Compare FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM)

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: July 2020.
431,670 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The most valuable feature is MVX, which tests all of the files that have been received in an email.If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money.Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams.The most valuable feature is the view into the application.Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.

More FireEye Network Security Pros »

What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.The most valuable feature is the security that it provides.The most valuable features are the threat prediction and network forensics.Performance and reporting are very good.The most valuable features are the integration and ease of use.The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.The most valuable features are the packet decoder, log decoder, and concentrator.It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.

More RSA NetWitness Logs and Packets (RSA SIEM) Pros »

Cons
It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto.It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment.As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web).Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard.A better depth of view, being able to see deeper into the management process, is what I'd like to see.Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier.I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports.The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.

More FireEye Network Security Cons »

Security needs improvement.It is not so easy to customize this product.Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support.The user interface is a little bit difficult for new users and it needs to be improved.The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly.The initial setup is very complex and should be simplified.Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.

More RSA NetWitness Logs and Packets (RSA SIEM) Cons »

Pricing and Cost Advice
When I compare this solution to its competitors in the market, I find that it is a little expensive.FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market.We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold.There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product.The pricing is a little high.Pricing and licensing are reasonable compared to competitors.

More FireEye Network Security Pricing and Cost Advice »

Our license is for one year.Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day.We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
431,670 professionals have used our research since 2012.
Ranking
Views
7,953
Comparisons
5,587
Reviews
11
Average Words per Review
384
Avg. Rating
7.7
Views
6,881
Comparisons
4,539
Reviews
12
Average Words per Review
466
Avg. Rating
7.1
Popular Comparisons
Also Known As
FireEyeRSA Security Analytics
Learn
FireEye
RSA
Overview

FireEye Network Security is an advanced threat protection and breach detection platform that provides industry leading threat visibility and protection against the world’s most sophisticated and damaging attacks. By leveraging FireEye’s unique technologies and threat intelligence, FireEye Network Security detects what other security solutions miss, providing holistic security from the perimeter to the network core.

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Offer
Learn more about FireEye Network Security
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Sample Customers
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave SystemsLos Angeles World Airports, Reply
Top Industries
REVIEWERS
Financial Services Firm33%
Manufacturing Company17%
University17%
Comms Service Provider8%
VISITORS READING REVIEWS
Computer Software Company33%
Comms Service Provider11%
Media Company8%
Financial Services Firm7%
REVIEWERS
Comms Service Provider29%
Financial Services Firm29%
Computer Software Company29%
Healthcare Company14%
VISITORS READING REVIEWS
Computer Software Company45%
Comms Service Provider13%
Government6%
Media Company6%
Find out what your peers are saying about FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: July 2020.
431,670 professionals have used our research since 2012.
FireEye Network Security is ranked 3rd in Advanced Threat Protection with 12 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 4th in Advanced Threat Protection with 13 reviews. FireEye Network Security is rated 7.8, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.2. The top reviewer of FireEye Network Security writes "It has significantly decreased our mean time in being able to identify and detect malicious threats". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Good support, powerful decoders and concentrator, but the dashboard is not reflecting events in real-time ". FireEye Network Security is most compared with Palo Alto Networks WildFire, Cisco Stealthwatch, Symantec Advanced Threat Protection, Zscaler Internet Access and SafeBreach, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with IBM QRadar, Splunk, ArcSight, LogRhythm NextGen SIEM and Palo Alto Networks WildFire. See our FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) report.

See our list of best Advanced Threat Protection vendors.

We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.