Our primary use case is for the administration of the internal network.
RSA NetWitness Logs and Packets (RSA SIEM) Review
Detects ransomware in our internal network and offers good protection
What is our primary use case?
How has it helped my organization?
The detection of ransomware in the internal network has benefited my organization.
What is most valuable?
The protection that we get from the firewall is the most valuable aspect that we get from this solution.
What needs improvement?
I would like for them to incorporate IPS. Only the monitoring detects abnormal behavior so we'd like to see IPS.
I would like to see a dashboard include PAM so that it's a one-stop shop.
For how long have I used the solution?
Three to five years.
Which solution did I use previously and why did I switch?
We were using Splunk. We switched because it's difficult to configure and it demanded too many network resources.
How was the initial setup?
The initial setup was complex because it took a lot of time to complete the implementation. The deployment took three to six months. We require four people for maintenance.
We have eight users using this solution and plan to increase usage.
What's my experience with pricing, setup cost, and licensing?
The licenses are good but the cost is very expensive.
Which other solutions did I evaluate?
We also looked at IBM QRadar.
What other advice do I have?
I would recommend this solution to somebody considering it.
I would rate it a nine out of ten.
Which version of this solution are you currently using?
10.6.0
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 24 2019
More RSA NetWitness Logs and Packets (RSA SIEM) reviews from users...who work at a Financial Services Firm
...at Large Enterprises
...who compared it with ArcSight Enterprise Security Manager (ESM)
Learn what your peers think about RSA NetWitness Logs and Packets (RSA SIEM). Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,249 professionals have used our research since 2012.
Author
Allan Vargas
IT security specialist at a comms service provider with 201-500 employees
Real User
Top 5Highlights
Pros
Their technical support responds quickly and are knowledgable.
Cons
The initial setup was complex because it takes a lot of time to complete the implementation.
Pricing Advice
The licenses are good but the cost is very expensive.
Popular Comparisons
ArcSight Enterprise Security Manager (ESM)
LogRhythm NextGen SIEM
Cisco Stealthwatch
FireEye Network Security
Palo Alto Networks WildFire
Symantec Advanced Threat Protection
AT&T AlienVault USM
Rapid7 InsightIDR
SolarWinds Security Event Manager
Buyer's Guide
Download our free RSA NetWitness Logs and Packets (RSA SIEM) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which is the best SIEM solution for a government organization?
- What Is SIEM Used For?
- What is the difference between IT event correlation and aggregation?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which is the best SIEM tool for a mid-sized financial services firm: Arcsight or Securonix?
- What are the must-haves for a SIEM solution?
- What is the difference between SIEM and SOAR platforms?
- What is the difference between log management and SIEM?
- Are you using a SIEM platform with AWS Cloudwatch?
- What is the best SIEM tool for a large financial services firm?