We performed a comparison between NetWitness XDR and SolarWinds NetFlow Traffic Analyzer based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"It has great stability."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"Microsoft Defender XDR is scalable."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"This solution allows us to locate the malware in real-time."
"The log correlation is good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"It is stable. We have been using it for some time, without any issues."
"The stability of the RSA NetWitness Endpoint is very good."
"The interface of this solution is very flexible and easy to use."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"SolarWinds has improved our organization because whenever a device is down, we get an alert."
"It is great at telling you if your devices are working and it keeps an eye on your network's overall performance."
"For managing the traffic, it provides you a response about whether the traffic is down, up, or heavy, which is a very powerful feature. It has a good response time. We have been using this solution for many years, and we don't have any problem with this solution."
"It doesn't cost too much."
"The monitoring is perfect, showing you the details for the utilization of resources and network bandwidth."
"What I like about SolarWinds NetFlow Traffic Analyzer is that it's useful for analyzing traffic. It also has an application visibility feature that lets you control applications."
"The software management tools are very useful for our customers."
"The performance analysis is a valuable feature. With the performance analyzer, we can see the realtime monitoring, the realtime performance, and historical performance on specific components like virtualization storage, CPU, servers and network equipment."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"The support could be more knowledgable to improve their offering."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The contamination feature could be improved."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The initial setup requires a high level of skill."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The solution lacks a reporting engine."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"It is very slow to pick the dynamics of the network."
"It's not a cheap product, so the pricing could be improved."
"Customer Support is quite complex."
"It does not flow. It cannot do our metric performance monitoring. So it is very limited. They can do it but in a very limited fashion. It is only good for SNMP-based alerts."
"What needs improvement in SolarWinds NetFlow Traffic Analyzer is performance because sometimes, my team struggles too much for the solution to perform correctly for a specific deployment in my organization. Having a more detailed view in SolarWinds NetFlow Traffic Analyzer is another area for improvement, but that's more part of the protocol than the actual solution."
"The pricing is expensive."
"There is room for improvement when it comes to the traffic generated by the analyzer and the analysis of that traffic."
"It is a scalable solution, but it is costly to scale. Therefore, I would rate scalability at eight out of ten."
More SolarWinds NetFlow Traffic Analyzer Pricing and Cost Advice →
NetWitness XDR is ranked 17th in Extended Detection and Response (XDR) with 15 reviews while SolarWinds NetFlow Traffic Analyzer is ranked 6th in Network Traffic Analysis (NTA) with 34 reviews. NetWitness XDR is rated 8.0, while SolarWinds NetFlow Traffic Analyzer is rated 7.6. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of SolarWinds NetFlow Traffic Analyzer writes "Displays traffic visibility and efficient traffic flows". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas SolarWinds NetFlow Traffic Analyzer is most compared with Cisco Secure Network Analytics, ManageEngine NetFlow Analyzer, Zabbix, SolarWinds NPM and Darktrace.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
