Compare Arbor DDoS vs. RSA NetWitness Logs and Packets (RSA SIEM)

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about NETSCOUT, Cloudflare, Imperva and others in DDoS. Updated: September 2020.
441,672 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"I really love the Data Explorer. I use it all the time to go in and craft exactly what I need to see. I'm able to then take that story and explain it to the executives. I've done that a couple of times and it is helpful.""In terms of the solution’s real-time visibility across our network infrastructure, I have not been able to find any other monitoring or netflow visualization tool that gives me the kind of information I get from Kentik. If I need to take a deep-dive into something that I see, it's really easy for me to do that. Whereas with most other things, I have to use five or six other tools to get that kind of data, with Kentik, I have it all in one place.""Having the API access allows us to do a great deal of automation around a lot of our reporting and management tools.""We're also using Kentik to ingest metrics. It's a useful feature, and its response time, whenever we're pulling back the data, is higher than our on-prem solution.""I am able to do a lot of work on the visualization end to create different visualizations and different ways to get information out of it.""The drill-down into detailed views of network activity helps to quickly pinpoint locations and causes. All the information is there.""The most valuable feature is being able to pull traffic patterns; to and from destinations. We're able to understand where our traffic is going, our top talkers from an AS set, as well as where our traffic's coming from.""The most valuable features have been anything around traffic engineering: being able to determine the source or destination of a surge of traffic, whether it's DDoS-related, or a customer just happened to have a sudden uptick in traffic. Being able to tell where that's coming from or where it's going to enables us to do things based on that."

More Kentik Pros »

"We also use it by serving our customers' cloud signaling services with on-premise APS devices.""It's very flexible and we can easily deploy it to our network. It's very user-friendly. We can do everything via the web interface and troubleshoot easily from the CLI. It's not complicated.""It's just one dashboard with mitigation. You decide which mitigation you want and at what threshold to do this or that. Its operation is pretty simple. It's easy.""Arbor has a global ranking in reliability and credibility. They are very unique and can respond to a very wide scope of threats from their global deployment.""There are a number of valuable features in this product, like Cloud Signaling and Threat Intelligence feeds.""Our customers are very happy when we provide them with the interface... They can check how many attacks they have faced and how many attacks have been blocked.""Valuable features include simple and centralized management of user access and capabilities, as well as Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control.""It provides packet capture and we can block or whitelist whichever IPs we need to. Whatever traffic we want to block - and we get IPs from internal teams and from national teams - we block at the Arbor level only, because if it gets to the firewall then firewall bandwidth will be taken."

More Arbor DDoS Pros »

"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.""The most valuable feature is the correlation. It can report in real-time and monitor the management.""Their technical support responds quickly and are knowledgable.""The most valuable features are its ingestion of logs and raising of alerts based on those logs.""The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.""It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.""The most valuable features are the packet decoder, log decoder, and concentrator.""The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."

More RSA NetWitness Logs and Packets (RSA SIEM) Pros »

Cons
"I've checked out the V4 version of the interface and it's still a little bit clunky for me to use. I still go back to the old interface. That's definitely one that they still need to work on. It doesn't seem like everything that you get in the V3, the older interface, is there. For instance, I was trying to add a user or do the administrative tasks in V4, and I couldn't figure out where I was supposed to do that.""There is room for improvement around the usability of the API. It's a hugely complex task to call it and you need a lot of backing to be able to do it. I should say, as someone who's not in networking, maybe it's easier for people who are in networking, but for me that one part is not very user-friendly.""I would like to see them explore the area of cost analysis.""The only downside to Kentik, something that I don't like, is that it's great that it shows you where these anomalies lie, but it's not actionable. Kentik is valuable, don't get me wrong, but if it had an actionable piece to it...""They're moving more in a direction where they are saying, "Hey, here's information that you may be interested in or may a need," before the question has to explicitly be asked. Continuing to move in that direction would be a good thing.""We asked for a way, regarding the potential networks that exist, to hook Kentik up with external tools like peering DBs to correlate things together and see what we can do... This is all in the [next] beta now.""I believe they're already working on this, but I would love for them to create better integrations from network flow data to application performance — tracing — so that we could overlay that data more readily. With more companies going hybrid, flow logs and flow data, whether it be VPC or on-prem, matched with application performance and trace data, is pretty important."

More Kentik Cons »

"The look and feel of the management console is a little old, excessively simple. If you compare it with other solutions, the look and feel of the console is like you're using technology from five or six years ago. It doesn't show all the technology that is actually behind it. It looks like an older solution, even though it is not.""For troubleshooting problems, it's not so intuitive. It's not straightforward. This is the core of their kernel, so they need to improve it a little bit... In F5 I have full control of everything.""I think the diversity of protection is extremely limited. It must be expanded in future upgrades and versions.""Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning.""Because we had some routers that were somewhat old, they were not integrated with Arbor. They did not support the NetFlow version that Arbor was running. That was a challenge. We had to upgrade the routers. Some backward-compatibility would be helpful.""The following areas need improvement: opening and tracking support tickets, online support resources, software upgrades/updates and replacement media, and event management guidelines.""On the main page there are alerts that we are unable to clear, even though the issue has been resolved.""There is definitely room for improvement in third-party intelligence and integrations."

More Arbor DDoS Cons »

"We have encountered issues with unresolved crashes.""The implementation needs assistance.""The initial setup was complex because it takes a lot of time to complete the implementation.""I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.""The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.""They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.""Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.""The initial setup is very complex and should be simplified."

More RSA NetWitness Logs and Packets (RSA SIEM) Cons »

Pricing and Cost Advice
"We have an annual contract with Kentik that we renew each year for a set number of licenses. We also have some burstable licenses which we can spin up and spin down, and those are paid as they are used."

More Kentik Pricing and Cost Advice »

"Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general.""As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive.""Arbor's products are very expensive. Their competitors are cheap when compared with Arbor.""I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost.""Pricing is slightly on the higher side.""Arbor is striking a good balance between pricing and what they deliver."

More Arbor DDoS Pricing and Cost Advice »

"It is cheap.""The licenses are good but the cost is very expensive.""This is a pricey solution; it's not cheap.""We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.""Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day.""Our license is for one year."

More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice »

report
Use our free recommendation engine to learn which DDoS solutions are best for your needs.
441,672 professionals have used our research since 2012.
Questions from the Community
Top Answer: One of the valuable features is the intuitive nature of building out reports, and then triggering actions based on… more »
Top Answer: Without speaking directly about numbers, it's about the cost of a cross-connect, per device per month. Of course, some… more »
Top Answer: I believe they're already working on this, but I would love for them to create better integrations from network flow… more »
Top Answer: Arbor has the end to end solution for DDoS protection, while Radware needs to work with their 3rd party partners.
Top Answer: Every employee should be educated in best practice procedures, starting with basics like clever password combinations… more »
Top Answer: Go for the latest appliances. We do have plans to increase our usage of this type of solution, but now there are a lot… more »
Top Answer: Performance and reporting are very good.
Top Answer: Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends… more »
Top Answer: The user interface is a little bit difficult for new users and it needs to be improved. It takes a lot of time to… more »
Popular Comparisons
Compared 22% of the time.
Compared 9% of the time.
Compared 7% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 21% of the time.
Compared 14% of the time.
Compared 7% of the time.
Also Known As
Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENTRSA Security Analytics
Learn
Kentik
NETSCOUT
RSA
Overview

Kentik's AIOps Network Traffic Intelligence platform unifies network operations, performance, security, and business intelligence. 

With a purpose-built big data engine delivered as public or private SaaS, Kentik captures a high-resolution view of actual network traffic data and enriches it with critical application and business data, so every network event or analysis can be tied to revenue & costs, customer & user experience, performance & risk.

Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand and solve the most complex and consequential security challenges facing their organizations.

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Offer
Learn more about Kentik
Under Attack?
Invest in better cybersecurity for your business. Find out how Arbor DDoS can help protect your network from DDoS threats.
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Sample Customers
Pandora, Yelp, Neustar, Box, University of Washington, Zoom, Tata, and Cogent.  Xtel CommunicationsLos Angeles World Airports, Reply
Top Industries
REVIEWERS
Comms Service Provider43%
University14%
Computer Software Company14%
Music Company14%
VISITORS READING REVIEWS
Comms Service Provider30%
Computer Software Company26%
Government6%
Financial Services Firm5%
REVIEWERS
Comms Service Provider62%
Computer Software Company15%
Financial Services Firm8%
Security Firm8%
VISITORS READING REVIEWS
Comms Service Provider28%
Computer Software Company26%
Media Company8%
University5%
REVIEWERS
Comms Service Provider38%
Financial Services Firm25%
Computer Software Company25%
Healthcare Company13%
VISITORS READING REVIEWS
Computer Software Company42%
Comms Service Provider19%
Media Company5%
Government5%
Company Size
REVIEWERS
Small Business9%
Midsize Enterprise18%
Large Enterprise73%
REVIEWERS
Small Business33%
Midsize Enterprise17%
Large Enterprise50%
VISITORS READING REVIEWS
Small Business44%
Midsize Enterprise9%
Large Enterprise47%
REVIEWERS
Small Business21%
Midsize Enterprise14%
Large Enterprise64%
Find out what your peers are saying about NETSCOUT, Cloudflare, Imperva and others in DDoS. Updated: September 2020.
441,672 professionals have used our research since 2012.
Arbor DDoS is ranked 1st in DDoS with 14 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 10th in Security Information and Event Management (SIEM) with 13 reviews. Arbor DDoS is rated 8.4, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.2. The top reviewer of Arbor DDoS writes "With automatic flow specs we're able to drop that traffic before it even enters into our network". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Good support, powerful decoders and concentrator, but the dashboard is not reflecting events in real-time ". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Palo Alto Networks WildFire, Fortinet FortiDDoS and CenturyLink DDoS Mitigation, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with IBM QRadar, Splunk, ArcSight, LogRhythm NextGen SIEM and Palo Alto Networks WildFire.

See our list of .

We monitor all DDoS reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.