RSA NetWitness Logs and Packets (RSA SIEM) Review

Good packet inspection and automated incident response, but it needs to be more customizable


What is our primary use case?

We are using this solution for security.

What is most valuable?

The most valuable features are the packet inspection and the automated incident response.

What needs improvement?

More customizability is required, which is something that they need to improve on.

When it comes to starting a log event, there are not many options available. It is very limited.

The log and event correlation need improvement.

The threat detection capability should be enhanced.

For how long have I used the solution?

I have been using this solution for one month.

What do I think about the stability of the solution?

We are using it on a daily basis and, so far, it has been stable.

What do I think about the scalability of the solution?

We have approximately 6000 employees, which means that we have 6000 endpoints that this product is working with. It is easy to scale it up to production.

How are customer service and technical support?

We have not had to contact technical support.

Which solution did I use previously and why did I switch?

In this company, they did not use a similar solution prior to this one. Personally, I used Splunk in my previous organization. Definitely, I prefer to use Splunk because there is more functionality, visibility, and options. You can do whatever you want with Splunk.

How was the initial setup?

The initial setup is not complex, and more on the simple side. Our deployment took almost five months in total.

What about the implementation team?

We had assistance from an integrator and the vendor for our deployment.

We have administrators in the company who take care of administration and maintenance. The vendor was only needed for the implementation.

What other advice do I have?

RSA is something that I can recommend.

I would rate this solution a six out of ten.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More RSA NetWitness Logs and Packets (RSA SIEM) reviews from users
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
522,693 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest