RSA NetWitness Logs and Packets (RSA SIEM) Review

Great wireless feature, provides many automatic rules that are very helpful

What is our primary use case?

The RSA Netwitness packet plays a major role in identifying cyber attacks from different sources. We integrated in a very large environment, deploying it in a container corporation in India. The company has around 86 locations across the country. Another use case of RSA is for running full scans and the third use case is for blocking malware and viruses. Nowadays, people hide behind encaptured networks and use proxies to look through the door. Then they'll try to come in. 

What is most valuable?

The wireless feature is good, it tells you when to check a spot, which file it has used to encrypt, whether it is spreading and how many hosts have been infected. It's about data analysis. Looking at the network logs, it's difficult to figure out where the problem is coming from and where it's going, but those kinds of features help me a lot. The solution provides lots of automatic rules which is helpful. Technically speaking, this is a good product. 

What needs improvement?

I believe they could improve their support, there are often delays. The price of the solution could be reduced, it's very costly. 

What do I think about the stability of the solution?

This is a stable product. 

What do I think about the scalability of the solution?

We're using the solution extensively in our shipping business so it is scalable. We probably have seven or eight users and the solution is in use 24/7. 

How are customer service and technical support?

Getting technical support takes time, they get a lot of calls and we generally only get a response the following day. Cisco is better with technical support. 

How was the initial setup?

The initial setup is not straightforward because of all the integrations required. It needs the aggregate data, data concentrator, defense, correlation roots, and more. 

What's my experience with pricing, setup cost, and licensing?

It would help if they could provide the malware analytics in the core package as that would make the cost more reasonable. Licensing is paid annually and I believe the cost is somewhere between 12,000 - 15,000 Pounds per year. It's very high. 

What other advice do I have?

I would recommend this solution. 

I rate this solution a nine out of 10. 

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More RSA NetWitness Logs and Packets (RSA SIEM) reviews from users
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
521,817 professionals have used our research since 2012.
Add a Comment
ITCS user