We performed a comparison between ManageEngine Log360 and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"It has basic out-of-the-box integrations with multiple log sources."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The product is very user-friendly."
"The deployment is quite simple and pretty straightforward."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"It is easier to deploy than are other SIEMs, which is great. You can also get an overview of your environment, which is very handy."
"The solution could be improved by including XDR, remediation and Sandbox."
"We haven't had any stability issues."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"You can have all of the logs from servers to network and it gets sent out to the correct owners. This is very helpful."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"Performance and reporting are very good."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"Incident management is its most valuable feature."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"The support needs improvement."
"The integration with SharePoint and Teams should be improved."
"The matter of the data retention needs to be addressed."
"It takes a little bit of time for Log360 to actually learn your environment."
"The solution lacks some features when compared to other products."
"Most times log sheets are not assigned well."
"Their technical support should be improved."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"Security needs improvement."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"The tool's integration capability isn't so great."
"It is not so easy to customize this product."
ManageEngine Log360 is ranked 25th in Log Management with 15 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. ManageEngine Log360 is rated 7.2, while NetWitness Platform is rated 7.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Trellix Network Detection and Response. See our ManageEngine Log360 vs. NetWitness Platform report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
