What is most valuable?
It gives us a clear initial and secondary view of what's happening on our network to determine its health. We can see what's coming in and going out and to be able to directly management that. If there's something that needs to be quarantined, it will alert us and mark it as a threat.
What needs improvement?
The reporting could be improved. Also, it needs more analytics to see what's going on as we like to do trends.
For how long have I used the solution?
We've been using for over seven years since the beginning of the SOC.
What was my experience with deployment of the solution?
We've had no issues with deployment.
What do I think about the stability of the solution?
It's been very stable. We've had no issues with stability.
What do I think about the scalability of the solution?
We probably have 172,000 users in our department, so I would say that it's scalable. It's in the SOC. We'll probably need to scale it further as we expand it to our 20 other departments.
How are customer service and technical support?
I've never had to use technical support.
Which solution did I use previously and why did I switch?
We also use FireEye, NetWitness, Blue Coat, and a few others I can't remember.
How was the initial setup?
I joined the department when it was all setup already.
What other advice do I have?