SenITCOn45IT Senior Consultant at a manufacturing company
Hubert LuberekInformation Technology Security Architect at a financial services firm
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The server appliance is good."
"The most valuable feature is the network security module."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"The most valuable features are the integration and ease of use."
"Performance and reporting are very good."
"The most valuable features are the threat prediction and network forensics."
"The most valuable feature is the security that it provides."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"Technical packaging could be improved."
"It is very expensive, the price could be better."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The initial setup is very complex and should be simplified."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"The user interface is a little bit difficult for new users and it needs to be improved."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"It is not so easy to customize this product."
"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
"When I compare this solution to its competitors in the market, I find that it is a little expensive."
"The user fee is not as high but the maintenance fee is expensive."
"It's an expensive solution."
"This is a pricey solution; it's not cheap."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"Our license is for one year."
FireEye Network Security is an advanced threat protection and breach detection platform that provides industry leading threat visibility and protection against the world’s most sophisticated and damaging attacks. By leveraging FireEye’s unique technologies and threat intelligence, FireEye Network Security detects what other security solutions miss, providing holistic security from the perimeter to the network core.
If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.
FireEye Network Security is ranked 5th in Advanced Threat Protection with 6 reviews while RSA NetWitness Logs and Packets (RSA SIEM) is ranked 3rd in Advanced Threat Protection with 10 reviews. FireEye Network Security is rated 7.8, while RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.4. The top reviewer of FireEye Network Security writes "Stable, protective, easy to set up, and has a lot of features to scan vulnerabilities". On the other hand, the top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Good support, powerful decoders and concentrator, but the dashboard is not reflecting events in real-time ". FireEye Network Security is most compared with Palo Alto Networks WildFire, Zscaler Internet Access, Cisco Stealthwatch, Check Point SandBlast Network and Zscaler Cloud Sandbox, whereas RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar, LogRhythm NextGen SIEM, RSA enVision and Arbor DDoS. See our FireEye Network Security vs. RSA NetWitness Logs and Packets (RSA SIEM) report.
See our list of best Advanced Threat Protection vendors.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.