs improvement?

We've had some struggles getting it to see everything that we want to see. Network visibility is something that needs to be improved. It was going off and not finding things that we knew we had. For example, we're pointing at a data center and instructing it to find everything. Afterwhich, it was coming back not having found half of the devices. That was a big struggle in terms of integrating with our network.

In the future, I would like to see more direct security information available.

For how long have I used the solution?

We have been working with ExtraHop for about six months.

What do I think about the stability of the solution?

The stability is really good.

What do I think about the scalability of the solution?

It is difficult to comment on scalability because we bought it for our network. We haven't added any other networks to it.

How are customer service and technical support?

The technical support is very good.

How was the initial setup?

Getting the tools installed was quite straightforward, but getting the visibility we wanted of our network through the tool took a while. I think that it was probably two months before it was complete.

What's my experience with pricing, setup cost, and licensing?

The price of this solution for our environment is about £650,000 ($855,000 USD) for three years. However, we were subsidized so we did not have to bear the full cost.

Which other solutions did I evaluate?

We did a market test for Vectra, Darktrace, and ExtraHop. ExtraHop came out with the best price, and I think that it gives us a broader view of our network.

Maybe the security information isn't quite as strong as Vectra or Darktrace, although we have to do more digging than the other tools would have required. However, we get a lot more information about other things on the network that the other tools couldn't give us.

What other advice do I have?

My advice for anybody considering this type of solution is to certainly check ExtraHop against other competitors. It's different from the other security tools. It gives you more network performance and network information, rather than just security information, which is why we chose it. We seem to get two elements for one, whereas the other tools tended not to give you the network information, some of which are very relevant to security practices.

In some ways, it can be a bit richer than other products, but it can also provide slightly less than some of the other tools. It depends on which area you're wanting to focus on.

I would rate this solution a seven out of ten.