Compare FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM)

FireEye Network Security is ranked 4th in Advanced Threat Protection with 13 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 9th in Advanced Threat Protection with 6 reviews. FireEye Network Security is rated 7.6, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 6.6. The top reviewer of FireEye Network Security writes "It has significantly decreased our mean time in being able to identify and detect malicious threats". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Provides accurate information, quick analysis from the endpoint perspective, and quick identification of any potential malware". FireEye Network Security is most compared with Palo Alto Networks WildFire, Cisco Stealthwatch and Symantec Advanced Threat Protection, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight. See our FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Hubert Luberek
Find out what your peers are saying about FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: November 2019.
378,570 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money.Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams.The most valuable feature is the view into the application.Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.

Read more »

It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.

Read more »

Cons
It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment.As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web).Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard.A better depth of view, being able to see deeper into the management process, is what I'd like to see.Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier.I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports.The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning.

Read more »

They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.We have encountered issues with unresolved crashes.

Read more »

Pricing and Cost Advice
When I compare this solution to its competitors in the market, I find that it is a little expensive.FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market.We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing.Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold.There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product.The pricing is a little high.Pricing and licensing are reasonable compared to competitors.

Read more »

We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
378,570 professionals have used our research since 2012.
Ranking
Views
10,239
Comparisons
7,353
Reviews
11
Average Words per Review
364
Avg. Rating
7.6
Views
6,574
Comparisons
4,375
Reviews
6
Average Words per Review
392
Avg. Rating
6.5
Top Comparisons
Also Known As
FireEyeRSA Security Analytics
Learn
FireEye
RSA
Overview

FireEye Network Security is an advanced threat protection and breach detection platform that provides industry leading threat visibility and protection against the world’s most sophisticated and damaging attacks. By leveraging FireEye’s unique technologies and threat intelligence, FireEye Network Security detects what other security solutions miss, providing holistic security from the perimeter to the network core.

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Offer
Learn more about FireEye Network Security
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Sample Customers
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave SystemsLos Angeles World Airports, Reply
Top Industries
REVIEWERS
Financial Services Firm36%
University18%
Manufacturing Company18%
Healthcare Company9%
VISITORS READING REVIEWS
Software R&D Company32%
Financial Services Firm18%
Comms Service Provider9%
Media Company8%
VISITORS READING REVIEWS
Software R&D Company31%
Comms Service Provider16%
Financial Services Firm13%
Energy/Utilities Company7%
Find out what your peers are saying about FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) and other solutions. Updated: November 2019.
378,570 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email