We performed a comparison between Netsurion and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Managed Security Services solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."
"The most valuable feature is that we get the events: the alerts about disk space and the security reports that we get once a day, including user lockouts and the like."
"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."
"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."
"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."
"If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches."
"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."
"One of the most valuable features of vRealize Log Insight is that it gives you a clear forecast about your existing machines, for example, how long your machines could be supported and how long the remaining capacity is to host your machines. This is one of the best options available within vRealize Log Insight. Another valuable feature of the solution is automation. My company deploys a lot of automation when required in a very, very short period, and in a very uniform manner, and even if the automation is being deployed for different processes and departments, it's pretty much the same across the environment, so vRealize Log Insight helps reduce a lot of ambiguities and helps my company manage operational efficiencies well."
"The solution is quite user-friendly."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"The solution's simplicity, flexibility, and extensibility are valuable features as we can integrate everything in vRealize."
"We are using it because we have a VMware product. It has its own built in dashboards for VMware products, and that's a good thing."
"It allows us to gain a comprehensive overview of our infrastructure."
"The trace log is the solution's most valuable feature. It's very helpful in troubleshooting problems."
"The system's management and its alerts are the most valuable aspects of the solution."
"I would like to see the dashboard come up more quickly."
"They have their programs and tools that you have to put into your own environment. We basically ingest all the log data and then push it out to them. I wish it was a little bit different than that where we just push directly towards them. I do not know if that is a function that they thought would be better in terms of security, but I wish that instead of doing that, it should go from the device to them and not from the device to another system and then out to them. There seem to be some drawbacks to doing that."
"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."
"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
"It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email."
"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."
"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."
"The dashboard needs to be improved because this is what I need to monitor my infrastructure."
"I think that it should be able to integrate with other third-party backup and recovery solutions, more that it does now."
"I would like to see more tutorials or at least an introduction video from the supplier, so you can become proficient and get the most out of the solution. You might not get the full benefit from a logging or reporting solution because you might not have a particular tool enabled. You could leave something out of your analysis because you aren't aware of it or you don't know how to set it up."
"The solution should be more user-friendly. The user interface and dashboard could be simplified."
"Technical support should be improved."
"Documentation is lacking, including some guide as to how to use the expressions. It is not clear how to look for a log, for example. Some examples in the documentation might be helpful. I think that VMware had good documentation, but it's no longer hosted. The documentation is not as easy to understand as it was before."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
"The tool does not provide a centralized pane for monitoring."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Netsurion is ranked 4th in Managed Security Services with 24 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. Netsurion is rated 8.4, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, Graylog and IBM Security QRadar. See our Netsurion vs. VMware Aria Operations for Logs report.
We monitor all Managed Security Services reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.