We performed a comparison between NetWitness Platform and Symantec Advanced Threat Protection based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The most valuable feature is the hunting ability to work in a CERT."
"Their technical support responds quickly and are knowledgable."
"It's quite economical compared to other solutions in the market."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The product's initial setup phase was not at all difficult."
"Currently we have 800-plus nodes connected with this solution, without any issues. The solution is scalable."
"They manage to solve detection quite nicely. There is some rather elaborate detection compared to other providers."
"Technical support has been helpful and responsive."
"It has certainly helped out our audit efforts because we each stay compliant in terms of various security standards."
"The most valuable feature is NetFlow threat protection."
"Real-time threat analysis is quick and takes action on threats immediately."
"Endpoint to network protects the line."
"The most valuable feature is Click-time URL protection."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"More customizability is required, which is something that they need to improve on."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The initial setup is complex. There are other solutions that are easier to implement."
"The log system is a bit complex and has room for improvement."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"The product's support services need improvement."
"There are some features that would add value to this product. One of them would be a graphical presentation of threats that the system has encountered."
"Scalability could be better."
"Entire threat protection is not available for the advanced features."
"The administration interface needs a lot of improvement. It should be UI based, and simple. They need to improve it. It's pretty much not that friendly compared to what we were using as Bitdefender before. It's okay but is improving, actually."
"The cloud platform needs to have improvement in terms of the user interface and the different capabilities it has available. It needs to match the other leading next-gen EDR products that are available in the market. That's the reason why we are stepping away from Symantec. Their cloud environment is just generally lacking in comparison to others."
"It's a strange situation where the infrastructure of the consumer or customer is behind some kind of firewall and they have always used some kind of customized proxy. In this situation, the ATP has a very tough time to pass the information to the cloud and back. To fix, it requires a more elaborate and complex configuration for that particular case."
"The security features need to be improved."
More Symantec Advanced Threat Protection Pricing and Cost Advice →
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Symantec Advanced Threat Protection is ranked 18th in Advanced Threat Protection (ATP) with 14 reviews. NetWitness Platform is rated 7.4, while Symantec Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Provides end-to-end antivirus protection and has good stability ". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Symantec Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Microsoft Defender for Office 365, Trellix Network Detection and Response, Check Point SandBlast Network and Fortinet FortiSandbox. See our NetWitness Platform vs. Symantec Advanced Threat Protection report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.