We performed a comparison between NetWitness Platform and Proofpoint Email Protection based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The most valuable features are the packet decoder, log decoder, and concentrator."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"The most valuable feature is the hunting ability to work in a CERT."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The initial implementation is pretty easy to handle."
"It is a very scalable solution."
"Proofpoint Email Protection's advantage is that, when it's working properly, it tends to catch more threats as compared to other products."
"The solution offers very good flexibility. You can blacklist or whitelist with ease."
"The stability is very good."
"Provides better control over emails, especially those sent via Office 365 on the cloud."
"URL scanning and online relay service are the most valuable features of Proofpoint Email Protection."
"I like all the features with Proofpoint, such as how it filters the spam and marketing mail, lost reality mail, blocks phishing attacks, blocks malicious attachments, and stops phishing links. Also it can defend against the business email compromise impersonation technique. It is a complete solution for all email attacks. It filters for the bad, malicious attachments. If there is any executable file, it can be deleted. It is a good, complete solution."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"Its technical support could be better."
"Technical support could be improved."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The tool's integration capability isn't so great."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"Proofpoint has a lot of false alarms."
"We'd like to have the ability to create more customized reports."
"Proofpoint Email Protection has a new approach to email security with its API feature. Currently, it only works with Office 365. In the future, it would be beneficial if it also works with Gmail, as Check Point is currently the only brand that has API email security for Gmail. It would be beneficial if Proofpoint Email Protection could add this integration, they would be more competitive with other vendors."
"Integration for reporting needs to be improved, it's too complex."
"The largest complaint that we hear from our customers is that there is no local support."
"Some use cases haven't been dealt with yet."
"The false positives are an issue."
"The incident reporting on offer needs to be improved. It's lacking right now. It should be on the platform somewhere."
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Proofpoint Email Protection is ranked 1st in Secure Email Gateway (SEG) with 44 reviews. NetWitness Platform is rated 7.4, while Proofpoint Email Protection is rated 8.4. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Proofpoint Email Protection writes "A reasonably priced product that offers protection to emails, along with spam filters". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Proofpoint Email Protection is most compared with Microsoft Defender for Office 365, Microsoft Exchange Online Protection (EOP), Palo Alto Networks WildFire, Cisco Secure Email and Fortinet FortiMail.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.