Our primary use case is for the administration of the internal network.
RSA NetWitness Logs and Packets (RSA SIEM) Review
Detects ransomware in our internal network and offers good protection
What is our primary use case?
How has it helped my organization?
The detection of ransomware in the internal network has benefited my organization.
What is most valuable?
The protection that we get from the firewall is the most valuable aspect that we get from this solution.
What needs improvement?
I would like for them to incorporate IPS. Only the monitoring detects abnormal behavior so we'd like to see IPS.
I would like to see a dashboard include PAM so that it's a one-stop shop.
For how long have I used the solution?
Three to five years.
Which solution did I use previously and why did I switch?
We were using Splunk. We switched because it's difficult to configure and it demanded too many network resources.
How was the initial setup?
The initial setup was complex because it took a lot of time to complete the implementation. The deployment took three to six months. We require four people for maintenance.
We have eight users using this solution and plan to increase usage.
What's my experience with pricing, setup cost, and licensing?
The licenses are good but the cost is very expensive.
Which other solutions did I evaluate?
We also looked at IBM QRadar.
What other advice do I have?
I would recommend this solution to somebody considering it.
I would rate it a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Mar 24 2019
Author
Allan Vargas
Real User
IT security specialist at a comms service provider with 201-500 employees
TOP 10
Highlights
Pros
Their technical support responds quickly and are knowledgable.
Cons
The initial setup was complex because it takes a lot of time to complete the implementation.
Pricing Advice
The licenses are good but the cost is very expensive.