We performed a comparison between Fortinet FortiSandbox and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FortiSandbox helps us handle unknown threats. Every vendor is competing for who can detect an unknown threat the fastest. Fortinet is competitive in the market."
"You have access to a report as to what behaviors the example file entered in the registry."
"The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well."
"The most valuable feature of the solution is that the performance it offers to users is good, making it useful for us in our company."
"Overall, it works fine. Its interface is also fine."
"The GUI makes administration tasks straightforward."
"Fortinet FortiSandbox puts suspicious files in quarantine, analyzes for virus risks, and lets them out of quarantine if it detects no risk."
"The analysis engine is a very valuable feature."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The solution is really scalable for the high-end power, enterprise customer."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"It's quite economical compared to other solutions in the market."
"The most valuable feature is the hunting ability to work in a CERT."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The newer 11.5 version that my team is using has found it to have good mapping."
"Fortinet FortiSandbox can improve by decreasing the time of analysis response. Other solutions have a better response time, such as WildFire."
"If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."
"There could be more templates and a higher number of simulated VMs to configure more use cases. Sometimes we need to configure many use cases in many different environments, and if the number of VMs that we configure is limited, we have to remove some and reconfigure the environment if we need another environment."
"Not practical for real-time web traffic analysis because users won't wait for the FortiSandbox to complete its analysis before accessing content"
"The initial setup of Fortinet FortiSandbox is complex. You cannot only deploy Fortinet FortiSandbox without deploying the stack of Fortinet solutions. The implementation and integration are challenging tasks with the device and placement in the network. We needed to do POC and offloading testing."
"Something that needs to improve, is the end-point protection."
"In the next release, I would like to see machine learning and anti-exploitation included."
"Product could include a user interface and be made simpler for customers to configure."
"The tool's integration capability isn't so great."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Its technical support could be better."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"We have encountered issues with unresolved crashes."
"The initial setup is very complex and should be simplified."
Fortinet FortiSandbox is ranked 5th in Advanced Threat Protection (ATP) with 35 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Fortinet FortiSandbox is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Trellix Network Detection and Response, Check Point SandBlast Network, Microsoft Defender for Office 365 and Fortinet FortiEDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics. See our Fortinet FortiSandbox vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
