We performed a comparison between NetWitness Platform and Palo Alto Networks VM-Series based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"The most valuable features are the threat prediction and network forensics."
"NetWitness Platform is valuable for creating rules that the solution must detect."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"The most valuable feature is the security that it provides."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"With the improved visibility we now have, the traffic is being properly monitored, which means that we are better able to manage it. These are improvements that we saw very quickly."
"The solution strengthens our IT posture."
"Centralized management is valuable because it allows us to configure settings in one location and apply them across all three locations."
"It has excellent scalability."
"It allows us to see all our traffic to properly secure it and only allow what is needed through the firewall."
"In AWS, Palo Alto provides us a better view than flow logs for network traffic."
"Using Palo Alto Networks Panorama, we were able to deploy a single point of management and visualization of the firewall infrastructure in cloud, on-premise and integrated with Azure to automate scale up. Its security features, i.e. anti-malware, threat prevention, URL Filtering, VPN, and antivirus are the most valuable. The ID-User integrated with AD and 2FA features are also very useful to provide secure access to servers and some users in the company. "
"It is reliable and the support is very good."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"The user interface is a little bit difficult for new users and it needs to be improved."
"The solution should have more integration capabilities with different platforms."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"It would be good if the common features work consistently in physical and virtual environments. There was an integration issue in the virtual deployment where it didn't report the interface counters, and we had to upgrade to the latest version, whereas the same thing has been working in the physical deployment for ages now. It seems that it was because of Azure. We were using VMware before, and we didn't have any such issues. We do see such small issues where we expect things to work, but they don't because of some incompatibilities. There also seems to be a limitation on how to do high availability in a virtualized environment. All features should be consistently available in physical and virtual environments. It is not always easy to integrate Palo Alto in the network management system. We would like to be able to compare two network management systems. They can maybe allow monitoring an interface through the GUI to create a reference or do a baseline check about whether your network monitoring system is actually giving you the correct traffic figures. You need traffic figures to be able to recognize the trends and plan the capacity."
"There are some delays that I have observed when my company communicates with Palo Alto's support engineers."
"The command-line interface is something that some people struggle with and I think that they should have an option to go straight to the GUI."
"There's room for improvement in terms of integration with the load balancer. It isn't like Fortinet, which has a load balancer built into its firewall. It is effortless to integrate within the load balancer-plus-firewall solution."
"It can definitely improve on the performance."
"The interface is all Java-based. I would prefer an HTML5 interface."
"The one issue that I didn't like is that the SNMP integration with interfaces didn't record the interface counters."
"Palo Alto Networks VM-Series is a complex product to work with."
NetWitness Platform is ranked 20th in Log Management with 36 reviews while Palo Alto Networks VM-Series is ranked 10th in Firewalls with 52 reviews. NetWitness Platform is rated 7.4, while Palo Alto Networks VM-Series is rated 8.6. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of Palo Alto Networks VM-Series writes "Many features are optimized for troubleshooting real-time scenarios, saving a lot of time". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas Palo Alto Networks VM-Series is most compared with Azure Firewall, Fortinet FortiGate-VM, Fortinet FortiGate, Cisco Secure Firewall and Palo Alto Networks NG Firewalls. See our NetWitness Platform vs. Palo Alto Networks VM-Series report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.